Re: relative effectiveness of Blowfish encryption

David Honig (honig@sprynet.com)
Fri, 26 Feb 1999 17:00:45 -0800

• Next message: Michael Froomkin - U.Miami School of Law: "Using crypto to solve a part of the DNS/TM mess"
• Previous message: : "relative effectiveness of Blowfish encryption"
• In reply to: Mail System Internal Data: "DON'T DELETE THIS MESSAGE -- FOLDER INTERNAL DATA"
• Next in thread: Dutra de Lacerda: "Re: relative effectiveness of Blowfish encryption"

At 11:41 AM 2/26/99 -0800,  wrote:
>I am implementing a client/serverbased application intended to run over
>public networks, and I need to use some form of encrytion to secure the
>data stream.

That's how many of us get interested in this stuff...

I also dont have a lot of financial resources, and I am
>not a mathemetician/cryptographer.... This means I need an inexpensive
>third party toolkit to do the encryption for me, and the most cost
>effective one I have found uses the Blowfish algorithm.

Actually, you don't need to pay for a toolkit. There are several
implementations
out there, ranging from Schneier's original reference version to
the so-optimized-its-barely-readable version of Eric A Young.
There are >2 versions in Java and some assembly optimized versions.

>So I am wondering what the general opinions on the effectiveness of
>Blowfish is, and also, has anyone out there had anyexperience with the
>people at http://www.encryption.com ??

The way you phrase this ("effectiveness") is wrong, but you're new.

No one has published any weakness in the Blowfish algorithm.
(This does not mean no one has found one; and it does not
mean there are none. But it is the best we can do.)
This is the best we can say.

One of the ways to measure an encryption algorithm is how many CPU
cycles are required per encrypted bit. (This is performance,
not security; but as Schneier says somewhere: the art of cipher
design is creating secure ciphers with the least resources.)
By this measure, Blowfish is blazingly fast. And as secure as
any other cipher out there, with the bonus of a variable-length key.
*And* its free.

All you need to do is compile a Blowfish implementation, and
deal with the data structures used by the implementation you chose.
(Typically, you have to understand byte->int and alignment issues -
e.g., a blowfish API might take a char-string as a key but expect
a pointer to an array of two unsigned 32b ints to hold the data.)

Its not hard. A block cipher has only a setkey, encrypt, and decrypt
functionality.
It will take a day, max.

-------------

That having been said:

1. look into feedback modes, where the previously encrypted value is mixed
with the current. This prevents the same plaintext from being mapped
to the same output when it repeats.

2. your security will be limited by such things as your OS (which may page
your data or keys to disk!). But all crypto starts with: What is your
threat model? Little sister, bored sysops, big brother?

Cheers,

• Next message: Michael Froomkin - U.Miami School of Law: "Using crypto to solve a part of the DNS/TM mess"
• Previous message: : "relative effectiveness of Blowfish encryption"
• In reply to: Mail System Internal Data: "DON'T DELETE THIS MESSAGE -- FOLDER INTERNAL DATA"
• Next in thread: Dutra de Lacerda: "Re: relative effectiveness of Blowfish encryption"