88

CHAPTER 4

BLOWFISH ALGORITHM WITH MODIFIED F

FUNCTION

4.1 INTRODUCTION

The Feistel network is found to be one of the more secured networks

in cryptography. The Feistel structure has the advantage that encryption
and decryption operations are very similar, even identical in some cases,
requiring only a reversal of the key schedule. Since the functioning of the
Feistel network is known to everyone and when any cipher text is intercepted
it can be decrypted. So in order to make the Feistel network quite complicated
the modified Feistel network was introduced in the work by combining the
genetic algorithm and mutation concepts. This modified Feistel network will
improve the quality of encryption without compromising the level of
encryption. The operation of the blowfish algorithm and the Feistel network
operation are explained in the chapter and the proposed algorithm with
modified Feistel network is implemented and executed. The results shows that
for the proposed method the algorithm doesn‘t used much resources than the
classical method and gives better quality of cipher text than the existing
method.

4.1.1 The Blowfish Block Cipher

Blowfish is a block cipher, (Bruce Schneier 1994) iterating a

simple encryption function 16 times. The block size is 64 bits, and the key
can be any length up to 448 bits. Although there is a complex initialization
phase required before any encryption can take place, the actual encryption of
 89

data is very efficient on large microprocessors. Blowfish has 16 rounds. Each

round consists of a key-dependent permutation, and a key- and data-
dependent substitution. All operations are XORs and addition on 32-bit
words. The only additional operations are four indexed array data lookups per
round. The algorithm consists of two parts: a key-expansion part and a data-
encryption part. Key expansion converts a variable-length key of at most 448
bits into several sub key arrays totaling 4168 bytes.

4.1.1.1 Key-expansion Process

Blowfish uses a large number of sub keys. These keys must be

recomputed before any data encryption or decryption.

4.1.1.2 Sub keys

(1) The P-array consists of 18 32-bit sub keys:

P1, P2… P18.
(2) There are four 32-bit S-boxes with 256 entries each:
S1, 0, S1, 1… S1, 255;
S2, 0, S2, 1… S2, 255;
S3, 0, S3, 1… S3, 255;
S4, 0, S4, 1… S4, 255;

4.1.1.3 Generating the sub keys

The sub keys are calculated using the Blowfish algorithm

(Schneier, 1995). The exact method is as follows:

(1) Initialize first the P-array and then the four S-boxes, in order, with a
fixed string. This string consists of the hexadecimal digits of pi
(less the initial3).
 90

For example:
P1 = 0x243f6a88
P2 = 0x85a308d3
P3 = 0x13198a2e
P4 = 0x03707344

(2) XOR P1 with the first 32-bits of the key, XOR P2 with the second
32-bits of the key, and so on for all bits of the key (possibly up to
P14). Repeatedly cycle through the key bits until the entire P-array
has been XORed with key bits. (For every short key, there is at
least one equivalent longer key;
For example:

If A is a 64-bit key, then AA, AAA, etc., are equivalent keys.)

(3) Encrypt the all-zero string with the Blowfish algorithm, using
the sub keys described in steps (1) and (2).
(4) Replace P1 and P2 with the output of step (3).
(5) Encrypt the output of step (3) using the Blowfish algorithm with
the modified sub keys.
(6) Replace P3 and P4 with the output of step (5).
(7) Continue the process, replacing all entries of the P-array, and
then all four S-boxes in order, with the output of the
continuously-changing Blowfish Algorithm.

In total, 521 iterations are required to generate all required sub

keys. Applications can store the sub keys rather than execute this derivation
process multiple times.
 91

4.2 DATA ENCRYPTION / DECRYPTION PROCESS

The process of encryption and decryption in blowfish algorithm

is simple and interesting. This process can be explained in steps in the
following sections.

4.2.1 Encryption Process

Blowfish is a Feistel network (Bruce Schneier 1994) consisting of

16 rounds. Figure 4.1 shows the blowfish encryption algorithm. The input is
a 64-bit data element, X. The steps of encryption are as follows:

Divide X into two 32-bit halves: XL, XR

For i = 1 to 16:
XL = XL XOR Pi
XR = F (XL) XOR XR
Swap XL and XR
Swap XL and XR (Undo the last swap)
XR = XR XOR P17
XL = XL XOR P18
Recombine XL and XR
Function F (Refer Figure. 4.3):
Divide XL into four eight-bit quarters: a, b, c, and d
F (XL) = ((S1,a + S2,b mod 232) XOR S3,c) + S4,d mod 232
 92

Figure 4.1 Blowfish Encryption Algorithm

4.2.2 Decryption Process

Decryption is exactly the same as encryption, except that P1, P2…

P18 are use in the reverse order. The steps of decryption are as follows:

Divide X into two 32-bit halves: XL, XR

For i =18 down to 3:
XL = XL XOR Pi
XR = F (XL) XOR XR
Swap XL and XR
Swap XL and XR (Undo the last swap)
XR = XR XOR P2
 93

XR = XR XOR P2
XL = XL XOR P1
Recombine XL and XR

Figure 4.2 Blowfish Decryption Algorithm

4.3 THE F FUNCTION

The F function is the most important component of the Blowfish

cipher. It accomplishes the byte wise substitution using key-dependant
substitution boxes. We can combine addition modulo 2 and addition modulo
232 designed above to implement the F function as Figure 4.4. This
implementation will use about (33 x 2) + 32 = 98 LEs.
 94

F ( ) = (((S0 + S1) modulo 232) XOR S2) + S3 modulo 232

Figure 4.3 The F function

Figure 4.4 Basic F – Function in Feistel Network

4.4 POSSIBLE SIMPLIFICATIONS

Blowfish have several possible simplifications, (Bruce Schneier,

1998) aimed at decreasing memory requirements and execution time. These
are outlined below:
 95

i. Fewer and smaller S-boxes. It may be possible to reduce the

number of S boxes from four to one. Additionally, it may be
possible to overlap entries in a single S-box: entry 0 would
consist of bytes 0 through 3, entry 1 would consist of bytes1
through 4, etc. The former simplification would reduce the
memory requirements for the four S-boxes from 4096 bytes to
1024 bytes; the latter would reduce the requirements for a
single S-box from 1024 bytes to 256 bytes.
ii. Lower iterations. It is probably safe to reduce the number of
iterations from 16 to 8 without compromising security. The
number of iterations required for security may be dependent
on the length of the key. Note that with the current sub key
generation procedure, an 8-iteration algorithm cannot accept a
key longer than 192 bits.
iii. On-the-fly sub key calculation. The current method of sub
key calculation requires all sub keys to be calculated advance
of any data encryption. In fact, it is impossible to calculate the
last sub key of the last S-box without calculating every sub
key that comes before. An alternate method of sub key
calculation would be preferable: one where every sub key can
be calculated independently of any other. High-end
implementations could still recompute the sub keys for
increased speed, but low-end applications could only compute
the required sub keys when needed.
 96

4.5 OPERATION MODES OF BLOWFISH

Blowfish is a symmetric block cipher that can be used as a drop-in

replacement for DES or IDEA so that it can be used in four standard operation
modes as DES and IDEA. Four modes (Jan-Ruei and Shih-Ching, 2000).

4.5.1 Electronic Codebook Mode

Electronic codebook (ECB) mode is the most obvious way to use a

block cipher: A block of plaintext encrypts into a block of cipher text.
Figure 4.5 shows the ECB mode. Since the same block of plaintext always
encrypts to the same block of cipher text, it is theoretically possible to create a
code book of plaintexts and corresponding cipher text. The potentially serious
problem with this mode is that an adversary could modify encrypted message
without knowing the key as to cheat the receiver. This disadvantage can be
overcome by introducing a small amount of memory in the encryption
process.

Figure 4.5 ECB mode

 97

4.5.2 Cipher Block Chaining Mode

In cipher block chaining (CBC) mode, an initial value is added

modulo 2 (XOR) to the first plaintext block to form the Blowfish input block.
The Blowfish output is the cipher text.

Ci=Ei(PiCi) (4.1)
Pi=Ci-1D(Ci) (4.2)

a. Cipher Block Chaining Mode (CBC) Encryption

b. Cipher Block Chaining Mode (CBC) Decryption

Figure 4.6 Cipher Block Chaining Mode (CBC) modes

This output is fed back and added modulo 2 to the next plaintext
block forming the new Blowfish input block. This mode produces a cipher
 98

text dependent on the previous plaintext blocks. Figure 4.6(a) shows the CBC
encryption mode Figure. 4.6(b) shows the CBC decryption mode.

4.5.3 Cipher-feedback Mode

Block ciphers can also be implemented as a self synchronizing

Stream cipher; this is called cipher-feedback (CFB) mode.

a. Cipher Feedback Mode Encryption (CFB)

b. Cipher Feedback Mode Decryption (CFB)

Figure 4.7 CFB mode

In this mode, input is processed by j bits at a time. Preceding

cipher text is used as input to the encryption algorithm to produce
pseudorandom output, which is XOR with plaintext to produce the next unit
 99

of cipher text. Again, this is useful for encoding long blocks of input.
Figure 4.7shows the CFB mode.

4.5.7 Output-feedback Mode

The output-feedback (OFB) mode is a method of running a block

cipher as a synchronous stream cipher. It‘s similar to CFB mode; except that j
bits of the previous output block are moved into the right-most positions of
the quence as shown in Figure. 4.8. Decryption is the reverse of this process.

c. Encryption b. Decryption

Figure 4.8 Output-feedback Mode (OFB)

4.6 SECURITY OF BLOWFISH

Because the variable key length of Blowfish is from 32 bits to 448

bits, Blowfish is much safer than DES and IDEA at most 2384 times. Serge
 100

Vaudenay examined Blowfish with known S-boxes and r rounds (Vaudenay

1996) a differential attack can recover the P-array with 28r+1 chosen
plaintexts. For certain weak keys that generate bad S-boxes (the odds of
getting them randomly are 1 in 214), the same attack require only 24r+1
chosen plaintexts to recover the P-array. With unknown S-boxes this attack
can detect whether a weak key is being used, but cannot determine what it is
(neither the S-boxes nor the P-array). This attack only works against reduced-
round variants; it is completely ineffective against 16-round Blowfish.

4.7 MODIFIED F FUNCTION

The proposed algorithm contains a modified Feistel network

which is similar to that of the basic Feistel network included with the genetic
algorithm and mutation concepts. The values in the S-box and the XOR
operation of the S-box values is same as the operation of the basic Feistel
network, the genetic crossover with the new machine generated internal key
and the flip bit mutation were included additionally to improve the quality of
the encryption. Figure 4.9 shows the genetic crossover and mutation concepts
included modified Feistel network.
 101

Figure 4.9 Modified Feistel Network

4.8 ENCRYPTION PROCESS

The process of encryption is explained in this section.

Figure 4.10 shows the simulation waveform of the encryption process. It can
be clearly observed from the waveform that the user specified key is
converted into machine generated internal key and that value is used for the
encryption of the data. The quality of the cipher text is very high. The
Figure 4.10 also gives the value of the cipher text in binary, so the cipher text
can be transmitted in two different formats ASCII and binary values. The
binary values are used for the decryption process, since the cipher text travels
in two different formats the interceptors can be confused, and the data may be
useless if the binary form of the cipher text is not available to the interceptors.
The encryption process is also unique since the machine generated internal
key is unknown to anyone even to the sender and the receiver.
 102

4.7 DECRYPTION PROCESS

The process of decryption starts with input as the binary form of

the cipher text. The user specified key is given to the key generation module
and the new machine generated internal key is obtained for decrypting the
data. Decryption is nothing new but the reverse process of the encryption data
as same as the blowfish algorithm. The decryption process also mainly
depends on the machine generated internal key, if the values in the lookup are
unknown and the binary of the cipher text both are not available to the
interceptor the data can never be decrypted. This makes the proposed work
better than the previous one without making any compromise in the quality of
the cipher text. Figure 4.11 shows the simulation waveform of the decryption
algorithm
 103

Figure 4.10 Encryption Process

 104

Figure 4.11 Decryption Process

 105

4.10 RESULTS AND DISCUSSIONS

The principle and working of the blowfish algorithm was briefly discussed
in this chapter. It was found from the analysis of blowfish algorithm that the quality of
the cipher text can be improved by adding the concepts of genetic algorithm and
mutation. Crossover operator and the flip bit mutation were taken into account along
with the normal operation of the blowfish algorithm. The results obtained were quite
appreciative and the complexity of the key and the cipher text were also found to be
good. This concept is present simulated and synthesized as software but the concept
can be implemented in a real FPGA module to make it as a unique one for the sender
and receiver. The difficulty found in the process is that, the ASCII values of the cipher
text finally obtained can‘t be used directly for the decryption. The binary values of the
cipher text are necessary for the decryption process, the conversions of ASCII values
to binary values are found to be difficult and it can be avoided in the future.

4.11 SUMMARY

The usual blowfish algorithm and the Feistel network were discussed in
this section. The inclusion of genetic algorithm and concept of mutation is found to
increase the quality of the encryption. The experimental results also showed better
results with minor difficulties which were rectified. The algorithm can be an efficient
one when it is implemented as a hardware and it will be more unique for the user than
being as a software module alone.