Click here to Skip to main content
Click here to Skip to main content

A C++ Implementation of the Blowfish Encryption/Decryption method

, 26 Sep 2001
Rate this:
Please Sign up or sign in to vote.
An article presenting a C++ implementation of the Blowfish encryption/decryption method
<!-- Download Links --> <!-- Add the rest of your HTML here -->

Introduction

Blowfish is an encryption algorithm that can be used as a replacement for the DES or IDEA algorithms. It is a symmetric (i.e. uses the same secret key for both encryption and decryption) block cipher (encrypts data in 8-byte blocks) that uses a variable-length key, from 32 (4 bytes) bits to 448 bits (56 bytes). Blowfish was designed in 1993 by Bruce Schneier as an alternative to existing encryption algorithms. Designed with 32-bit instruction processors in mind, it is significantly faster than DES. Since its origin, it has been analyzed considerably. Blowfish is unpatented, license-free, and available free for all uses. The algorithm consists of two parts: a key-expansion part and a data-encryption part. Key expansion converts a variable key of at least 4 and at most 56 bytes into several subkey arrays totalling 4168 bytes. Blowfish has 16 rounds. Each round consists of a key-dependent permutation, and a key and data-dependent substitution. All operations are XORs and additions on 32-bit words. The only additional operations are four indexed array data lookups per round. Blowfish uses a large number of subkeys. These keys must be precomputed before any data encryption or decryption.

A more detailed article describing the Blowfish algorithm can be found at http://www.schneier.com/blowfish.html

The C++ implementation presented in this article was tested against the test vectors provided by Eric Young at http://www.counterpane.com/vectors.txt. The results were identical with one exception which in my opinion could be a typing error in the referenced Internet file.

Implementation

The public user interface of the CBlowfish class is given bellow:

class CBlowFish
{
public:
  //Constructor - Initialize the P and S boxes for a given Key
  CBlowFish(unsigned char* ucKey, size_t n, <BR>            const SBlock& roChain = SBlock(0UL,0UL));
  //Resetting the chaining block
  void ResetChain();
  // Encrypt/Decrypt Buffer in Place
  void Encrypt(unsigned char* buf, size_t n, int iMode=ECB);
  void Decrypt(unsigned char* buf, size_t n, int iMode=ECB);
  // Encrypt/Decrypt from Input Buffer to Output Buffer
  void Encrypt(const unsigned char* in, unsigned char* out, 
               size_t n, int iMode=ECB);
  void Decrypt(const unsigned char* in, unsigned char* out, 
               size_t n, int iMode=ECB);
};

In the constructor, a user-supplied key material of specified size is used to generate the subkey arrays. Also the chain block is initialized with the specified value.

The function ResetChain() is used to reset the chaining block before starting a new encryption or decryption operation.

The first variant of the Encrypt() function is used for in place encryption of a block of data of the specified size applying the specified operation mode. The block size should be a multiple of 8. This function can operate in the following modes: ECB, CBC or CFB. In ECB mode, chaining is not used. If the same block is encrypted twice with the same key, the resulting ciphertext blocks are the same. In CBC mode a ciphertext block is obtained by first XOR-ing the plaintext block with the previous ciphertext block, and encrypting the resulting value. In CFB mode a ciphertext block is obtained by encrypting the previous ciphertext block and XOR-ing the resulting value with the plaintext. The operation mode is specified in the iMode parameter with ECB being the default value. For the second variant of the Encrypt() function the encryption result is delivered in an output buffer.

The Decrypt() functions are the reverse of the Encrypt() functions presented above.

Usage Examples

The use of CBlowfish class is very easy. In the first code snippet example a key of 8 bytes in size is applied to an 8 byte block. The initial chain block is a null block. The block "aaaabbbb" is encrypted and then decrypted back.

try
{
  char szHex[17];
  //Initialization
  CBlowFish oBlowFish((unsigned char*)"abcdefgh", 8);
  char szDataIn[] = "aaaabbbb";
  char szDataOut[17] = "\0\0\0\0\0\0\0\0";
  //Encryption
  oBlowFish.Encrypt((unsigned char*)szDataIn, (unsigned char*)szDataOut, 8);
  CharStr2HexStr((unsigned char*)szDataIn, szHex, 8);
  cout << szHex << endl;
  CharStr2HexStr((unsigned char*)szDataOut, szHex, 8);
  cout << szHex << endl;
  memset(szDataIn, 0, 8);
  //Decryption
  oBlowFish.Decrypt((unsigned char*)szDataOut, (unsigned char*)szDataIn, 8);
  CharStr2HexStr((unsigned char*)szDataIn, szHex, 8);
  cout << szHex << endl;
}
catch(exception& roException)
{
  cout << roException.what() << endl;
}

In the next code snippet example a key of 16 bytes in size is applied to a larger block of data of 48 bytes size (the block of data size should be a multiple of the block size which is always 8 bytes). The initial chain block is a null block. The block "ababababccccccccababababccccccccababababcccccccc" is encrypted and then decrypted back in all the operation modes (ECB, CBC and CFB). Notice that for the chaining operating modes the chain block has to be reset before decrypting back.

try
{
  CBlowFish oBlowFish((unsigned char*)"1234567890123456", 16);
  char szDataIn1[49] = "ababababccccccccababababccccccccababababcccccccc";
  char szDataIn[49];
  char szDataOut[49];
  memset(szDataIn, 0, 49);
  memset(szDataOut, 0, 49);

  //Test ECB
  strcpy(szDataIn, szDataIn1);
  memset(szDataOut, 0, 49);
  oBlowFish.Encrypt((unsigned char*)szDataIn, 
                    (unsigned char*)szDataOut, 48, CBlowFish::ECB);
  memset(szDataIn, 0, 49);
  oBlowFish.Decrypt((unsigned char*)szDataOut, 
                    (unsigned char*)szDataIn, 48, CBlowFish::ECB);

  //Test CBC
  oBlowFish.ResetChain();
  strcpy(szDataIn, szDataIn1);
  memset(szDataOut, 0, 49);
  oBlowFish.Encrypt((unsigned char*)szDataIn, 
                    (unsigned char*)szDataOut, 48, CBlowFish::CBC);
  memset(szDataIn, 0, 49);
  oBlowFish.ResetChain();
  oBlowFish.Decrypt((unsigned char*)szDataOut, 
                    (unsigned char*)szDataIn, 48, CBlowFish::CBC);

  //Test CFB
  oBlowFish.ResetChain();
  strcpy(szDataIn, szDataIn1);
  memset(szDataOut, 0, 49);
  oBlowFish.Encrypt((unsigned char*)szDataIn, 
                    (unsigned char*)szDataOut, 48, CBlowFish::CFB);
  memset(szDataIn, 0, 49);
  oBlowFish.ResetChain();
  oBlowFish.Decrypt((unsigned char*)szDataOut, 
                    (unsigned char*)szDataIn, 48, CBlowFish::CFB);
  cout << endl;
}
catch(exception& roException)
{
  cout << "Exception: " 
       << roException.what() << endl;
}

I am interested in any opinions and new ideas about this implementation. The project Blowfish.zip attached to this article includes the source code of the presented CBlowfish class and some test code.

License

This article, along with any associated source code and files, is licensed under The Microsoft Public License (Ms-PL)

About the Author

George Anescu
Web Developer
Romania Romania
No Biography provided

Comments and Discussions

 
Questioninput data size is not divisible problem Pinmemberyayaigo19-Nov-13 14:46 
GeneralUnexpected results when encrypting Pinmemberevi111-May-11 17:08 
Generalg4 bit processor compatibilty PinmemberNiveditharhegde8-Feb-11 19:12 
GeneralSmall bug... PinmemberJohn Slagel18-Aug-09 4:26 
GeneralBlowfish Encryption PinmemberMember 231219213-Aug-09 23:53 
GeneralPorting to Visual Studio 2005 Pinmemberbiffmartin11-May-09 13:10 
GeneralRe: Porting to Visual Studio 2005 PinmemberMicroImaging6-May-12 17:29 
GeneralRe: Porting to Visual Studio 2005 Pinmemberbiffmartin6-May-12 18:09 
GeneralEncrypt/Decrypt File Pinmembernagesh garad23-Oct-08 2:52 
Questionhow to change the algorithm from "unsigned char" to "unsigned long" Pinmemberpinzoka17-Aug-08 3:41 
QuestionCannot compile this PinmemberSaib0t22-Jun-08 5:09 
Questionuse "1" as password to encrypt a file and then use "11" as password to decrypt file. why this can success? Pinmembershocker.cn27-May-08 0:08 
AnswerRe: use "1" as password to encrypt a file and then use "11" as password to decrypt file. why this can success? Pinmembershocker.cn27-May-08 19:35 
AnswerRe: use "1" as password to encrypt a file and then use "11" as password to decrypt file. why this can success? Pinmemberdebarchana6-Oct-08 14:06 
GeneralTrouble decrypting using java Pinmemberrameshk0111-Sep-07 2:14 
GeneralRe: Trouble decrypting using java Pinmemberdubbele onzin27-Nov-07 3:44 
GeneralRe: Trouble decrypting using java Pinmemberpku20095-Aug-08 19:49 
Generalnot able to encrypt and decrypt a big message with spaces Pinmemberartiguptahere18-May-07 2:01 
Questionhow to test ? PinmemberSoftware_Specialist22-Apr-07 8:42 
GeneralC# code for Blowfish Pinmembermu3hm10-Apr-07 19:38 
GeneralProblems with the implementation of the code Pinmember__TSX__22-Nov-06 11:41 
AnswerRe: Problems with the implementation of the code PinmemberGSc_Dev6-Mar-07 8:08 
Probably the problem is, that you will have to support an initialisation when you create an instance, so that the (right) constructor will be called:
 
CBlowFish BlowFish( (unsigned char*)"Password", 8 );

GeneralDecrypting possible with different password PinmemberM Zah26-Jul-06 1:09 
GeneralRe: Decrypting possible with different password Pinmemberxcompscix31-Jul-06 7:04 
AnswerRe: Decrypting possible with different password PinmemberJMB19846-Nov-06 10:34 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Mobile
Web01 | 2.8.140721.1 | Last Updated 27 Sep 2001
Article Copyright 2001 by George Anescu
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid