Twofish Functions

Twofish is a 16-round Feistel block cipher. The block size is 128 bits and the key can be any size up to 256 bits. The algorithm is one of the five Advanced Encryption Standard (AES) finalists. The cipher design for both the round function and key schedule enables an efficient implementation in software. Even though Twofish is free and not patented, it is nevertheless efficient and highly secure block cipher.

This section describes the functions for various operational modes under the Twofish cipher systems. The functions in this section are implemented to comply to the Twofish cipher schemes documented and submitted to NIST for candidacy of AES by B. Schneier.

Table “Intel IPP Twofish Algorithm Functions” lists Intel IPP Twofish algorithm functions:

Intel IPP Twofish Algorithm Functions  
Function Base Name Operation
TwofishGetSize Gets the size of the IppsTwofishSpec context.
TwofishInit Initializes user-supplied memory as IppsTwofishSpec context for future use.
TwofishPack, TwofishUnpack Packs/unpacks the IppsTwofishSpec context into/from a user-defined buffer.
TwofishEncryptECB Encrypts input plaintext according to Twofish scheme in the ECB mode.
TwofishDecryptECB Decrypts byte data stream according to Twofish scheme in the EBC mode.
TwofishEncryptCBC Encrypts byte data stream according to Twofish scheme in the CBC mode.
TwofishDecryptCBC Decrypts byte data stream according to Twofish scheme in the CBC mode.
TwofishEncryptCFB Encrypts byte data stream according to Twofish scheme in the CFB mode.
TwofishDecryptCFB Decrypts byte data stream according to Twofish scheme in the CFB mode.
TwofishEncryptOFB Encrypts byte data stream according to Twofish scheme in the OFB mode.
TwofishDecryptOFB Decrypts byte data stream according to Twofish scheme in the OFB mode.
TwofishEncryptCTR Encrypts a variable length data stream in the CTR mode.
TwofishDecryptCTR Decrypts a variable length data stream in the CTR mode.

Throughout this section, the functions for Twofish baseline cipher scheme employ the context IppsTwofishSpec. This structure serves as an operational vehicle to carry not only both a set of subkeys and a set of S-Boxes, but also the key management information.

Once the respective initialization function has generated a set of subkeys and S-Boxes, the functions for ECB, CBC, CFB, and CTR modes are ready to the execution of either encrypting or decrypting the streaming data with the selected padding scheme.

The application code for conducting typical encryption under the CBC mode using the Twofish scheme should follow the sequence of operations as outlined below:


  1. Get the buffer size required to configure the context IppsTwofishSpec by calling the function TwofishGetSize.
  2. Call operating system memory allocation service function to allocate a buffer whose size is not less than the one specified by the function TwofishGetSize.
  3. Initialize the context IppsTwofishSpec * pCtx by calling the function TwofishInit with the allocated buffer and the respective Twofish cipher key of the specified size.
  4. Specify the initialization vector and the padding scheme, then call the function TwofishEncryptCBC to encrypt the input data stream using the Twofish encryption function with CBC mode.
  5. Call the operating system memory free service function to release the buffer allocated for the context IppsTwofishSpec, if needed.

The IppsTwofishSpec context is position-dependent. The TwofishPack/TwofishUnpack functions transform the position-dependent context to a position-independent form and vice versa.

Parent topic: Symmetric Cryptography Primitive Functions

Submit feedback on this help topic

Copyright © 2000 - 2011, Intel Corporation. All rights reserved.