Blowfish Functions

Blowfish is a 16-round Feistel block cipher. Under this algorithm, the block size is 64 bits and the key can be of any size up to 448 bits. Although the algorithm requires a computationally intensive key expansion process that creates a set of eighteen 32-bit subkeys plus four 8x32-bit S-boxes derived from the input key, for a total of 4168 bytes, the actual encryption of streaming data is very efficient for software implementation.

This section describes the functions performing various operational modes under the Blowfish cipher systems. The implementation of the functions described in this section complies with the Blowfish cipher schemes.

Table “Intel IPP Blowfish Algorithm Functions” lists Intel IPP Blowfish algorithm functions.

Intel IPP Blowfish Algorithm Functions  
Function Base Name Operation
BlowfishGetSize Gets the size of the IppsBlowfishSpec context.
BlowfishInit Initializes user-supplied memory as IppsBlowfishSpec context for future use.
BlowfishPack, BlowfishUnpack Packs/unpacks the IppsBlowfishSpec context into/from a user-defined buffer.
BlowfishEncryptECB Encrypts input plaintext according to Blowfish scheme in the ECB mode.
BlowfishDecryptECB Decrypts byte data stream according to Blowfish scheme in the EBC mode.
BlowfishEncryptCBC Encrypts byte data stream according to Blowfish scheme in the CBC mode.
BlowfishDecryptCBC Decrypts byte data stream according to Blowfish scheme in the CBC mode.
BlowfishEncryptCFB Encrypts byte data stream according to Blowfish scheme in the CFB mode.
BlowfishDecryptCFB Decrypts byte data stream according to Blowfish scheme in the CFB mode.
BlowfishEncryptOFB Encrypts byte data stream according to Blowfish scheme in the OFB mode.
BlowfishDecryptOFB Decrypts byte data stream according to Blowfish scheme in the OFB mode.
BlowfishEncryptCTR Encrypts a variable length data stream in the CTR mode.
BlowfishDecryptCTR Decrypts a variable length data stream in the CTR mode.

Throughout this section, the functions for Blowfish baseline cipher scheme employ the context IppsBlowfishSpec. It serves as an operational vehicles to carry not only both a set of subkeys and a set of S-Boxes, but also the key management information.

Once the respective initialization function has generated a set of subkeys and S-Boxes, the functions for ECB, CBC, CFB, and CTR modes are ready for the execution of either encrypting or decrypting the streaming data with the selected padding scheme.

The application code for conducting a typical encryption under CBC mode using Blowfish scheme should follow the sequence of operations as outlined below:


  1. Get the buffer size required to configure the context IppsBlowfishSpec by calling the function BlowfishGetSize.
  2. Call the operating system memory allocation service function to allocate a buffer whose size is no less than the one specified by the function BlowfishGetSize.
  3. Initialize the context IppsBlowfishSpec * pCtx by calling the function BlowfishInit with the allocated buffer and the respective Blowfish cipher key of the specified size.
  4. Specify the initialization vector and the padding scheme, then call the function BlowfishEncryptCBC to encrypt the input data stream using the Blowfish encryption function with CBC mode.
  5. Call the operating system memory free service function to release the buffer allocated for the context IppsBlowfishSpec, if needed.

The IppsBlowfishSpec context is position-dependent. The BlowfishPack/BlowfishUnpack functions transform the position-dependent context to a position-independent form and vice versa.

Parent topic: Symmetric Cryptography Primitive Functions

Submit feedback on this help topic

Copyright © 2000 - 2011, Intel Corporation. All rights reserved.