Blowfish Cipher Tutorials - Herong's Tutorial Examples - v2.04, by Herong Yang
"enc -bf-ecb" Command Summary
A quick summary is provided to list major features of the OpenSSL 'enc -bf-ecb' command. Blowfish algorithm in ECB operation mode with a random salt and PKCS#5 padding, or Blowfish/ECB/Salted/PKCS5Padding, is the recommended way to use Blowfish in ECB mode.
As a summary, we should remember the following about the OpenSSL "enc -bf-ecb" command:
OpenSSL "enc -bf-ecb" command allows us to run Blowfish algorithm in ECB (Electronic CodeBook) operation mode.
ECB (Electronic CodeBook) operation mode takes each plaintext block from the input stream and encrypt it independently from other blocks.
ECB (Electronic CodeBook) operation mode does not use the IV value.
OpenSSL allows us to run cipher operations in 3 ways: Literal Key, Salted Key and Random Salt.
"Literal Key" means the secret key and the IV are specified literally using "-K" and "-iv" options.
"Salted Key" means the secret key and the IV are derived from a passphrase and a salt given in "-pass" and "-S" options.
"Random Key" means the secret key and the IV are derived from a passphrase and a random salt using "-pass" and "-salt" options.
OpenSSL allows us to pad plaintext with the standard PKCS#5 padding algorithm, which uses an integer byte as the padding byte with value equal to the number of bytes to be padded.
With all options mentioned above, we have many choices to run Blowfish ECB mode encryption. But the recommended way is to:
By the way, ECB is the weakest operation mode comparing to CBC, CFB, and OFB.
Table of Contents
►OpenSSL "enc -bf-ecb" for Blowfish/ECB Encryption
Installing OpenSSL for Windows
OpenSSL "enc" Blowfish Ciphers
Ways to Control Secret Key and IV
"bf-ecb" Cipher with Literal Key
"bf-ecb" Cipher on Multiple Blocks
Secret Key Padding and Truncation
"bf-ecb" Cipher with Salted Key
Salted Key Generation Algorithm
"bf-ecb" Cipher with Random Salt
OpenSSL Default Padding - PKCS#5
►"enc -bf-ecb" Command Summary
OpenSSL "enc -bf-cbc" for Blowfish/CBC Encryption
OpenSSL "enc -bf-cfb" for Blowfish/CFB Encryption
OpenSSL "enc -bf-ofb" for Blowfish/OFB Encryption