Table of Content

Cybersecurity Frameworks

Key Management Interoperability Protocol

What is Blowfish in security? Who uses Blowfish?


Table of Contents

Blowfish is the first symmetric encryption algorithm created by Bruce Schneier in 1993. Symmetric encryption uses a single encryption key to both encrypt and decrypt data. The sensitive data and the symmetric encryption key are utilized within the encryption algorithm to turn the sensitive data into ciphertext. Blowfish, along with its successor Twofish, was in the running to replace the Data Encryption Standard (DES) but failed due to the small size of its block. Blowfish uses a block size of 64, which is considered wholly insecure. Twofish fixed this issue, by implementing a block with a size of 128. Blowfish is much faster than DES, but it trades in its speed for security.

Products that use Blowfish

Though it is not as secure as other symmetric encryption algorithms, many products in many different areas of the Internet utilize Blowfish. Different types of products that Blowfish is a part of are:

  • Password Management

    Password management software and systems protect and create passwords. Blowfish has been used in a variety of password management tools to both create passwords and encrypt saved passwords. Examples of password management tools using Blowfish include:

    • Access Manager
    • Java PasswordSafe
    • Web Confidential
  • File/Disk Encryption

    Software that encrypts files or disks is extremely common today as so many organizations have sensitive data they need to keep secure. This software must be straightforward for use by companies and quick to finish the encryption process. Thus, Blowfish is utilized in these encryption systems often in products such as:

    • GnuPG
    • Bcrypt
    • CryptoForge
  • Backup Tools

    Software that backs up vital infrastructure in an organization must have the ability to encrypt information in those backups. This is in case the backup contains sensitive information. Backup systems that use Blowfish are:

    • Symantec NetBackup
    • Backup for Workgroups
  • Email Encryption

    Encryption for emails is extremely important on any device. Different IOS, Linux, and Windows software all use Blowfish for email encryption. Examples:

    • A-Lock
    • SecuMail
  • Operating System Examples

    • Linux
    • OpenBSD
  • Secure Shell (SSH)

    Secure Shell is used to remotely access computer networks while authenticating the user through the use of encryption methods like Blowfish. Examples:

    • OpenSSH
    • PuTTY

Comparison Table

  • Faster than other encryption algorithms, such as the Data Encryption Standard (DES)
  • Blowfish is unpatented and free to use. This means anyone can take and use Blowfish for whatever they want to
  • The Blowfish algorithm also has a lesser amount of operations to complete compared to other encryption algorithms
  • The key schedule of Blowfish takes a long time, but this can be advantageous, as brute force attacks are more difficult
  • The key schedule of Blowfish takes a long time, equivalent to encrypting 4KBs of data, which can be a disadvantage or an advantage. On the Disadvantage side, it takes a very long time to do
  • The small block size of Blowfish means that Birthday Attacks can occur and compromise the encryption algorithm
  • It is followed by Twofish, which was created to replace Blowfish, as it is better in most ways

Let's talk