This action might not be possible to undo. Are you sure you want to continue?

# A Study of DES and Blowfish Encryption Algorithm

Tingyuan Nie

Communication and Electronic Engineering Institute Qingdao Technological University Qingdao, China tynie@qtech.edu.cn

Abstract—With the rapid growing of internet and networks applications, data security becomes more important than ever before. Encryption algorithms play a crucial role in information security systems. In this paper, we have a study of the two popular encryption algorithms: DES and Blowfish. We overviewed the base functions and analyzed the security for both algorithms. We also evaluated performance in execution speed based on different memory sizes and compared them. The experimental results show the relationship between function run speed and memory size. Keywords-Encryption Algorithm; DES; Blowfish

Teng Zhang

Communication and Electronic Engineering Institute Qingdao Technological University Qingdao, China

Signatures). Public key is known to the public while private key is known only to the user. There is no need for distributing them prior to transmission. However, public key encryption is based on mathematical functions, computationally intensive and is not very efficient for small mobile devices such as cell phone, PDA, and so on. In some occasion, legal, commercial, and other documents need to be signed. Accordingly, various schemes have been devised for digital signatures, using both private-key and public-key algorithms. There are a variety of different types of encryption methods, basically the methods of producing cipher text are stream cipher (such as RC4) and block cipher (such as DES, blowfish and so on). The two methods are similar except for the amount of data each encrypts on each pass. Most modern encryption schemes use some form of a block cipher. Other special encryption method is the one way encryption whose encrypting process is irreversible (for instance password encryption on UNIX systems), and hybrid systems by combining public and private key cryptosystems (such as Pretty Good Privacy (PGP)). In this paper, we study the algorithms of common DES and Blowfish. They are both symmetric key encryption algorithms using block cipher. Referencing their encryption process methods, we analyze their security. And do experiments to evaluate performance of two encryption algorithms using different memory sizes. From the experimental results, we find the relationship between encryption speed and computer memory utilization. We also show the advantages and disadvantages of both encryption algorithms. The remainder of this paper is organized as follows. We review the related works in section 2. Introduce the two encryption algorithms and analyze the security in section 3. And show the evaluation in section 4, followed by conclusion in section 5. II. RELATED WORKS

I.

INTRODUCTION

Encryption is the process of transforming plaintext data into cipher text in order to conceal its meaning and so preventing any unauthorized recipient from retrieving the original data. Hence, the main task of encryption is to ensure secrecy. Companies usually encrypt their data before transmission to ensure that the data is secure during transit. The encrypted data is sent over the public network and is decrypted by the intended recipient. There are many encryption algorithms are developed and widely used for information security. They can be categorized into symmetric (private) and asymmetric (public) keys encryption. Symmetric keys encryption only uses one key to encrypt and decrypt data. The key should be distributed before transmission between entities. Keys play a very important role because if weak key is used in algorithm then everyone may decrypt the data. Strength of Symmetric key encryption depends on the size of used key. For the same algorithm, encryption using longer key is harder to break than the one done using smaller key. There are many examples of strong and weak keys of cryptography algorithms like RC2, DES, 3DES, RC6, Blowfish, and AES. RC2 and DES use one 64-bit key. Triple DES (3DES) uses three 64-bits keys while AES uses various (128,192,256) bits keys. Blowfish uses various (32-448) key. RC6 uses various (128,192,256) bit keys where default is 128 bits [1-3]. Asymmetric key encryption is used to solve the problem of key distribution. In Asymmetric keys, two keys are used: private and public keys. Public key is used for encryption and private key is used for decryption (E.g. RSA and Digital

A Project of Shandong Province Higher Educational Science and Technology Program (No. J09LG10)

As [5], every security system must provide a bundle of security functions that assure the secrecy of the system. These functions are usually referred to as the goals of the security system. These goals can be listed as following: Authentication: Before sending and receiving data using the system, the receiver and sender identity should be verified.

978-1-4244-4547-9/09/$26.00 ©2009 IEEE

1

TENCON 2009

It can be optimized in hardware applications due to its compactness. and other domains in the last decades. RC2. It also shows that 3DES has almost 1/3 throughput of DES. Figure 1. III. Blowfish and RC2 having a performance evaluation in [3]. The algorithm processes with an initial permutation. The results showed that Blowfish had a very good performance compared to other algorithms. DES Algorithm DES (Data Encryption Standard) was the first encryption standard to be recommended by NIST (National Institute of Standards and Technology). The algorithm was first introduce in 1993.1. designed the Blowfish algorithm [2] and made it available in the public domain. Elminaam et al. Blowfish is a variable length key. namely it needs 3 times of DES to process the same amount of data.and data-dependent substitution. one of the world's leading cryptologists. military. selected several symmetric encryption algorithms such as AES. Integrity: Integrity means that the content of the communicated data is assured to be free from any type of modification between the end points (sender and receiver). which may affect their availability and type of service to their users. Non-Repudiation: This function implies that neither the sender nor the receiver can falsely deny that they have sent a certain message. A. battery power consumption and so on. we have an overview and cryptanalysis for both DES and Blowfish algorithms. Blowfish algorithm The algorithm is shown in Fig. Key expansion converts a key of at most 448 bits into several sub-key arrays totaling 4168 bytes. It was developed by an IBM team around 1974 and adopted as a national standard in 1997 [6].Secrecy or Confidentiality: Usually this function is how most people identify a secure system. AES. DES algorithm. Service Reliability and Availability: Since secure systems usually get attacked by intruders. There are variants like 3DES [7]. 2 . Data encryption occurs via a 16-round (commonly) network. The flow of DES algorithm is shown in Fig. and AES had a better performance than 3DES and DES. 3DES. All operations are XORs and additions on 32-bit words. we analyze the security of both encryption algorithms and emphasize speedmemory relation research. ENCRYPTION ALGORITHM ANALYSIS In this section. It consists of two parts: a key-expansion part and a data. DES is a 64bit block cipher under 56-bit key. and Blowfish. the performance evaluation becomes very important to the existing encryption algorithms. The only additional operations are four indexed array data lookups per round. Higher key size leads to clear change in the battery and time consumption. RC6. and a key. Each round consists of a key-dependent permutation.2. the encryption algorithms must provide enough strength with high security implemented in an accepted speed limitation. Such systems should provide a way to grant their users the quality of service they expect. In this paper. Figure 2. 3DES. DES. Blowfish has better performance than other common encryption algorithms used. RC6 and Blowfish has disadvantage over other algorithms in terms of time consumption. The basic form of integrity is packet check sum in IPv4 packets. It means that only the authenticated people are able to interpret the message content and no one else. They concluded: there is no significant difference when the results are displayed either in hexadecimal base encoding or in base 64 encoding. The performance of the algorithms was compared by encrypting input files of varying contents and sizes on two different hardware platforms. Blowfish Algorithm Bruce Schneier. followed by RC6. B.encryption part. and has not been cracked yet. sixteen rounds block cipher and a final permutation. Therefore. DES application is very popular in commercial. To achieve the goals of security system. 64-bit block cipher. In the case of changing data type such as image. Most of above related works focused on the analysis of encryption/decryption speed of different input type. AES [8] by enhancing DES function. Many approaches are proposed: The research of [4] is conducted for different popular secret key algorithms such as DES.

1230) Avg:0.1250.0. from 96M to 992M.8350 Avg:0.0. We show four different runtime test values in row 2 and row 3. From above analysis.0.1503 96M (1.1528 Avg:0. DES runtime improved rapidly from 224M memory size and became steady.1240.1245 736M (0. Although Blowfish is optimized for applications. A software implementation of this attack recovered a DES key in 50 days using 12 HP9000/735 workstations which is the most effective attack so far [11].8330. The experimental results are shown in Table 1.8330. Corresponding to different memory size.0.0. However.1540) (0.03% 85.0.1240. (1) 3 . Speed Estimation We realized the algorithms in C language program under Windows XP OS.8340.8463 Avg:0.1234 480M (0. We calculate the average value for one-time encryption speed.1230) (0.1240.0.8360) (0. which calculated in formulation (1).1240) (0.0.1245 992M (0. we conclude Blowfish runs much faster than DES yet consumes lager memory simultaneously.C. this attack can recover the key with an average of 243 known plaintexts.1260) Difference 86. This can be converted to a known plaintext attack. but became steady in 352M memory size.8450.8350. Linear cryptanalysis is another type of cryptanalytic attack invented by Mitsuru Matsui.8370) (0. DES can provide a certain security guarantee in some degree by optimizing the construction of Sboxes.96% 83. TABLE 1 RUNTIME for DES and BLOWFISH Runtime（µs) Memory Size DES Blowfish Avg:1.1240) Avg:0. However.1240.0.8330. we analyze the algorithms’ strength against attacks from two aspects: differential cryptanalysis and linear cryptanalysis. and show the average runtime in row 1.8360) (0.1270) (0.0.1500.8520.0.0.4.8370 Avg:0. but requires 255 known plaintexts.0. They found a chosen-plaintext attack against DES which was more efficient than brute force.0.8330) (0.0.0. D. The second large column displays the algorithm runtime which includes two sub-columns: DES runtime and Blowfish runtime.1500) (1.1370.1373 224M (0. there are three rows for DES and Blowfish runtime column. there is no successful cryptanalysis against Blowfish. From the results.1370) (0.0. We think this is because Blowfish function needs much more memory to initialize sub-keys and S-boxes than DES function. The attack uses linear approximations to describe the action of a block cipher [10].0.8445 Avg:0. Against full 16-round DES.1230) Avg:0. Bruce Schneier show differential cryptanalysis on Blowfish is possible either against a reduced number of rounds or with the piece of information which describes the F function. DES became effective from 224M memory relatively.00GHz in the experiment. We estimated the performance of the algorithms by using a PC with CPU Pentium (R) 4 3.8340) (0.8440 Avg:0. the boxes are well designed to resist to an attacks while they are randomly generated in Blowfish [12].1240.0. DES Runtime .1520. The first column shows memory sizes.1230.1240) Avg:0.8810) (0.1510) Avg:0.0.8740) (0. It can also be considered that Blowfish function needs much more memory to initialize sub-keys and S-boxes than DES.0.8340) (0. The best attack against full 16-round DES requires 247 chosen plaintexts.1250 608M (0. the large memory requirement makes it infeasible for smart card applications. It also shows Blowfish used less time to encrypt the same text.1520. The fourth column displays difference ratio between DES and Blowfish function runtime.Blowfish DES Runtime Runtime × 100 % We can see.1530) (0. the resistance of DES can be improved by increasing the number of rounds [9].8330) (0.1270) (0.8380. The attack is heavily dependent on the structure of the S-boxes which happen to be optimized against differential cryptanalysis in DES.26% Figure 3.1500.8330.8320. We implemented the program to run 109 times encryption for a plaintext of 256 characters.3.8330 Avg:0.1230.1234 352M (0.1230.8340) (0.8330.0.42% 85.1240) (0. Both DES and Blowfish run slow in 92M memory size.1430) Avg:0.0.0. From the curve in Fig.60% 85. Eli Biham and Adi Shamir introduced differential cryptanalysis in 1990.1. In addition.1320. And 237 DES operations are required during analysis.0. Blowfish also improved from 224M memory size. As we know. Runtime comparison between DES and Blowfish It illustrates runtime varied with memory size more clearly in Fig.8590) (0.8340) (0. Linear cryptanalysis is newer than differential cryptanalysis and it is efficient against reduced round DES variants.1230.1.8330.0. we can also see the runtime difference ratio between DES and Blowfish decreased rapidly in 224M memory and became steady from 352M memory.19% 85.25% 85. Security Analysis In this section. Blowfish run much faster than DES.

8 No. pp. We overviewed the basic flow of the two algorithms and analyzed the security. [6] “Data Encryption Standard. ICICT 2005. Barker. National Bureau of Standards. Shamir. pp. SpringerVerlag.” NIST Special Publication 800-67 Version 1. May 2008. Both algorithms have high security to resist differential cryptanalysis and linear cryptanalysis attacks.[1] Figure 4. MA. December 2008. January 15. We evaluated encryption function speed based on different memory sizes. [10] M. 1993.12. "The First Experimental Cryptanalysis of the Data Encryption Standard. 1977. Boston. [8] Daemen. A. March 2001. J. Elminaam. pp.html [3] Diaa Salama Abdul. Vaudenay. Auerbach Publications. [4] Nadeem. pp. 46. Springer-Verlag. First International Conference.."IBM Journal of Research and Development. 243 -250.1. we studied two popular encryption algorithms: DES and Blowfish. 2008. 386-397.” in IJCSNS International Journal of Computer Science and Network Security. CONCLUSION In this paper. REFERENCES Coppersmith. 2006. 2005. Hatem Mohamed Abdul Kader and Mohie Mohamed Hadhoud3. D. 4 . 84. vol. 1996. "Linear Cryptanalysis Method for DES Cipher. pp. pp.” Federal Information Processing Standards Publication No. Springer-Verlag. May 1994."D r. pp. 280286. Wireless Security Handbook. Dobb's Journal.Y. V. “Performance Evaluation of Symmetric Encryption Algorithms. "A Performance Comparison of Data Encryption Algorithms..496.” Fast Software Encryption. [5] Aaron E. 487.89. 2005. Springer-Verlag. [7] William C. “On the Weak Keys in Blowfish.com/blowfish. 27-32. and Javed. [2] Bruce Schneier. The experimental results show Blowfish is much faster than DES but the speed increasing for Blowfish is slower compared to DES because it needs much more memory for sub-key and Sboxes initialization." Advances in Cryptology-CRYPTO '94 Proceedings. Third International Workshop Proceedings.schneier. [11] M. The Blowfish Encryption Algorithm Retrieved October 25. “Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher. M. 1994. 137-139. Runtime difference ratio between DES and Blowfish IV. "Differential Cryptanalysis of the Full 16Round DES. [12] S." Advances in Cryptology-EUROCRYPT '93 Proceedings." Advances in Cryptology-CRYPTO '92 Proceedings. Earle. and Rijmen. Matsui. [9] E. "The Data Encryption Standard (DES) and Its Strength Against Attacks. http://www. 1994. "Rijndael: The Advanced Encryption Standard. February. Matsui." IEEE Information and Communication Technologies. 1-11. pp. Biham and A.