[197] in cryptography@c2.net mail archive
blowfish keylength
daemon@ATHENA.MIT.EDU (Niels Provos)
Fri Feb 7 20:43:49 1997
Date: Sat, 8 Feb 1997 02:25:38 +0100 (NFT)
From: Niels Provos <provos@ws1.physnet.uni-hamburg.de>
To: cryptography@c2.net
Hi!
Schneier states in Applied Cryptography that the keylength for Blowfish is
limited to a maximum of 56 bytes.
The key is used to initalize 18 32bit Subkeys which are preinitalized with
the hexadecimal digits of Pi. The key is xored subsequently, when you
reach the keylength you start again from the beginning.
When you take 56 bytes as maximum. The subkeys P1-P4 and P15-P18
are xored with the same keystream.
Obviously you could also use 16 bytes more and xor those to P15-P18.
Schneier also states that weak keys are those which leave S-boxes with two
identical values in them. He says that case is unlikely to happen.
Are there any reasons to use 56 bytes as max key length instead of 72 ?
Regards
Niels Provos =8)
- PHYSnet Rechnerverbund PGP V2.6 Public key via finger or key server
Niels Provos
Universitaet Hamburg WWW: http://www.physnet.uni-hamburg.de/provos/
Jungiusstrasse 9 E-Mail: provos@wserver.physnet.uni-hamburg.de
Germany 20355 Hamburg Tel.: +49 40 4123-2504 Fax: -6571
