Blowfish Cipher Tutorials - Herong's Tutorial Examples - Version 1.21, by Dr. Herong Yang
"bf-ofb" Cipher with Literal Key
A tutorial example is provided to show you how to use the 'bf-ofb' (Blowfish in OFB mode) cipher with Literal Key to encrypt and decrypt binary data files.
So far we have learned both "enc -bf-ecb", "enc -bf-cbc" and "enc -bf-cfb" commands to perform Blowfish encryption in ECB (Electronic CodeBook), CBC (Cipher Block Chaining), and CFB (Cipher FeedBack) operation modes. Let's move on to the "enc -bf-ofb" command for Blowfish encryption in OFB (Output FeedBack) operation mode.
In case you forgot how OFB (Output FeedBack) works, here a shortest version of the CFB algorithm:
Input:
P: The plaintext in multiple blocks
K: The secret key
IV: The Initialization Vector
E(K,B): The block encryption function
Output:
C: The ciphertext in multiple blocks
Algorithm - OFB (Output FeedBack) Operation Mode:
(P[1], P[2], P[3},...) = P : Split plaintext into blocks
O[1] = E(K, IV)
Loop i over 2,3,...
C[i] = P[i] XOR O[i]
O[i] = E(K, O[i-1])
End Loop
C = (C[1], C[2], C[3},...) : Concatenate ciphertext blocks
The OFB algorithm can also be illustrated by this simple diagram:
Algorithm - OFB (Output FeedBack) Operation Mode:
IV ---->| ---->| ---->|
E(K) / E(K) / E(K)
|--- O[1] |--- O[2] |--- O[3] ...
| | |
P[1]--XOR P[2]--XOR P[3]--XOR
| | |
C[1] C[2] C[3]
Comparing with the ECB mode we have discussed earlier, the OFB mode does use the IV (Initialization Vector). So we need to pay attention to how to control the IV with the OpenSSL "enc -bf-ofb" command.
Similar to ECB mode tutorials, let's follow the "Literal Key" way first by running the OpenSSL "enc -bf-ofb" command with "-K" and "-iv" options. In the example below, I am trying to perform encryption on a full block of 0x00:
C:\herong>
perl -e "binmode(STDOUT); print pack('H*', '0000000000000000')"
> 0000000000000000.txt
C:\herong>\local\gnuwin32\bin\openssl enc -bf-ofb -e
-K 00000000000000000000000000000000 -iv 0000000000000000
-in 0000000000000000.txt -out cipher.txt -nopad -p
salt=0200000000268000
key=00000000000000000000000000000000
iv =0000000000000000
C:\herong>perl -e "while (read(STDIN,$_,1)){print unpack('H*',$_);}"
< cipher.txt
4ef997456198dd78
C:\herong>\local\gnuwin32\bin\openssl enc -bf-ofb -d
-K 00000000000000000000000000000000 -iv 0000000000000000
-in cipher.txt -out decrypted.txt -nopad -p
salt=0200000000265D01
key=00000000000000000000000000000000
iv =0000000000000000
C:\herong>perl -e "while (read(STDIN,$_,1)){print unpack('H*',$_);}"
< decrypted.txt
0000000000000000
Pretty cool, I have successfully encrypted a block of binary zeros with "bf-ofb" cipher, and decrypted it back.
The ciphertext, 0x4ef997456198dd78, is correct, because it matches the test vector published at https://www.schneier.com/code/vectors.txt. Not that for a single plaintext block, OFB operation mode will just run Blowfish encryption on the IV, then XOR with the plaintext.
key bytes clear bytes cipher bytes 0000000000000000 0000000000000000 4EF997456198DD78
Last update: 2015.
Table of Contents
OpenSSL "enc -bf-ecb" for Blowfish/ECB Encryption
OpenSSL "enc -bf-cbc" for Blowfish/CBC Encryption
OpenSSL "enc -bf-cfb" for Blowfish/CFB Encryption
►OpenSSL "enc -bf-ofb" for Blowfish/OFB Encryption
►"bf-ofb" Cipher with Literal Key
"bf-ofb" Cipher on Multiple Blocks
"bf-ofb" Encryption Verification
"bf-ofb" Cipher with Salted Key