1Crypt::Eksblowfish::SubUkseeyredC(o3nptmr)ibuted Perl DoCcruympetn:t:aEtkisobnlowfish::Subkeyed(3pm)
2
3
4

NAME

6       Crypt::Eksblowfish::Subkeyed - Blowfish/Eksblowfish with access to
7       subkeys
8

SYNOPSIS

10               use Crypt::Eksblowfish::Subkeyed;
11
12               $block_size = Crypt::Eksblowfish::Subkeyed->blocksize;
13
14               $cipher = Crypt::Eksblowfish::Subkeyed
15                               ->new_from_subkeys(\@p_array, \@s_boxes);
16               $cipher = Crypt::Eksblowfish::Subkeyed->new_initial;
17
18               $block_size = $cipher->blocksize;
19               $ciphertext = $cipher->encrypt($plaintext);
20               $plaintext = $cipher->decrypt($ciphertext);
21
22               $p_array = $cipher->p_array;
23               $s_boxes = $cipher->s_boxes;
24               if($cipher->is_weak) { ...
25

DESCRIPTION

27       An object of this class encapsulates a keyed instance of the Blowfish
28       or Eksblowfish block cipher, ready to encrypt and decrypt.  Normally
29       this class will not be used directly, but through subclasses such as
30       Crypt::Eksblowfish.
31
32       Eksblowfish is a variant of the Blowfish cipher with a modified key
33       setup algorithm.  This class doesn't implement either form of key
34       setup, but only provides the actual encryption and decryption parts of
35       the ciphers.  This part is shared between Blowfish and Eksblowfish, and
36       also any other cipher that uses the core of Blowfish but supplies its
37       own key setup.  This class has "Eksblowfish" in its name rather than
38       "Blowfish" merely due to the historical accident that it is derived
39       from the encryption engine that was used to implement Eksblowfish.
40
41       The key setup phase of a block cipher, also known as the "key
42       schedule", produces a set of "subkeys", which are somewhat like
43       ordinary cryptographic keys (which are the input to the key setup
44       algorithm) but are much larger.  In some block ciphers the subkeys also
45       have special interrelationships.  In Blowfish the subkeys consist of a
46       "P-array" of 18 32-bit entries (one per encryption round plus two more)
47       and four "S-boxes" ("S" is for "substitution") each of which consists
48       of 256 32-bit entries.  There is no special relationship between the
49       values of the subkeys.
50
51       Methods in this class allow a cipher object to be constructed from a
52       full set of subkeys, and for the subkeys to be extracted from a cipher
53       object.  Normal users don't need to do either of these things.  It's
54       mainly useful when devising a new key schedule to stick onto the
55       Blowfish core, or when performing cryptanalysis of the cipher
56       algorithm.
57
58       Generating subkeys directly by a strong random process, rather than by
59       expansion of a smaller random key, is an expensive and slightly bizarre
60       way to get greater cryptographic strength from a cipher algorithm.  It
61       eliminates attacks on the key schedule, and yields the full strength of
62       the core algorithm.  However, this is always a lot less strength than
63       the amount of subkey material, whereas a normal key schedule is
64       designed to yield strength equal to the length of the (much shorter)
65       key.  Also, any non-randomness in the source of the subkey material is
66       likely to lead to a cryptographic weakness, whereas a key schedule
67       conceals any non-randomness in the choice of the key.
68

CLASS METHODS

70       Crypt::Eksblowfish::Subkeyed->blocksize
71           Returns 8, indicating the Eksblowfish block size of 8 octets.  This
72           method may be called on either the class or an instance.
73

CONSTRUCTOR

75       Crypt::Eksblowfish::Subkeyed->new_from_subkeys(ROUND_KEYS, SBOXES)
76           Creates a new Blowfish cipher object encapsulating the supplied
77           subkeys.  ROUND_KEYS must be a reference to an array of 18 32-bit
78           integers.  SBOXES must be a reference to an array of four
79           references to 256-element arrays of 32-bit integers.  These subkeys
80           are used in the standard order for Blowfish.
81
82       Crypt::Eksblowfish::Subkeyed->new_initial
83           The standard Blowfish key schedule is an iterative process, which
84           uses the cipher algorithm to progressively replace subkeys, thus
85           mutating the cipher for subsequent iterations of keying.  The
86           Eksblowfish key schedule works similarly, but with a lot more
87           iterations.  In both cases, the key setup algorithm begins with a
88           standard set of subkeys, consisting of the initial bits of the
89           fractional part of pi.  This constructor creates and returns a
90           Blowfish block cipher object with that standard initial set of
91           subkeys.  This is probably useful only to designers of novel key
92           schedules.
93

METHODS

95       $cipher->blocksize
96           Returns 8, indicating the Eksblowfish block size of 8 octets.  This
97           method may be called on either the class or an instance.
98
99       $cipher->encrypt(PLAINTEXT)
100           PLAINTEXT must be exactly eight octets.  The block is encrypted,
101           and the ciphertext is returned.
102
103       $cipher->decrypt(CIPHERTEXT)
104           CIPHERTEXT must be exactly eight octets.  The block is decrypted,
105           and the plaintext is returned.
106
107       $cipher->p_array
108           Returns a reference to an 18-element array containing the 32-bit
109           round keys used in this cipher object.
110
111       $cipher->s_boxes
112           Returns a reference to a 4-element array containing the S-boxes
113           used in this cipher object.  Each S-box is a 256-element array of
114           32-bit entries.
115
116       $cipher->is_weak
117           Returns a truth value indicating whether this is a weak key.  A key
118           is considered weak if any S-box contains a pair of identical
119           entries (in any positions).  When Blowfish is used with such an
120           S-box, certain cryptographic attacks are possible that are not
121           possible against most keys.  The current (as of 2007) cryptanalytic
122           results on Blowfish do not include an actual break of the algorithm
123           when weak keys are used, but if a break is ever developed then it
124           is likely to be achieved for weak keys before it is achieved for
125           the general case.
126
127           About one key in every 2^15 is weak (if the keys are randomly
128           selected).  Because of the complicated key schedule in standard
129           Blowfish it is not possible to predict which keys will be weak
130           without first performing the full key setup, which is why this is a
131           method on the keyed cipher object.  In some uses of Blowfish it may
132           be desired to avoid weak keys; if so, check using this method and
133           generate a new random key when a weak key is detected.  Bruce
134           Schneier, the designer of Blowfish, says it is probably not worth
135           avoiding weak keys.
136

SEE ALSO

138       Crypt::Eksblowfish, Crypt::Eksblowfish::Blowfish,
139       <http://www.schneier.com/paper-blowfish-fse.html>
140

AUTHOR

142       Eksblowfish guts originally by Solar Designer (solar at openwall.com).
143
144       Modifications and Perl interface by Andrew Main (Zefram)
145       <zefram@fysh.org>.
146
148       Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Andrew Main (Zefram)
149       <zefram@fysh.org>
150
151       The original Eksblowfish code (in the form of crypt()) from which this
152       module is derived is in the public domain.  It may be found at
153       <http://www.openwall.com/crypt/>.
154

LICENSE

156       This module is free software; you can redistribute it and/or modify it
157       under the same terms as Perl itself.
158
159
160
161perl v5.38.0                      2023-07-20 Crypt::Eksblowfish::Subkeyed(3pm)
Impressum