Blowfish Encryption: Strength & Example

Instructor: Martin Gibbs

Martin has 16 years experience in Human Resources Information Systems, has a PhD in Information Technology Management, and a degree in Information Systems Management. He is an adjunct professor of computer science and computer programming.

This lesson will cover the Blowfish encryption method, which is a license-free method available for all types of users and uses. We'll discuss the benefits of Blowfish, as well as some examples of real-world applications.

What Is Blowfish?

Although you may think it's just a fun aquarium fish, Blowfish is also an encryption method that is a very strong weapon against hackers and cyber-criminals. It is used in a wide array of products, including some secure E-mail encryption tools, backup software, password management tools, and TiVo.

Blowfish was developed in 1993 by Bruce Schneier. It is a symmetric block cipher. What does that mean? Well, it is symmetric because the same key is used for both encryption and decryption; the key has to be kept secret from all others except the sender and receiver. This image shows a high-level example of the process of symmetric encryption.

Symmetric Encryption
symmetric encryption

A block cipher is basically a computer routine that takes any amount of plain text and converts it into coded text, or cipher-text. It performs this routine on chunks of text called blocks. And in order for the text to be decoded on the other side of transmission, the function must also generate a key to unlock the cipher-text.

The key is like the old decoder rings in cereal boxes. Without it, you cannot unlock the secret in the garbled message because only the key knows all of the substitutions and changes that were performed on the original text. Unlike the cereal box key, however, Blowfish does not send out thousands of keys to users. It generates it uniquely as part of the encryption. And an even cooler feature is that it doesn't just generate a single key.

Blowfish uses a unique form of key generation. The second part of the Blowfish routine is a key expansion that converts a single key of up to 448 bits into a table of subkeys that is 4168 bytes in size. The creation of subkeys further increases security, because a hacker would have to crack more than just the original key.

You can see a simplified example of how this works in the next image: 32 bits enter the algorithm, they're split into four 8-bit boxes, transformed/encrypted, then put back together. Blowfish runs through this routine sixteen times.

Blowfish Encryption Example
Blowfish Encryption Example

Strength of Blowfish

Blowfish is an incredibly fast cipher (encryption tool) that has a relatively simple structure and is very effective.

Blowfish generates a really large key (think of a very robust cereal box decoder ring), and this alone is a huge benefit to security. With the increase in speed of computer processing, Blowfish is able to create a much longer key so that it is much more difficult to try to hack the key value.

And the way that it generates sub-keys means that each pair of sub-keys changes slightly as they are generated. This prevents attackers from figuring out how the sub-keys were generated, and then gaining access to all the other known keys.

In fact, Blowfish is especially solid against attacks because of the complexity of the subkey generation process. It does take longer for the subkeys to be generated, but for the security-conscious, it is time well spent. For each key, the encryption routine runs 522 times!

As such, the full Blowfish encryption has NEVER been hacked.

Blowfish has gone through a great deal of analysis and testing to prove its merit. In fact, since it is open to the public and freely available, its creator encourages hacking attempts. The results of attempted hacking are posted for others to review and comment upon; the encryption method can then be tweaked as needed to ensure its continued success against the bad guys.

To unlock this lesson you must be a Member.
Create your account

Register to view this lesson

Are you a student or a teacher?

Unlock Your Education

See for yourself why 30 million people use

Become a member and start learning now.
Become a Member  Back
What teachers are saying about
Try it now

Earning College Credit

Did you know… We have over 220 college courses that prepare you to earn credit by exam that is accepted by over 1,500 colleges and universities. You can test out of the first two years of college and save thousands off your degree. Anyone can earn credit-by-exam regardless of age or education level.

To learn more, visit our Earning Credit Page

Transferring credit to the school of your choice

Not sure what college you want to attend yet? has thousands of articles about every imaginable degree, area of study and career path that can help you find the school that's right for you.

Create an account to start this course today
Used by over 30 million students worldwide
Create an account