Blowfish Study n Reverse

{Written by Evilcry}
{evi l cr y@r et eam. or g}
[ RET]
[ http://www.reteam.org]
[ http://evilcry.altervista.org]
[ irc.azzurranet.org #crack-it]

{Difficulty: Advanced}


INTRODUCTION

I n t hi s t ut or i al , we wi l l st udy t he Bl owf i sh ci pher . We wi l l
expl or e how Bl owf i sh wor ks and see i f t her e ar e some weaknesses.
Obvi ousl y we wi l l see Bl owf i sh not onl y f r oma ' cr ypt ogr apher
poi nt of vi ew' but al so and *mai nl y* f r oma r ever ser poi nt . I
t r i ed t o make t hi s a det ai l ed anal ysi s. My i nt ent i s t o make you
abl e t o qui ckl y i dent i f y any code t hat i mpl ement s bl owf i sh.

TOOLS

I DA
Ol l yDbg
Good Basi s of Cr ypt ogr aphy

TARGET LOCATION

ht t p: / / www. googl e. com


ABOUT THE TARGET

I have used t he Raskgme1 cr ackme f or an exampl e.

Blowfish OVERVIEW
Bl owf i sh i s a ci pher based on bl ocks whi ch al so uses a secr et -
si mmet r i c key ( so t her e i s onl y a si ngl e key, used bot h f or
encr ypt i on and decr ypt i on) . Bl owf i sh i s based on a Fei st el -
Net wor k, f or peopl e t hat do not know what t hi s means: A Fei st el
i t er at es a speci f i c f unct i on a cer t ai n number of t i mes and each
cycl e i s cal l ed a r ound. Usual l y bl owf i sh has a r ound number of
16.
I n addi t i on t o t he Fei st el Net wor k, Bl owf i sh bases i t s act i on on 4
SBoxes ( coul d be consi der ed ar r ays) , i ndi pendant f r omt he keys.
Ther e i s al so a OneWay f unct i on F( ) whi ch i s NOT r ever si bl e.
Pr evi ousl y we sai d t hat we' r e i n f r ont of a bl ock ci pher . Each
bl ock i s 64 bi t s l ong, whi l e t he key can be as l ong as 448 bi t s.
Unt i l t hi s moment t her e known ef f ect i ve at t acks t echni ques.
Bl owf i sh i s al so r eal l y f ast . I have a l i t t l e cur i osi t y wi t h t hi s
ci pher as i t has some good f eat ur es. Bl owf i sh was al so
i mpl ement ed i n some mi cr ochi ps, one of whi ch i s t he 68HC11.
Not e f or t he at t acker s: t he Sbox used " r esul t s t o be r esi st ant t o
at t acks of di f f er ent i al cr ypt oanal ysi s" . Af t er t hi s i nt r oduct i on,
we can begi n t o st udy t hi s al gor i t hymdeepl y. I t ' s i mpor t ant t o
say t hat t he gener al f uct i oni ng mechani smwi l l be f undament al t o
r ecogni zi ng bl owf i sh i n a pr ot ect i on scheme. The encr ypt i on
pr ocedur e can be di vi ded i n t wo st eps:
Expansion Step ( or i ni t i al i zat i on f unct i on, t hi s i s t he most
compl ex phase) .
I n whi ch t he key, l ong max 448 bi t s, i s " t r ansf or med" i nt o an
ar r ay of subkeys f or a t ot al of 4168 byt es
Encryption step:
The encr ypt i on pr ocess happens i n 16 r ounds and uses XOR and
addi t i on oper at i ons. The si ze used i s t he Dwor d. Al l t hi s, i s
pl aced i nt o some i ndi ci zed ar r ays. Fr omt he key, ar e ext r act ed t wo
ki nds of ar r ays: P- Ar r ay and S- Box. The P- Ar r ay i s composed of 18
el ement s and each subkey i s 4 byt es l ong:
P1, P2, P3. . . . . P18
Whi l e t he S- Box ar e 4, each of t hemi s composed by 256 subkeys at
32 bi t s. Let ' s see now what happens i n det ai l , i n t he expansi on
phase:
1. P- Ar r ay and t he 4 S- Boxes ar e i ni t i al i zed, t he most i mpor t ant
t hi ng t o say, i s t hat , t he 4 Sboxes al l begi n wi t h const ant
val ues.
2. Ther e i s a XOR bet ween P- Ar r ay and t he chosen key.
3. Repeat t hi s pr ocedur e unt i l al l subkeys of P- ar r ay ar e
" codi f i ed" i nt o t he f or m:
P- ar r ay= {xL1, xR1, xL2, xR2, . . . . . . , xL18, xR18}
4. Wi t h t he " new" P- ar r ay, begi n t he subst i t ut i on wor k of t he S-
Box. An i mpor t ant not e: t hese S- Boxes ar e modi f i ed by each r ound
t hat happens.
Now we know a bi t about how Bl owf i sh wor ks i n t he encr ypt i on phase
we can say t hat Bl owf i sh bases i t s wor k on r andomi zed sboxes.
I ndeed, t he al gor i t hmbui l ds some bi g l ookup t abl es wi t h
pseudor andomdat a. The ' PSEUDO' casual i t y depends heavi l y on t he
key i t sel f . As you can see t hi s pr ocedur e i s a bi t compl ex. I f we
t r y t o anal yze t he " i mpl i cat i ons" t hat coexi st bet ween sboxes
obt ai ned and used keys we wi l l see t hat t hese r el at i ons ar e r eal l y
compl ex!
The di r ect consequence of al l t hi s i s t hat Bl owf i sh seems t o be
not at t ackabl e ( except i n some cases) by di f f er ent i al and l i near
cr ypt oanal ysi s. The onl y wel l known at t acks t o Bl owf i sh wor k
essent i al l y on t he use of weak- keys, i n whi ch t her e i s at mi ni mum
a col l i si on i nt o one of t he f our sboxes.
Now l et ' s t ake a l ook at a gener i c pr ot ect i on r out i ne t hat uses
Bl owf i sh:
Blowfish_Initialization( )
Blowfish_encrypt( )
Blowfish_decrypt( )
An attack for Blowfish (addendum)
Thi s sect i on i s not f undament al l y i mpor t ant t o under st and t he
f ut ur e " r ever se appr oach" t o Bl owf i sh, but can be i nt er est i ng f or
peopl e who want t o know somet hi ng mor e on bl owf i sh cr ypt oanal ysi s.
The most successf ul at t ack t o bl owf i sh was t he Vaundenay at t ack,
whi ch demonst r at ed t he pr esence of some weak keys i n t he ci pher .
The condi t i on of " weak key" occour s when t her e i s AT LEAST ONE
col l i si on i nt o one of t he 4 Sboxes. Thi s condi t i on can be
expr essed as:
Sbox1(X)=Sbox1(Y)
Wher e X and Y ar e t wo di f f er ent byt es. Now i f t he at t acker knows
al l Sboxes ent r ances ( not P1 P2 et c. ) , or even bet t er , knows t he
key descr i bed by t he F( ) f unct i on, he can see t he f ol l owi ng
r el at i on:
d= X xor Y
" d" whi ch i s t he key ( i n t hi s case i s obvi ousl y weak) . As a r esul t
t he P- ar r ays ( P1 P2 et c. ) ar e gener at ed f r omt he weak key, so i f
we assume at l east one col l i si on f or S1, t he pr obabi l i t y t hat t hi s
col l i si on happens i s 2^( - 7) . Let ' s consi der al so t hat we' r e i n
f r ont of a Fei st el Net wor k, so we can expect t hat t hi ngs wi l l gr ow
r ound by r ound! . I ndeed i f we r epeat t he pr ocedur e ( d X xor Y)
t hr ee t i mes, we wi l l obt ai n 2^( - 7) ^3 i n ot her wor ds 2^( - 21) ! . Now
we can suddenl y per f or ma " chosen pl ai nt ext " at t ack, i n whi ch we
have:
Wi t h: xor ( 0000d000) , usi ng a chosen coupl e ( c, c' ) we l and at
xor ( d000xyzt ) . c' can be consi der at ed di vi ded i nt o t wo gr oups
c( L, R) . Now i f we appl y t hi s t o F( ) , we wi l l obt ai n t he f ol l owi ng
equat i on:
F(L xor P10) xor F(L xor P10 xor [d000])=[xyzt]
And f i nal l y wi t h a br ut ef or ce of 2^32 we wi l l obt ai n P10, t hat
ver i f i es t he pr evi ous equat i on.

An analytic/reverse approach to Blowfish
Wow, we ar e r eady t o st ar t a r ever si ng sessi on on Bl owf i sh! Fi r st
of al l we wi l l anal yze a l i t t l e por t i on of Raskgme1 cr ackme i n
whi ch i s i mpl ement ed Bl owf i sh. Thi s cr ackme i mpl ement s al so
bi gnums and ot her t hi ngs t hat we wi l l not consi der .
004018A2 push 0040A0B8 ; pt r t o t he dt Key
004018A7 push ecx
004018A8 cal l 00401130 ; Bl owf i sh_I ni t ( )
Let ' s see now what happens i nsi de our i ni t i al i zat i on f unct i on:
00401130 push ecx
00401134 mov esi , dwor d pt r [ esp+14]
00401138 push edi
00401139 mov eax, 00408118
0040113E l ea ecx, dwor d pt r [ esi +48]
00401141 mov edx, 00000100 ; Number of i t er at i ons ( 100h=256d)
00401146 mov edi , dwor d pt r [ eax]
00401148 add eax, 00000004
0040114B mov dwor d pt r [ ecx] , edi ; copy i n ecx ( ar r ay) , edi
0040114D add ecx, 00000004 ; Add a dwor d t o t he ar r ay i ndex
00401150 dec edx ; decr ase t he count er
00401151 j ne 00401146 ; Repeat t hi s cycl e 256 t i mes
00401153 cmp eax, 00409118
00401158 j l 00401141 ; Repeat t he pr evi ous cycl e 4 t i mes
Thi s pi ece of code cr eat es an ar r ay of 256 el ement s! and at each
cycl e a dwor d i s copyed. We al so have an ext er nal cycl e t hat
r epeat s t he i nt er nal cycl e 4 t i mes. I f you st udi ed wi t h at t ent i on
t he t heor et i cal par t , you shoul d have no pr obl ems i n under st andi nd
what t hi s r out i ne does ; ) . Let ' s t r ansl at e i t t o C:
i nt i , j , k;
unsi gned l ong dat a, dat al , dat ar ;
f or ( i = 0; i < 4; i ++) {
f or ( j = 0; j < 256; j ++)
ct x- >S[ i ] [ j ] = ORI G_S[ i ] [ j ] ; }
Sur el y you wi l l demand what ct x i s?, easl y f r omt he - >, we
under st and t hat ct x i s a st r uct , but what shoul d t hi s st r uct
cont ai n?:
t ypedef st r uct {
unsi gned l ong P[ 16 + 2] ;
unsi gned l ong S[ 4] [ 256] ; } BLOWFI SH_CTX;
Synt at i cal l y i t ' s a Bl owf i sh cont ext , i nsi de whi ch we can f i nd t he
def i ni t i on of t he P- ar r ay and of t he Sboxes. By r et ur ni ng t o t he
pr evi ous f or cycl e, we can see t hat i nsi de t he 4 Sboxes ar e
i t er at ed. Each of t hemcomposed of 256 subkeys at 32 bi t s. I n
ot her wor ds we' r e i n t he expansi on phase.
0040115A mov ebp, dwor d pt r [ esp+20] ; | t hi s wi l l be i mpor t ant because wi l l
cont ai n xL and xR
0040115E mov edx, dwor d pt r [ esp+1C] ; | or bet t er cont ai ns " Dat a"
00401162 mov edi , 004080D0 ; put s a val ue i n edi , i t s not i mpor t ant t o know what
i t i s
00401167 xor eax, eax ;
00401169 sub edi , esi
0040116B mov [ esp+10] , 00000012 ; 12h wi l l wor k as i ndex ( 12h=18d)
00401173 xor ecx, ecx ; Nul l t he i ndex ( j =0) f i r st t o begi n a cycl e wi t h t he
al gor i t hmi t sel f
00401175 mov [ esp+20] , 00000004 ; Ot her i ndex
0040117D xor ebx, ebx
0040117F mov bl , byt e pt r [ eax+edx]
00401182 8 shl ecx, 08 ; dat a = ( dat a << 8) OR key[ j ]
00401185 or ecx, ebx ;
00401187 i nc eax ; j = j + 1;
00401188 cmp eax, ebp ; | i f ( j >= keyLen) - - - - > keyLen, r epr esent s t he l engt h of
t he key
0040118A j l 0040118E
0040118C xor eax, eax ; J =0
0040118E mov ebx, dwor d pt r [ esp+20]
00401192 dec ebx ; Ebx st ar t s f r om4 and l ands t o 0
00401193 mov dwor d pt r [ esp+20] , ebx
00401197 j ne 0040117D ; Repeat unt i l i s 0
00401199 mov ebx, dwor d pt r [ edi +esi ]
0040119C add esi , 00000004
0040119F xor ebx, ecx ; Xor t wo val ues cont ai ned i n ecx and ebx ( ct x- >P[ i ] =
ORI G_P[ i ] ^ dat a; )
004011A1 mov ecx, dwor d pt r [ esp+10] ; I n ecx t he val ue 18
004011A5 mov dwor d pt r [ esi - 04] , ebx
004011A8 dec ecx
004011A9 mov dwor d pt r [ esp+10] , ecx
004011AD j ne 00401173 ; r epeat t he t wo 2 cycl es, 18 t i mes
Thi s pi ece of code needs a l i t t l e expl anat i on. We have t wo
cycl es, one i s i t er at ed 4 t i mes, t he ot her 18 t i mes ( what do you
r emember about t he val ue 18?. . . yes t he P- ar r ay ; ) . So l et ' s
t r ansl at e t hi s pi ece of code t o bet t er under st and how i t wor ks:
f or ( i = 0; i < N + 2; ++i ) {
dat a = 0x00000000;
f or ( k = 0; k < 4; ++k) {
dat a = ( dat a << 8) | key[ j ] ;
j = j + 1;
i f ( j >= keyLen) j = 0;
}
ct x- >P[ i ] = ORI G_P[ i ] ^ dat a; } / / ct x AKA Bl owf i sh Cont ext
The most i nt er st i ng pi ece f or us, i s t he l ast l i ne, wher e we can
see an Xor bet ween t he dat a and an el ement of an ar r ay ( P- ar r ay) .
Thi s i s t he most i nt er est i ng oper at i on bet ween Key and P- ar r ay. I f
you do not r emenber wel l , j ump back t o 2., and ever yt hi ng wi l l be
cl ear !
I n t he next pi ece of code, we wi l l see t he encr ypt i ng f unct i on at
wor k:
004011BD mov esi , ebx
004011BF mov edi , 00000009
004011C4 l ea eax, dwor d pt r [ esp+1C] ; Dat aR
004011C8 l ea ecx, dwor d pt r [ esp+20] ; Dat aL
004011CC push eax ; Dat a R ( si mi l ar t o xR, t hat can be f ound i n t he f i r st par t )
004011CD push ecx ; Dat a L ( si mi l ar t o xL, t hat can be f ound i n t he f i r st par t )
004011CE push ebx ; Ct x ( i s t he Bl owf i sh Cont ext t hat pr evi ousl y anal ysed)
004011CF cal l 00401000 ; Bl owf i sh_encr ypt i on( ct x, &Dat aL, &Dat aR ) , t ake t hr ee
par amet er s

To bet t er under st and what happens her e, l et ' s t r asf or mt he asm
code t o C:

f or ( i = 0; i < N + 2; i += 2) {
Bl owf i sh_Encr ypt ( ct x, &dat al , &dat ar ) ;
ct x- >P[ i ] = dat al ; / / Wi l l be anal yzed f ar t her down
ct x- >P[ i + 1] = dat ar ; / / Wi l l be anal yzed f ar t her down
}
Take not e as t o t he number of i t er at i ons of t hi s oper at i on t hat
wi l l cont i nue unt i l al l ar r ays ar e expanded or r at her f i l l ed
wi t h new dat a. I n t hi s case, i t ' s i t er at ed f or t he same number as
t he P- ar r ay' s l engt h. Pay at t ent i on t o t he i nt er st i ng f act t hat ,
when you' r e i nt o t he Bl owf i sh' s i ni t i al i zat i on r out i ne, you f ul l y
meet t he encr ypt f unct i on. Now l et ' s anal yze t he encr ypt i on
f unct i on:
00401000 mov eax, dwor d pt r [ esp+08] ; Dat aL i n eax
00401004 mov ecx, dwor d pt r [ esp+0C] ; Dat aR i n ecx
0040100A mov eax, dwor d pt r [ eax]
0040100C push esi
0040100D mov esi , dwor d pt r [ ecx]
0040100F push edi
00401014 mov [ esp+14] , 00000010 ; Ready f or a FOR Cycl e( 10h=16d)
I n t hi s easy pi ece of code, Dat aL and Dat aR ar e assi gned t o l ocal
var i abl es of our f unct i on and r egi st er s ar e set up f or a FOR
Cycl e:
0040101E xor eax, dwor d pt r [ ebx] ; l ef t ^= p[ 0] ;
00401020 push eax ; par amet er t hat wi l l be used by t he cal l 00401060, l et ' s cal l
i t Y
00401021 57 push edi ; par amet er t hat wi l l be used by t he cal l 00401060, l et ' s
cal l i t X
00401022 mov ebp, eax
00401024 cal l 00401060 ; l et ' s cal l i t Get byt e( X, Y)
Her e t he def i ni t i on of Get Byt e( X, Y) , asmcode i s not necessar y:
#def i ne GETBYTE( x, y) ( unsi gned i nt ) ( ( ( x) >>( 8*( y) ) ) &255)
Thi s i s t he f amous f unct i on F, i n t hi s case i t t akes as i nput CTX
and xL, l et ' s cont i nue wi t h encr ypt pr ocedur e:
00401029 mov ecx, dwor d pt r [ esp+1C] ; I nser t i n ecx 10h, 16d t hat ar e t he 16
r ound of t he Fei st el pr oc, do you r member ?
0040102D add esp, 00000008
00401030 xor eax, esi
00401032 add ebx, 00000004 ; go t o t he next dwor d
00401035 dec ecx ; decr ease count er
00401036 mov esi , ebp
00401038 mov dwor d pt r [ esp+14] , ecx
0040103C j ne 0040101E ;r epeat 16 t i mes
Hehe our Fei st el Net wor k at wor k! ! : ) . . we ar e i n t he hear t of
encr ypt i on f unct i on. . a t hi ng j umps out at us i mmedi at el y. The
ent i r e pr ocess i s based on XOR oper at i ons, t hese XORs happen
bet ween t wo pi eces of dat a ( each pi ece bei ng 32 bi t s) .
f or ( i = 0; i < N; ++i ) {
Xl = Xl ^ ct x- >P[ i ] ; / / xor bet ween Dat aL and t he act ual val ue poi nt ed by P-
ar r ay
Xr = F( ct x, Xl ) ^ Xr ;
t emp = Xl ;
Xl = Xr ;
Xr = t emp; }
I n t he l ast par t of our f unct i on we can obser ve, ot her XORs
Xr = Xr ^ ct x- >P[ N] ;
Xl = Xl ^ ct x- >P[ N + 1] ;
*xl = Xl ;
*xr = Xr ;
}
And now, our encypt i on f unct i on i s f i ni shed, we can come back t o
t he i ni t i al i zat i on r out i ne, and obser ve what happens i mmedi at el y
af t er t he encr ypt i on:
004011D4 8B54242C mov edx, dwor d pt r [ esp+2C] ; move t he new Dat aL i nt o edx
004011D8 8B442428 mov eax, dwor d pt r [ esp+28] ; move t he new Dat aR i nt o eax
004011DC 8916 mov dwor d pt r [ esi ] , edx ; I nser t Dat aL , i nt o ct x- >P ( t hat poi nt s
t o P- ar r ay)
004011DE 894604 mov dwor d pt r [ esi +04] , eax; ; I nser t Dat aR , i nt o t he next ct x-
>P
I mmedi at el y we under st and t hat t he encr ypt i on f unct i on r et ur ns 2
DWORDs ( Dat aL and Dat aR) , t hat next wi l l go t o f i l l t he P- ar r ay.
Thi s i s t he si t uat i on of P- ar r ay, af t er t he ent i r e For Cycl e:
P-array {DataL1,DataR1,....,DataL18,DataR18}
Now i nt o bl owf i sh_i ni t ( ) : The encr ypt i on f unct i on i s cal l ed t wo
t i mes, we have seen onl y t he f i r st , now l et ' s st udy t he second
cal l :
004011F2 mov edi , 00000080 ; count er i ndex i s set t o 80h ( 128d)
004011F7 ecx, dwor d pt r [ esp+1C] ; Dat aR
004011FB l ea edx, dwor d pt r [ esp+20] ; Dat aL
004011FF push ecx ; Dat aR
00401200 push edx ; Dat aL
00401201 push ebx ; cont ext
00401202 cal l 00401000 ; Bl owf i sh_encr ypt ( )
00401207 mov eax, dwor d pt r [ esp+2C] ; Dat aL i nt o ct x- >S[ i ] [ j ]
0040120B mov ecx, dwor d pt r [ esp+28] ; Dat aR ct x- >S[ i ] [ j +1] ( i n ot her wor ds t he
next el ement )
As usual , we have Dat aL and Dat aR as r et ur n val ues of t he encr ypt
t hat go i nt o anot her ar r ay. . l et ' s under st and whi ch ar r ay. . . The
f i r st t hi ng t hat we see, i s t hat For Cycl e i s set up t o 128 ( i n
ot her wor ds 256/ 2) , t hi s f or i s pl aced i nsi de anot her f or ( i ndex
4) , t hat i ' ve not i nser t ed.
Thi s shoul d make you suspi ci ous. . t hese t wo val ues( 4 and 128) ar e
associ at i ve of t he 4 S- Boxes! ! ! : ) , i ndeed we can see t hat :
S-box[1] {DataL1,DataR1,....,DataL128,DataR128}
Same t hi ng f or t he ot her t hr ee S- Boxes.
Wow! and t hi s i s r eal l y t he end of our Encr ypt i on Funct i on. Thi s
wi l l hel p you t o i dent i f y Bl owf i sh wi t h al l i t s var i ant s: ) Now
l et ' s t al k about Bl owf i sh_Decr ypt ( ) f unct i on:
Blowfish_Decrypt(BLOWFISH_CTX *ctx, unsigned long *xl, unsigned long *xr)
The encr ypt i on f unct i on t akes as i nput CTX, Dat aL and Dat aR, and
i t r et ur ns Dat aL and Dat aR decr ypt ed. But you have t o pay ver y bi g
at t ent i on, because as you can see, t her e i s a massi ve use of t he
XOR oper at i on, and as you shoul d know, t o obt ai n t he i nver se ( i n
t hi s case decr ypt ) you have t o appl y t he XOR agai n. So encr ypt ( )
and decr ypt ( ) ar e t r ul y si mi l ar ! . Essent i al l y you can under st and
t he decr ypt ( ) pr i nci pal l y f or :
Xr = Xr ^ ct x- >P[ 1] ;
Xl = Xl ^ ct x- >P[ 0] ;
Many t i mes i n pr ot ect i on schemes, t o r ecogni ze some f amous
al gor i t hmyou check f or some const ant val ues ( f or exampl e i n MDx,
TEA, Ghost , et c. ) . I n Bl owf i sh we have some st ar t i ng val ues, f or
P- ar r ay:
0x243F6A88L
and f or S- box1 t he f i r st el ement i s:
0xD1310BA6L
Anot her usef ul el ement t o r ecogni ze Bl owf i sh scheme, i s t he number
of i t er at i ons and how t hey ar e i dent i f i ed.
Keygenning of Blowfish
Wr i t i ng a keygener at or f or bl owf i sh i s not a har d t ask. I nst ead,
we onl y have t o use a copy of t he var i ous sour ces ar ound t he
i nt er net ( f or exampl e Paul Kocher bl owf i sh. c and bl owf i sh. h) .
Ther e i s not hi ng of par t i cul ar t o pay at t ent i on t o wi t h t hese.
Usual l y we need t he key used f or t he encr ypt i on pr ocess, f or
exampl e we coul d wr i t e
unsi gned char szSet Key[ ] =" BAPCRHJ TET5DF4TR5YEWERKTY879432" ;
Many t i mes an Xor Mask i s used t hat we can code i n t hi s way:
unsi gned char szxor t abl e[ 8] ={0x6B, 0x74, 0x17, 0x69, 0x65, 0x1D, 0x67, 0x52};
Then t he I ni t i al i zat i on f unct i on, t hat we can code as:
BLOWFI SH_CTX bl owf i shct x;
Bl owf i sh_I ni t ( &bl owf i shct x, &szSet Key, 0x1f ) ;
Wher e t he l ast par amet er i s t he l engt h of our key, and i mmedi at el y
af t er we have t o cr eat e a l i t t l e pr ocedur e t o i nser t i nt o Dat aL
and Dat aR cor r ect dat a ( t hi s does not occur many t i mes)
__asm{
l ea esi , szName
mov eax, dwor d pt r [ esi ]
mov dt A, eax
mov eax, dwor d pt r [ esi +4]
mov dt B, eax
}
I mmedi at el y our Encr ypt ( obvi ousl y case by case t her e ar e
di f f er ent i mpl ement at i ons, t hi s i s one of t he most common
pr ot ect i on pat t er ns)
Bl owf i sh_Encr ypt ( &bl owf i shct x, &dt A, &dt B) ;
I t ' s t r ul y i mpor t ant t o speci f y t hat t her e ar e not , unf l exi bl e
codi ng pat t er ns, because we can meet a l ar ge amount of di f f er ent
cases. Her e I have shown you t he most easy, gener al and common
case t hat you' l l meet . The wor st case t hat you can see i s t he
Modi f i ed Bl owf i sh, i n ot her wor ds pr ot ect i on schemes t hat do not
i mpl ement t he canoni c bl owf i sh, but a ver si on changed i n some
aspect . Usual l y t he modi f i cat i ons t hat you' l l meet ar e not many,
her e t he most common: :
Al t er ed number of Fei st el r ounds ( common i s 32)
S- boxes have di f f er ent st ar t i ng val ues, t hi s i s al so an ant i -
det ect syst emf or aut omat ed r ecogni t i on sof t war e
F f unct i on i s modi f i ed and f r equent l y r et ur ns S[ 2] [ d] -
S[ 1] [ b] ) ^( S[ 0] [ c] +S[ 3] [ a]
Hope t hat t he ar t i cl e i s cl ear . I ' mher e f or cl ar i f i cat i ons! : )
GREETS

Regar ds t o Al l UI C: Quequer o, Andr eaGeddon, Lonel yWol f , Zai r on,
Li t t l eLuck, and RET: Devi ne9, Bl ack- Eye, Bi g- S, Li bX, Ai ml ess. . and
al l ot her s : )