IDEA and Blowfish Algorithms (Unit-2) notes

International Data Encryption Standard

The International Data Encryption Standard Algorithm (IDEA) is a symmetric block cipher
that was proposed to replace DES. It is a minor revision of an earlier cipher, PES (Proposed
Encryption Standard). IDEA was originally called IPES (Improved PES) and was also included in
PGP. IDEA is a block cipher which uses a 128-bit length key to encrypt successive 64-bit blocks of
plaintext.

The main design goals of IDEA are,

• Block Length: Block size of 64 bits is considered strong enough to deter statistical analysis.
Also usage of Cipher Feedback Mode of operation provides better strength.

• Key Length: Its key size of 128 bits is very secure to deter exhaustive search.

IDEA’s overall scheme is based on three different operations: Bit by Bit XOR denoted as ⊕,
addition mod 216 denoted as and multiplication mod (216 +1) as . All operations are on 16-bit
sub-blocks, with no permutations used. Completely avoid substitution boxes and table lookups used in
the block ciphers. The algorithm structure has been chosen such that when different key sub-blocks
are used, the encryption process is identical to the decryption process.

In IDEA, Confusion is achieved by using these three separate operations in combination providing a
complex transformation of the input, making cryptanalysis much more difficult (than with a DES
which uses just a single XOR).

The main basic building block is the Multiplication/Addition (MA) structure shown below:

Diffusion is provided by this MA structure where, each output bit depends on every bit of inputs
(plaintext-derived inputs and subkey inputs).This MA structure is repeated eight times, providing very
effective diffusion

1
Mukesh Chinta
Asst Prof, CSE, VNRVJIET
IDEA and Blowfish Algorithms (Unit-2) notes

The overall scheme for IDEA is shown below:

The encryption function takes two inputs; one being the plaintext to be encrypted and the
key. The plaintext is 64 bits in length and key is 128 bits in length. The IDEA algorithm consists
of eight rounds followed by a final transformation function. The algorithm divides the input into
four 16-bit subblocks. Each of the rounds takes four 16-bit subblocks as input and produces four
16-bit output blocks. The final transformation also produces four 16-bit blocks, which are
concatenated to form the 64-bit ciphertext. Each of the rounds also makes use of six 16-bit
subkeys, whereas the final transformation uses four subkeys, for a total of 52 subkeys.

First, the 128-bit key is partitioned into eight 16-bit sub-blocks which are then directly
used as the first eight key sub-blocks {i.e. Z1, Z2… Z8 are taken directly from the 128-bit key
where Z1.equals the first 16 bits, Z2 corresponding to next 16 bits and so on}.The 128-bit key is
then cyclically shifted to the left by 25 positions, after which the resulting 128-bit block is again
partitioned into eight 16-bit sub-blocks to be directly used as the next eight key sub-blocks. The
cyclic shift procedure described above is repeated until all of the required 52 16-bit key sub-

2
Mukesh Chinta
Asst Prof, CSE, VNRVJIET
IDEA and Blowfish Algorithms (Unit-2) notes

blocks have been generated. The following figure shows the single round in the encryption
algorithm.

3
Mukesh Chinta
Asst Prof, CSE, VNRVJIET
IDEA and Blowfish Algorithms (Unit-2) notes

IDEA deviates from the Feistel Structure that the round starts with a transformation that
combines four input subblocks with four subkeys, using the addition and multiplication
operations. These four output blocks are then combined using the XOR operation to form two 16-
bit blocks that are input to the MA structure, which also takes two subkeys as input and combines
these inputs to produce 16-bit outputs. Finally, the four output blocks from the upper
transformation are combined with the two output blocks of the MA (Multiplication/Addition)
structure using XOR to produce the four output blocks for this round. Also, the two outputs that
are partially generated by the second and third inputs(X2 and X3) are interchanged to produce the
second and third outputs (W12 and W13). This increases the mixing of bits being processed and
makes the algorithm more resistant to differential cryptanalysis.

4
Mukesh Chinta
Asst Prof, CSE, VNRVJIET
IDEA and Blowfish Algorithms (Unit-2) notes

The ninth stage of the algorithm, labelled the output transformation stage has the same
structure as the upper rounds, but the only difference is that the second and third inputs are
interchanged before being applied to the operational units. The effect of this is undoing the
interchange at the end of eighth round. The reason for this extra interchange is so that decryption
has the same structure as encryption. The ninth stage requires only four subkey inputs, compared
to six subkey inputs for each of the first eight stages.

The computational process used for decryption of the ciphertext is essentially the same as
that used for encryption. The only difference is that each of the 52 16-bit key sub-blocks used for
decryption is the inverse of the key sub-block used during encryption. In addition, the key sub-
blocks must be used in the reverse order during decryption in order to reverse the encryption
process.

5
Mukesh Chinta
Asst Prof, CSE, VNRVJIET
IDEA and Blowfish Algorithms (Unit-2) notes

Decryption Steps:

1. The first four subkeys of decryption round i are derived from the first four subkeys of
encryption round (10-i), where the transformation stage is counted as round 9. The first and
fourth decryption subkeys are equal to the multiplicative inverse modulo (216 +1) of the
corresponding first and fourth encryption subkeys. For rounds 2 through 8, the second and
third decryption subkeys are equal to the additive inverse modulo (216) of the corresponding
third and second encryption subkeys. For rounds 1 and 9, the second and third decryption
subkeys are equal to the additive inverse modulo (216) of the corresponding second and third
encryption subkeys.
2. For the first eight rounds, the last two subkeys of decryption round i are equal to the last two
subkeys of encryption round (9-i).

IDEA Encryption and Decryption Subkeys

• Zj-1: multiplicative inverse; Zj  Zj-1 = 1

• -Zj : additive inverse; -Zj Zj = 0

Today, there are hundreds of IDEA-based security solutions available in many market
areas, ranging from Financial Services, and Broadcasting to Government. The IDEA algorithm
can easily be embedded in any encryption software. Data encryption can be used to protect data
transmission and storage. Typical fields are:

– Audio and video data for cable TV, pay TV, video conferencing, distance learning

– Sensitive financial and commercial data

– Email via public networks

– Smart cards

6
Mukesh Chinta
Asst Prof, CSE, VNRVJIET
IDEA and Blowfish Algorithms (Unit-2) notes

BLOWFISH Algorithm
Blowfish is a symmetric block cipher that can be effectively used for encryption and
safeguarding of data. It takes a variable-length key, from 32 bits to 448 bits. Blowfish was designed in
1993 by Bruce Schneier as a fast, free alternative to existing encryption algorithms. Blowfish is
unpatented and license-free, and is available free for all uses. Blowfish Algorithm is a Feistel
Network, iterating a simple encryption function 16 times. The block size is 64 bits, and the key can
be any length up to 448 bits. Although, there is a complex initialization phase required before any
encryption can take place, the actual encryption of data is very efficient on large microprocessors.

Blowfish is designed to have the following characteristics:

 Fast: Blowfish encrypts data on 32-bit microprocessors at a rate of 18 clock cycles per
byte.
 Compact: Blowfish can run in less than 5k of memory.
 Simple: Blowfish’s simple structure is easy to implement and eases the task of
determining the strength of algorithm.
 Variably Secure: The key length is variable and can be as long as 448 bits. This
allows a tradeoff between higher speed and higher security.

Blowfish encrypts 64-bit blocks of plaintext into 64-bit blocks of ciphertext. Blowfish uses a key that
ranges from 32-bits to 448 bits. That key is used to generate 18 32-bit subkeys and four 8*32 S-boxes
containing a total of 1024 32-bit entries. The total is 1042 32-bit values, or 4168 bytes. The keys are
stored in a K-array.

K1, K2, …, Kj 1 ≤ j ≤ 14

The 18 32-bit subkeys are stored in the P-array:

P1, P2, …, P18

There are 4 S-boxes, each with 8x32(=256) 32-bit entries

Steps in generation of P-array and S-boxes are as follows:

 P-array and then 4 S-boxes are initialized with fractional part of π:

7
Mukesh Chinta
Asst Prof, CSE, VNRVJIET
IDEA and Blowfish Algorithms (Unit-2) notes

 P-array is XORed with K-array (reusing K-array if necessary):

P1 = P1 ⊕ K1, P2 = P2 ⊕ K2, …, Pj = Pj ⊕ Kj, Pj+1 = Pj+1 ⊕ K1,

Pj+2 = Pj+2 ⊕ K2, …
 Encrypt the 64-bit block of all zeros using the current P- and S- arrays; replace P1 and P2 with
the output of the encryption.
 Encrypt the output of step 3 using the current P- and S- arrays and replace P3 and P4 with the
resulting ciphertext.
 Continue this process to update all elements of P and then ,in order, all elements of S, using at
each step the output of the continuously changing Blowfish algorithm.
 Then update process of P-array and S-boxes is summarized as follows:

Where EP,S[Y] is the ciphertext produced by encrypting Y using Blowfish with the P
and S arrays.
A total of 521 executions in total are required to produce the final P and S arrays.
Accordingly blowfish is not suitable for applications in which the secret key changes frequently.
Furthermore, for rapid execution, the P- and S- arrays can be stored rather than rederived from the key
each time the algorithm is used which requires upto 4kb of memory, making blowfish unsuitable for
applications with limited memory like smartcards.

Blowfish Encryption/Decryption:

Blowfish uses two primitive operations, which do not commute making cryptanalysis difficult:

• Addition:- Addition of words, denoted by +, is performed modulo 232

• Bitwise exclusive-OR: This operation is denoted by ⊕.

The structure is a slight variant of classic Feistel network

o L and R are both processed in each round

o 16 rounds

o Two extra XORs at the end

The plain text is divided into two 32-bit halves LE0 and RE0.The resulting ciphertext is contained in
the two variables LE17 and RE17.

8
Mukesh Chinta
Asst Prof, CSE, VNRVJIET
IDEA and Blowfish Algorithms (Unit-2) notes

The function F is shown below:

9
Mukesh Chinta
Asst Prof, CSE, VNRVJIET
IDEA and Blowfish Algorithms (Unit-2) notes

The 32-bit input to F is divided into 4 bytes. If they are labelled a,b,c,d then the function can be
defined as

F(a, b, c, d) = ((S1,a + S2,b) ⊕ S3,c) + S4,d

Thus, each round includes the complex used of addition modulo 232 and XOR, plus substitution using
S-boxes. Decryption of Blowfish is easily derived from the encryption algorithm. It involves using the
subkeys in reverse order. Unlike most block ciphers, blowfish decryption occurs in the same
algorithmic direction as encryption rather than the reverse.

Some main characteristics of Blowfish are:

• Key-dependent S-Boxes

• Operations are performed on both halves of data

• Time-consuming subkey generation process

– Makes it bad for rapid key switching, but makes brute force expensive

• Perfect avalanche effect because of the function F

• Fast

10
Mukesh Chinta
Asst Prof, CSE, VNRVJIET