adam's notes

Blowfish and Twofish

  • both developed by Bruce Schneier as a replacement for DES
  • reference designs are in the public domain
    • widely used
  • both are Feistel substitution-permutation designs
    • only successful attack is the birthday attack (aka SWEET32) in HTTPS context
      • able to recover plaintext from ciphertext for ciphers using a 64-bit block size
      • thus, GnuPG recommends that as long as Blowfish is not used on files larger than 4GB, it is secure
  • Twofish
    • derives from Blowfish’s design
    • was one of five finalists in the AES competition
    • is included in the OpenPGP standard RFC 4880

Graph View

Backlinks