1blowfish(n)                  Blowfish Block Cipher                 blowfish(n)
2
3
4
5______________________________________________________________________________
6

NAME

8       blowfish - Implementation of the Blowfish block cipher
9

SYNOPSIS

11       package require Tcl  8.4
12
13       package require blowfish  ?1.0.5?
14
15       ::blowfish::blowfish  ?-mode  [ecb|cbc]?  ?-dir [encrypt|decrypt]? -key
16       keydata ?-iv vector? ?-out channel? ?-chunksize size? ?-pad padchar?  [
17       -in channel | ?--? data ]
18
19       ::blowfish::Init mode keydata iv
20
21       ::blowfish::Encrypt Key data
22
23       ::blowfish::Decrypt Key data
24
25       ::blowfish::Reset Key iv
26
27       ::blowfish::Final Key
28
29______________________________________________________________________________
30

DESCRIPTION

32       This  package is an implementation in Tcl of the Blowfish algorithm de‐
33       veloped by Bruce Schneier [1]. Blowfish is a 64-bit  block  cipher  de‐
34       signed to operate quickly on 32 bit architectures and accepting a vari‐
35       able key length. This implementation supports ECB and CBC mode blowfish
36       encryption.
37

COMMANDS

39       ::blowfish::blowfish  ?-mode  [ecb|cbc]?  ?-dir [encrypt|decrypt]? -key
40       keydata ?-iv vector? ?-out channel? ?-chunksize size? ?-pad padchar?  [
41       -in channel | ?--? data ]
42              Perform  the  blowfish  algorithm on either the data provided by
43              the argument or on the data read from the  -in  channel.  If  an
44              -out  channel  is  given then the result will be written to this
45              channel.
46
47              The -key option must be given. This  parameter  takes  a  binary
48              string  of  variable length and is used to generate the blowfish
49              key schedule. You should be aware that creating a  key  schedule
50              is  quite  an  expensive  operation  in  blowfish so it is worth
51              reusing the key where possible. See Reset.
52
53              The -mode and -dir options are optional and default to cbc  mode
54              and encrypt respectively. The initialization vector -iv takes an
55              8 byte binary argument which defaults to 8 zeros.  See MODES  OF
56              OPERATION for more about available modes and their uses.
57
58              Blowfish is a 64-bit block cipher. This means that the data must
59              be provided in units that are a multiple of 8 bytes.  The  blow‐
60              fish command will by default add nul characters to pad the input
61              data to a multiple of 8 bytes if necessary. The programming  api
62              commands  will never add padding and instead will raise an error
63              if the input is not a multiple of the block size. The  -pad  op‐
64              tion  can  be used to change the padding character or to disable
65              padding if the empty string is provided as the argument.
66

PROGRAMMING INTERFACE

68       ::blowfish::Init mode keydata iv
69              Construct a new blowfish key schedule using  the  specified  key
70              data  and  the  given  initialization vector. The initialization
71              vector is not used with ECB mode but is important for CBC  mode.
72              See MODES OF OPERATION for details about cipher modes.
73
74       ::blowfish::Encrypt Key data
75              Use  a prepared key acquired by calling Init to encrypt the pro‐
76              vided data. The data argument should be a binary array that is a
77              multiple  of  the  block size of 8 bytes. The result is a binary
78              array the same size as the input of encrypted data.
79
80       ::blowfish::Decrypt Key data
81              Decipher data using the key. Note that the same key may be  used
82              to  encrypt  and  decrypt  data provided that the initialization
83              vector is reset appropriately for CBC mode.
84
85       ::blowfish::Reset Key iv
86              Reset the initialization vector. This permits the programmer  to
87              re-use  a key and avoid the cost of re-generating the key sched‐
88              ule where the same key data is being used multiple times.
89
90       ::blowfish::Final Key
91              This should be called to clean up resources associated with Key.
92              Once  this  function  has  been  called  the key may not be used
93              again.
94

MODES OF OPERATION

96       Electronic Code Book (ECB)
97              ECB is the basic mode of all block ciphers. Each  block  is  en‐
98              crypted  independently  and so identical plain text will produce
99              identical output when encrypted with the same key.  Any  encryp‐
100              tion errors will only affect a single block however this is vul‐
101              nerable to known plaintext attacks.
102
103       Cipher Block Chaining (CBC)
104              CBC mode uses the output of the last block encryption to  affect
105              the  current block. An initialization vector of the same size as
106              the cipher block size is used to handle  the  first  block.  The
107              initialization  vector should be chosen randomly and transmitted
108              as the first block of the output. Errors  in  encryption  affect
109              the current block and the next block after which the cipher will
110              correct itself. CBC is the most commonly used mode  in  software
111              encryption.
112

EXAMPLES

114              % blowfish::blowfish -hex -mode ecb -dir encrypt -key secret01 "hello, world!"
115              d0d8f27e7a374b9e2dbd9938dd04195a
116
117
118
119               set Key [blowfish::Init cbc $eight_bytes_key_data $eight_byte_iv]
120               append ciphertext [blowfish::Encrypt $Key $plaintext]
121               append ciphertext [blowfish::Encrypt $Key $additional_plaintext]
122               blowfish::Final $Key
123
124

REFERENCES

126       [1]    Schneier,  B.  "Applied  Cryptography,  2nd edition", 1996, ISBN
127              0-471-11709-9, pub. John Wiley & Sons.
128

AUTHORS

130       Frank Pilhofer, Pat Thoyts
131

BUGS, IDEAS, FEEDBACK

133       This document, and the package it describes, will  undoubtedly  contain
134       bugs  and  other problems.  Please report such in the category blowfish
135       of the Tcllib Trackers [http://core.tcl.tk/tcllib/reportlist].   Please
136       also  report any ideas for enhancements you may have for either package
137       and/or documentation.
138
139       When proposing code changes, please provide unified diffs, i.e the out‐
140       put of diff -u.
141
142       Note  further  that  attachments  are  strongly  preferred over inlined
143       patches. Attachments can be made by going  to  the  Edit  form  of  the
144       ticket  immediately  after  its  creation, and then using the left-most
145       button in the secondary navigation bar.
146

SEE ALSO

148       3des, des, rc4
149

KEYWORDS

151       block cipher, blowfish, cryptography, encryption, security
152

CATEGORY

154       Hashes, checksums, and encryption
155
157       Copyright (c) 2003, Pat Thoyts <patthoyts@users.sourceforge.net>
158
159
160
161
162tcllib                               1.0.5                         blowfish(n)
Impressum