Click here to Skip to main content
15,867,686 members
Articles / Programming Languages / C++
Article

A C++ Implementation of the Blowfish Encryption/Decryption method

Rate me:
Please Sign up or sign in to vote.
4.89/5 (56 votes)
26 Sep 2001Ms-PL3 min read 956.6K   12.8K   145   122
An article presenting a C++ implementation of the Blowfish encryption/decryption method

Introduction

Blowfish is an encryption algorithm that can be used as a replacement for the DES or IDEA algorithms. It is a symmetric (i.e. uses the same secret key for both encryption and decryption) block cipher (encrypts data in 8-byte blocks) that uses a variable-length key, from 32 (4 bytes) bits to 448 bits (56 bytes). Blowfish was designed in 1993 by Bruce Schneier as an alternative to existing encryption algorithms. Designed with 32-bit instruction processors in mind, it is significantly faster than DES. Since its origin, it has been analyzed considerably. Blowfish is unpatented, license-free, and available free for all uses. The algorithm consists of two parts: a key-expansion part and a data-encryption part. Key expansion converts a variable key of at least 4 and at most 56 bytes into several subkey arrays totalling 4168 bytes. Blowfish has 16 rounds. Each round consists of a key-dependent permutation, and a key and data-dependent substitution. All operations are XORs and additions on 32-bit words. The only additional operations are four indexed array data lookups per round. Blowfish uses a large number of subkeys. These keys must be precomputed before any data encryption or decryption.

A more detailed article describing the Blowfish algorithm can be found at http://www.schneier.com/blowfish.html

The C++ implementation presented in this article was tested against the test vectors provided by Eric Young at http://www.counterpane.com/vectors.txt. The results were identical with one exception which in my opinion could be a typing error in the referenced Internet file.

Implementation

The public user interface of the CBlowfish class is given bellow:

class CBlowFish
{
public:
  //Constructor - Initialize the P and S boxes for a given Key
  CBlowFish(unsigned char* ucKey, size_t n, <BR>            const SBlock& roChain = SBlock(0UL,0UL));
  //Resetting the chaining block
  void ResetChain();
  // Encrypt/Decrypt Buffer in Place
  void Encrypt(unsigned char* buf, size_t n, int iMode=ECB);
  void Decrypt(unsigned char* buf, size_t n, int iMode=ECB);
  // Encrypt/Decrypt from Input Buffer to Output Buffer
  void Encrypt(const unsigned char* in, unsigned char* out, 
               size_t n, int iMode=ECB);
  void Decrypt(const unsigned char* in, unsigned char* out, 
               size_t n, int iMode=ECB);
};

In the constructor, a user-supplied key material of specified size is used to generate the subkey arrays. Also the chain block is initialized with the specified value.

The function ResetChain() is used to reset the chaining block before starting a new encryption or decryption operation.

The first variant of the Encrypt() function is used for in place encryption of a block of data of the specified size applying the specified operation mode. The block size should be a multiple of 8. This function can operate in the following modes: ECB, CBC or CFB. In ECB mode, chaining is not used. If the same block is encrypted twice with the same key, the resulting ciphertext blocks are the same. In CBC mode a ciphertext block is obtained by first XOR-ing the plaintext block with the previous ciphertext block, and encrypting the resulting value. In CFB mode a ciphertext block is obtained by encrypting the previous ciphertext block and XOR-ing the resulting value with the plaintext. The operation mode is specified in the iMode parameter with ECB being the default value. For the second variant of the Encrypt() function the encryption result is delivered in an output buffer.

The Decrypt() functions are the reverse of the Encrypt() functions presented above.

Usage Examples

The use of CBlowfish class is very easy. In the first code snippet example a key of 8 bytes in size is applied to an 8 byte block. The initial chain block is a null block. The block "aaaabbbb" is encrypted and then decrypted back.

try
{
  char szHex[17];
  //Initialization
  CBlowFish oBlowFish((unsigned char*)"abcdefgh", 8);
  char szDataIn[] = "aaaabbbb";
  char szDataOut[17] = "\0\0\0\0\0\0\0\0";
  //Encryption
  oBlowFish.Encrypt((unsigned char*)szDataIn, (unsigned char*)szDataOut, 8);
  CharStr2HexStr((unsigned char*)szDataIn, szHex, 8);
  cout << szHex << endl;
  CharStr2HexStr((unsigned char*)szDataOut, szHex, 8);
  cout << szHex << endl;
  memset(szDataIn, 0, 8);
  //Decryption
  oBlowFish.Decrypt((unsigned char*)szDataOut, (unsigned char*)szDataIn, 8);
  CharStr2HexStr((unsigned char*)szDataIn, szHex, 8);
  cout << szHex << endl;
}
catch(exception& roException)
{
  cout << roException.what() << endl;
}

In the next code snippet example a key of 16 bytes in size is applied to a larger block of data of 48 bytes size (the block of data size should be a multiple of the block size which is always 8 bytes). The initial chain block is a null block. The block "ababababccccccccababababccccccccababababcccccccc" is encrypted and then decrypted back in all the operation modes (ECB, CBC and CFB). Notice that for the chaining operating modes the chain block has to be reset before decrypting back.

try
{
  CBlowFish oBlowFish((unsigned char*)"1234567890123456", 16);
  char szDataIn1[49] = "ababababccccccccababababccccccccababababcccccccc";
  char szDataIn[49];
  char szDataOut[49];
  memset(szDataIn, 0, 49);
  memset(szDataOut, 0, 49);

  //Test ECB
  strcpy(szDataIn, szDataIn1);
  memset(szDataOut, 0, 49);
  oBlowFish.Encrypt((unsigned char*)szDataIn, 
                    (unsigned char*)szDataOut, 48, CBlowFish::ECB);
  memset(szDataIn, 0, 49);
  oBlowFish.Decrypt((unsigned char*)szDataOut, 
                    (unsigned char*)szDataIn, 48, CBlowFish::ECB);

  //Test CBC
  oBlowFish.ResetChain();
  strcpy(szDataIn, szDataIn1);
  memset(szDataOut, 0, 49);
  oBlowFish.Encrypt((unsigned char*)szDataIn, 
                    (unsigned char*)szDataOut, 48, CBlowFish::CBC);
  memset(szDataIn, 0, 49);
  oBlowFish.ResetChain();
  oBlowFish.Decrypt((unsigned char*)szDataOut, 
                    (unsigned char*)szDataIn, 48, CBlowFish::CBC);

  //Test CFB
  oBlowFish.ResetChain();
  strcpy(szDataIn, szDataIn1);
  memset(szDataOut, 0, 49);
  oBlowFish.Encrypt((unsigned char*)szDataIn, 
                    (unsigned char*)szDataOut, 48, CBlowFish::CFB);
  memset(szDataIn, 0, 49);
  oBlowFish.ResetChain();
  oBlowFish.Decrypt((unsigned char*)szDataOut, 
                    (unsigned char*)szDataIn, 48, CBlowFish::CFB);
  cout << endl;
}
catch(exception& roException)
{
  cout << "Exception: " 
       << roException.what() << endl;
}

I am interested in any opinions and new ideas about this implementation. The project Blowfish.zip attached to this article includes the source code of the presented CBlowfish class and some test code.

License

This article, along with any associated source code and files, is licensed under The Microsoft Public License (Ms-PL)


Written By
Web Developer
Romania Romania
This member has not yet provided a Biography. Assume it's interesting and varied, and probably something to do with programming.

Comments and Discussions

 
AnswerRe: Problems with the implementation of the code Pin
GSc_Dev6-Mar-07 8:08
GSc_Dev6-Mar-07 8:08 
GeneralDecrypting possible with different password Pin
M Zah26-Jul-06 1:09
M Zah26-Jul-06 1:09 
GeneralRe: Decrypting possible with different password Pin
xcompscix31-Jul-06 7:04
xcompscix31-Jul-06 7:04 
AnswerRe: Decrypting possible with different password Pin
JMB19846-Nov-06 10:34
JMB19846-Nov-06 10:34 
QuestionLittle Endian Pin
Mr. S13-Apr-06 10:36
Mr. S13-Apr-06 10:36 
Generalproblem Pin
quistiun22-Mar-06 13:59
quistiun22-Mar-06 13:59 
GeneralRe: problem Pin
breakpoint23-Mar-06 21:17
breakpoint23-Mar-06 21:17 
GeneralRe: problem Pin
quistiun24-Mar-06 14:41
quistiun24-Mar-06 14:41 
GeneralVery nice Pin
Jim Xochellis13-Mar-06 20:52
Jim Xochellis13-Mar-06 20:52 
GeneralCommercial using of sources Pin
Andrey Levin18-Jan-06 21:38
Andrey Levin18-Jan-06 21:38 
GeneralKnown length of decrypted String Pin
cwanner19-Oct-05 9:25
cwanner19-Oct-05 9:25 
GeneralRe: Known length of decrypted String Pin
NxTitle23-May-07 12:01
NxTitle23-May-07 12:01 
Generalneed a help on implement the code Pin
Torune2-Sep-05 16:06
Torune2-Sep-05 16:06 
GeneralRe: need a help on implement the code Pin
breakpoint9-Apr-06 1:45
breakpoint9-Apr-06 1:45 
GeneralHelp with code Pin
Anonymous14-Jul-05 10:03
Anonymous14-Jul-05 10:03 
QuestionWhy not a simple string encoding version? Pin
chanon9-Jun-05 23:07
chanon9-Jun-05 23:07 
AnswerRe: Why not a simple string encoding version? Pin
Anonymous8-Sep-05 0:24
Anonymous8-Sep-05 0:24 
Generalbuffer length not x8 Pin
Boniolopez16-Apr-05 8:05
Boniolopez16-Apr-05 8:05 
GeneralRe: buffer length not x8 Pin
Nir Levy10-May-05 10:05
Nir Levy10-May-05 10:05 
GeneralRe: buffer length not x8 Pin
Coruscant16-May-05 10:59
Coruscant16-May-05 10:59 
GeneralBlowfish patents Pin
manjunathG1-Apr-05 0:37
manjunathG1-Apr-05 0:37 
GeneralRe: Blowfish patents Pin
MoazReyad7-Apr-05 6:53
MoazReyad7-Apr-05 6:53 
QuestionNon symmetric encryption/decryption? Pin
Drew Emsley2-Dec-04 10:35
Drew Emsley2-Dec-04 10:35 
AnswerRe: Non symmetric encryption/decryption? Pin
florianpopa20109-May-05 21:18
florianpopa20109-May-05 21:18 
GeneralCompile errors in ANSI C++, improvements to code Pin
SiemelNaran26-Nov-04 14:44
SiemelNaran26-Nov-04 14:44 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.