Blowfish Cipher Tutorials - Herong's Tutorial Examples - v2.03, by Herong Yang
Ways to Control Secret Key and IV
A quick explanation of different Blowfish cipher operation modes and different ways to control the secret key and the IV: literal key, salted key and random key.
In the previous tutorial, we learned how to invoke a specific Blowfish cipher with the OpenSSL "enc" command. We also learned that OpenSSL supports 4 Blowfish ciphers representing 4 block cipher operation modes:
From cryptography basics, we know that there are 5 pieces of information involved in all 4 operation modes:
By reading the "enc" manual page, I see the following rules offered by OpenSSL to control those 5 pieces of information:
Plaintext - If "-in file" option is given, plaintext is coming from the given file. Otherwise, plaintext is coming from the standard input.
Ciphertext - If "-out file" option is given, ciphertext is going to the given file. Otherwise, ciphertext is going to the standard output.
Padding - If "-nopad" option is given, no padding algorithm is used, which requires that the plaintext to be full blocks. Otherwise, PKCS#5 padding algorithm is used to pad the last block of plaintext.
Secret Key and IV - OpenSSL offers 3 ways to control them:
1. Literal Key - The Secret Key and the IV are literally given using the following options:
2. Salted Key - The Secret Key and the IV are generated from a given passphrase and a given salt using the following options:
3. Random Salt - The Secret Key and the IV are generated from a given passphrase and a random salt using the following options:
Examples of using different Blowfish ciphers and different ways to control the Secret Key and the IV are given in next several tutorials.
Table of Contents
►OpenSSL "enc -bf-ecb" for Blowfish/ECB Encryption
Installing OpenSSL for Windows
OpenSSL "enc" Blowfish Ciphers
►Ways to Control Secret Key and IV
"bf-ecb" Cipher with Literal Key
"bf-ecb" Cipher on Multiple Blocks
Secret Key Padding and Truncation
"bf-ecb" Cipher with Salted Key
Salted Key Generation Algorithm
"bf-ecb" Cipher with Random Salt
OpenSSL Default Padding - PKCS#5
OpenSSL "enc -bf-cbc" for Blowfish/CBC Encryption
OpenSSL "enc -bf-cfb" for Blowfish/CFB Encryption
OpenSSL "enc -bf-ofb" for Blowfish/OFB Encryption