Blowfish is the first symmetric encryption algorithm created by Bruce Schneier in 1993. Symmetric encryption uses a single encryption key to both encrypt and decrypt data.
The sensitive data and the symmetric encryption key are utilized within the encryption algorithm to turn the sensitive data into ciphertext. Blowfish and its successor, Twofish, were in the running to replace the Data Encryption Standard (DES) but failed due to its small block size. Blowfish uses a block size of 64, which is considered wholly insecure. Twofish fixed this issue by implementing a block with a size of 128. Blowfish is much faster than DES, but it trades in its speed for security.
Products that use Blowfish
Though it is not as secure as other symmetric encryption algorithms, many products in many different areas of the Internet utilize Blowfish. Different types of products that Blowfish is a part of are:
- Password Management – Password management software and systems protect and create passwords. Blowfish has been used in a variety of password management tools to both create passwords and encrypt saved passwords. Examples of password management tools using Blowfish include:
- Access Manager
- Java PasswordSafe
- Web Confidential
- File/Disk Encryption – Software that encrypts files or disks is extremely common today as so many organizations have sensitive data they need to keep secure. This software must be straightforward for use by companies and quick to finish the encryption process. Thus, Blowfish is utilized in these encryption systems often in products such as:
- GnuPG
- Bcrypt
- CryptoForge
- Backup Tools – Software that backs up vital infrastructure in an organization must have the ability to encrypt information in those backups. This is in case the backup contains sensitive information. Backup systems that use Blowfish are:
- Symantec NetBackup
- Backup for Workgroups
- Email Encryption – Encryption for emails is extremely important on any device. Different IOS, Linux, and Windows software all use Blowfish for email encryption. Examples:
- A-Lock
- SecuMail
- Operating System Examples
- Linux
- OpenBSD,
- Secure Shell (SSH) is used to remotely access computer networks while authenticating the user through the use of encryption methods like Blowfish. Examples:
- OpenSSH
- PuTTY
Comparison Table
| Advantages | Disadvantages |
|---|---|
| Faster than other encryption algorithms, such as the Data Encryption Standard (DES)Blowfish is unpatented and free to use. This means anyone can take and use Blowfish for whatever they want toThe Blowfish algorithm also has a lesser amount of operations to complete compared to other encryption algorithmsThe key schedule of Blowfish takes a long time, but this can be advantageous, as brute force attacks are more difficult | The key schedule of Blowfish takes a long time, equivalent to encrypting 4KBs of data, which can be a disadvantage or an advantage. On the Disadvantage side, it takes a very long time to doThe small block size of Blowfish means that Birthday Attacks can occur and compromise the encryption algorithmIt is followed by Twofish, which was created to replace Blowfish, as it is better in most ways |
