Abstract
Blowfish is a sixteen-rounds Feistel cipher in which the F function is a part of the private key. In this paper, we show that the disclosure of F allows to perform a differential cryptanalysis which can recover all the rest of the key with 248 chosen plaintexts against a number of rounds reduced to eight. Moreover, for some weak F function, this attack only needs 223 chosen plaintexts against eight rounds, and 3×251 chosen plaintexts against sixteen-rounds. When the F function is safely kept private, one can detect whether it is weak or not with a differential attack using 222 plaintexts against eight rounds.
Laboratoire d'Informatique de l'Ecole Normale Supérieure, research group affiliated with the CNRS
Chapter PDF
Similar content being viewed by others
References
C. M. Adams. A Formal and Practical Design Procedure for Substitution-Permutation Network Cryptosystems. PhD thesis, Queen's University, Kingston, Canada, 1990.
C. M. Adams, S. E. Tavares. Designing s-boxes Resistant to Differential Cryptanalysis. In Proceedings of 3rd Symposium on the State and Progress of Research in Cryptography, pp. 386–397, Rome, Italy, 1994.
E. Biham, A. Shamir. Differential Cryptanalysis of the Data Encryption Standard, Springer-Verlag, 1993.
H. Feistel. Cryptography and computer privacy. In Scientific American, vol. 228, pp. 15–23, 1973.
J. Lee, H. M. Heys, S. E. Tavares. On the Resistance of the CAST Encryption Algorithm to Differential Cryptanalysis. Presented at the SAC'95 conference.
B. Schneier. Description of a New Variable-Length Key, 64-Bit Block Cipher (Blowfish). In Fast Software Encryption — Proceedings of the Cambridge Security Workshop, Cambridge, United Kingdom, Lectures Notes in Computer Science 809, pp. 191–204, Springer-Verlag, 1994.
B. Schneier. The Blowfish Encryption Algorithm. In Dr Dobb's Journal, pp. 38–40, April 1994.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1996 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Vaudenay, S. (1996). On the weak keys of blowfish. In: Gollmann, D. (eds) Fast Software Encryption. FSE 1996. Lecture Notes in Computer Science, vol 1039. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-60865-6_39
Download citation
DOI: https://doi.org/10.1007/3-540-60865-6_39
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-60865-3
Online ISBN: 978-3-540-49652-6
eBook Packages: Springer Book Archive