1Crypt::Eksblowfish::UklUbsleorwfCiosnht(r3i)buted Perl DCorcyupmte:n:tEaktsibolnowfish::Uklblowfish(3)
2
3
4
6 Crypt::Eksblowfish::Uklblowfish - Blowfish cipher with unrestricted key
7 length
8
10 use Crypt::Eksblowfish::Uklblowfish;
11
12 $block_size = Crypt::Eksblowfish::Uklblowfish->blocksize;
13 $key_size = Crypt::Eksblowfish::Uklblowfish->keysize;
14
15 $cipher = Crypt::Eksblowfish::Uklblowfish->new($key);
16
17 $block_size = $cipher->blocksize;
18 $ciphertext = $cipher->encrypt($plaintext);
19 $plaintext = $cipher->decrypt($ciphertext);
20
21 $p_array = $cipher->p_array;
22 $s_boxes = $cipher->s_boxes;
23 if($cipher->is_weak) { ...
24
26 An object of this type encapsulates a keyed instance of the Blowfish
27 block cipher, ready to encrypt and decrypt. However, if you're looking
28 for an implementation of Blowfish you most likely want
29 Crypt::Eksblowfish::Blowfish. This class differs from the standard
30 Blowfish in that it accepts some keys that Blowfish officially does not
31 permit.
32
33 Blowfish is a symmetric cipher algorithm designed by Bruce Schneier in
34 1993. It operates on 64-bit blocks, and takes a variable-length key.
35 Officially the key can vary from 32 bits (4 octets) to 448 bits (56
36 octets) in increments of 8 bits (1 octet). In fact the algorithm can
37 easily operate on a key of any number of octets from 1 (8 bits) to 72
38 (576 bits). Some implementations don't enforce the official key length
39 limits, and so for compatibility it is sometimes necessary to handle a
40 Blowfish key of a prohibited length. That is what this class is for.
41 The "Ukl" in the name stands for "unrestricted key length".
42
43 Using a very short key is generally a bad idea because there aren't
44 very many keys of that length and so it's easy for an attacker to try
45 them all. The official 32-bit minimum for Blowfish was already far too
46 short for serious security at the time that Blowfish was designed. (A
47 machine to crack 56-bit DES keys by brute force in a few days each was
48 publicly built only five years later.) Do not base your security on
49 the secrecy of a short key.
50
51 Using overlong keys has more interesting effects, which depend on
52 internal features of Blowfish. When the key exceeds 64 octets (512
53 bits), varying key bits past that length results in subkeys which have
54 predictable relationships. There is also some possibility of
55 equivalent keys when the keys exceed 64 octets and differ only in the
56 first 8 octets (64 bits). These phenomena have not been extensively
57 studied in the open literature, so it is difficult to judge the degree
58 of cryptographic weakness that results from them. It is clear that
59 beyond some length Blowfish keys do not have as much strength as their
60 length would suggest, and it is possible that overlong keys have
61 specific weaknesses that render them weaker than shorter keys. If
62 choosing a key for security, it is advised to stay within the official
63 length limit of 56 octets.
64
65 In summary: using Blowfish keys of officially-unsupported lengths
66 causes security problems. If you are using Blowfish for security, and
67 have the choice, use a key of an officially-supported length (and a
68 standard implementation such as Crypt::Eksblowfish::Blowfish). Use
69 out-of-range key lengths (and this class) only for compatibility or
70 cryptanalytic reasons.
71
73 Crypt::Eksblowfish::Uklblowfish->blocksize
74 Returns 8, indicating the Blowfish block size of 8 octets. This
75 method may be called on either the class or an instance.
76
77 Crypt::Eksblowfish::Uklblowfish->keysize
78 Returns 0, indicating that the key size is variable. This
79 situation is handled specially by "Crypt::CBC".
80
82 Crypt::Eksblowfish::Uklblowfish->new(KEY)
83 Performs key setup on a new instance of the Blowfish algorithm,
84 returning the keyed state. The KEY may be any length from 1 octet
85 to 72 octets inclusive.
86
88 $cipher->blocksize
89 Returns 8, indicating the Blowfish block size of 8 octets. This
90 method may be called on either the class or an instance.
91
92 $cipher->encrypt(PLAINTEXT)
93 PLAINTEXT must be exactly eight octets. The block is encrypted,
94 and the ciphertext is returned.
95
96 $cipher->decrypt(CIPHERTEXT)
97 CIPHERTEXT must be exactly eight octets. The block is decrypted,
98 and the plaintext is returned.
99
100 $cipher->p_array
101 $cipher->s_boxes
102 These methods extract the subkeys from the keyed cipher. This is
103 not required in ordinary operation. See the superclass
104 Crypt::Eksblowfish::Subkeyed for details.
105
106 $cipher->is_weak
107 This method checks whether the cipher has been keyed with a weak
108 key. It may be desired to avoid using weak keys. See the
109 superclass Crypt::Eksblowfish::Subkeyed for details.
110
111 This method does not detect any cryptographic weaknesses that might
112 result from the related-key properties and other features of
113 overlong keys.
114
116 Crypt::Eksblowfish::Blowfish
117
119 Eksblowfish guts originally by Solar Designer (solar at openwall.com).
120
121 Modifications and Perl interface by Andrew Main (Zefram)
122 <zefram@fysh.org>.
123
125 Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Andrew Main (Zefram)
126 <zefram@fysh.org>
127
128 The original Eksblowfish code (in the form of crypt()) from which this
129 module is derived is in the public domain. It may be found at
130 <http://www.openwall.com/crypt/>.
131
133 This module is free software; you can redistribute it and/or modify it
134 under the same terms as Perl itself.
135
136
137
138perl v5.36.0 2023-01-20Crypt::Eksblowfish::Uklblowfish(3)