Which Encryption Method Can Support a 448-bit Encryption Key and Its Derivative Nearly Became AES?

Bruce Schneier is a legend in Cybersecurity… possibly one of the most influential people in the industry. He mainly writes books and…

Twofish was a contender for the NIST AES competition

Which Encryption Method Can Support a 448-bit Encryption Key and Its Derivative Nearly Became AES? Blowfish

Bruce Schneier is a legend in Cybersecurity… possibly one of the most influential people in the industry. He mainly writes books and lectures these days, but at one time he created symmetric key encryption methods. The most famous of these is the Blowfish method. Like DES and 3DES, it uses a 64-bit block size (8 bytes), but unlike DES, it is unpatented [1]:

Overall it uses 16 Feistel-like iterations, and where the data input from the 64-bit block is split into two 32-bit words. An important strength of the method is that it can support key sizes up to 448 bits (56 bytes):

The Feistel cipher applies a symmetric key infrastructure and was named after Horst Feistel (IBM). It uses essentially the same encryption and decryption process, and where the key application is just reversed. The basic structure is given below and where we split the input data into blocks. Each block is then split into two (left and right). Each round is then:

The function applied (F) does not have to be reversible, which is unlike the case for AES. Also, in AES, we have an inverse function between the encryption and the decryption process, while a Feistel network just applies the key in the reverse order.

When NIST had their competition for AES, Bruce and others submitted the Twofish method. It used a 128-bit block size (as with AES) [2]:

Unfortunately, it was beaten by the Rindale method, and finished ahead of RC6 (Ron Rivest [4]) and MARS, while behind Rijndael and Serpent (Ross Anderson):

While Twofish did well for security, it possibly did too well and struggled against Rijndael for performance.

Coding

The coding is [here]:

import os
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.primitives import padding
import sys

message="Hello"
associated_data=b"Hello"
tag=b"0123456789ABCDEF"
keysize=32
iv = os.urandom(8)
mode=0

if (len(sys.argv)>1):
 message=str(sys.argv[1])
if (len(sys.argv)>2):
 mode=int(sys.argv[2])
if (len(sys.argv)>3):
 keysize=int(sys.argv[3])

if (mode==1): keysize=32

key = os.urandom(keysize)

padder = padding.PKCS7(64).padder()

unpadder = padding.PKCS7(64).unpadder()

cipher=None


if (mode==0): 
 cipher = Cipher(algorithms.Blowfish(key), modes.CBC(iv))
if (mode==1): 
 cipher = Cipher(algorithms.Blowfish(key), modes.OFB(iv))
if (mode==2): 
 cipher = Cipher(algorithms.Blowfish(key), modes.CFB(iv))
if (mode==3): 
 cipher = Cipher(algorithms.Blowfish(key), modes.ECB())


encryptor = cipher.encryptor()

str=padder.update(message.encode())+padder.finalize()



ciphertext = encryptor.update(str ) + encryptor.finalize()

# Now decrypt

decryptor = cipher.decryptor()


rtn=unpadder.update(decryptor.update(ciphertext) + decryptor.finalize())+unpadder.finalize() 

print("Type:\t\t\t",cipher.algorithm.name)
print("Mode:\t\t\t",cipher.mode.name)
print("Message:\t\t",message)
print("Message with padding:\t",str)
print("\nKey:\t\t\t",key.hex())
if (mode!=3): print("IV:\t\t\t",iv.hex())
print("\nCipher:\t\t\t",ciphertext.hex())
print("Decrypt:\t\t",rtn.decode())

and a sample run [here]:

Type:    Blowfish
Mode:    CBC
Message:   Hello 123
Message with padding:  b'Hello 123\x07\x07\x07\x07\x07\x07\x07'

Key:    8b1d5f8cef9a263e6b670572d9d7d57a62d02fcc8c5c9a2d7975cf3a2f8e7bab
IV:    fa65fc7e7ac0238e

Cipher:    f269ef106c35316fb74d9740e03ed857
Decrypt:   Hello 123

Conclusions

And, so Ross Anderson’s Serpent method was pipped at the post for AES, and so was Bruce’s method. The winner was the superflexiable Rijndael method. And the rest is history.

References

[1] Schneier, B. (1993, December). Description of a new variable-length key, 64-bit block cipher (Blowfish). In International Workshop on Fast Software Encryption (pp. 191–204). Berlin, Heidelberg: Springer Berlin Heidelberg.

[2] Schneier, B., Kelsey, J., Whiting, D., Wagner, D., Hall, C., & Ferguson, N. (1998). Twofish: A 128-bit block cipher. NIST AES Proposal, 15(1), 23–91.

[3] Anderson, R., Biham, E., & Knudsen, L. (1998). Serpent: A proposal for the advanced encryption standard. NIST AES Proposal, 174, 1–23.

[4] Rivest, R. L., Robshaw, M. J., Yin, Y. L., & Alto, P. (2000, April). RC6 as the AES. In AES Candidate Conference (pp. 337–342).

[5] Burnwick, C., & Coppersmith, D. (1999). The MARS encryption algorithm. IBM, August, 27.