Ways to Control Secret Key and IV

A quick explanation of different Blowfish cipher operation modes and different ways to control the secret key and the IV: literal key, salted key and random key.

In the previous tutorial, we learned how to invoke a specific Blowfish cipher with the OpenSSL "enc" command. We also learned that OpenSSL supports 4 Blowfish ciphers representing 4 block cipher operation modes:

From cryptography basics, we know that there are 5 pieces of information involved in all 4 operation modes:

By reading the "enc" manual page, I see the following rules offered by OpenSSL to control those 5 pieces of information:

Plaintext - If "-in file" option is given, plaintext is coming from the given file. Otherwise, plaintext is coming from the standard input.

Ciphertext - If "-out file" option is given, ciphertext is going to the given file. Otherwise, ciphertext is going to the standard output.

Padding - If "-nopad" option is given, no padding algorithm is used, which requires that the plaintext to be full blocks. Otherwise, PKCS#5 padding algorithm is used to pad the last block of plaintext.

Secret Key and IV - OpenSSL offers 3 ways to control them:

1. Literal Key - The Secret Key and the IV are literally given using the following options:

2. Salted Key - The Secret Key and the IV are generated from a given passphrase and a given salt using the following options:

3. Random Salt - The Secret Key and the IV are generated from a given passphrase and a random salt using the following options:

Examples of using different Blowfish ciphers and different ways to control the Secret Key and the IV are given in next several tutorials.

Last update: 2015.

Table of Contents

 About This Book

 Blowfish Cipher Algorithm

 Perl Crypt::Blowfish Module

 Perl Crypt::ECB Perl Module

 Perl Crypt::CBC Module

 Perl Crypt::CFB Perl Module

OpenSSL "enc -bf-ecb" for Blowfish/ECB Encryption

 What is OpenSSL

 Installing OpenSSL for Windows

 OpenSSL "enc" Blowfish Ciphers

Ways to Control Secret Key and IV

 "bf-ecb" Cipher with Literal Key

 "bf-ecb" Cipher on Multiple Blocks

 Secret Key Padding and Truncation

 "bf-ecb" Cipher with Salted Key

 Salted Key Generation Algorithm

 "bf-ecb" Cipher with Random Salt

 OpenSSL Default Padding - PKCS#5

 "enc -bf-ecb" Command Summary

 OpenSSL "enc -bf-cbc" for Blowfish/CBC Encryption

 OpenSSL "enc -bf-cfb" for Blowfish/CFB Encryption

 OpenSSL "enc -bf-ofb" for Blowfish/OFB Encryption

 PHP Mcrypt Extension for Blowfish

 Blowfish 8-Bit Cipher in PHP

 References

 Full Version in PDF/EPUB