Fast 128-bit multi-pass stream cipher
Blowfish is a cipher that was designed in 1993 by Bruce Schneier
as a fast, free alternative to existing encryption algorithms.
Blowfish is a 64-bit feistel block cipher, meaning that data is
encrypted and decrypted in 64-bit chunks within multiple rounds.
Each block is fully encrypted/decrypted before moving on to the
Blowfish uses the same shared secret key for both encryption of
plaintext and decryption of the resultant ciphertext.
Ambit is a modification of Bruce Schneier's algorithm and is now
a 128-bit multi-pass stream cipher. Modifications were made to
increase efficiency and security. Multi-pass ensures that Ambits
superior speed cannot be taken advantage of by an attacker.
Ambit processes data in 128-bit blocks. It performs multiple full
passes over the data. Each block of data on a given pass has four
rounds performed. Ambit uses output feedback (OFB) and a
time-optimized key transformation process.
OFB mode gives added security similar to other modes such as
cipher block chaining (CBC), by removing associations that may
exist between cipher blocks that are encrypted independently.
Another advantage of OFB is any errors in transmission will not
render all data beyond the first error bit as un-recoverable.
Ambit also incorporates a CRC checksum for decryption validation.
The key is first expanded to 512 bits (64 bytes) and transformed
into a 64-byte key schedule. The key schedule is accessed as 128-bit
segments, and so is cycled after every 4 rounds. A 128-bit state
vector is also generated from the key during initialization, as is
the Blowfish s-boxes.
Ambit's shift register/key schedule is dynamically updated with the
output of the encryption function (OFB) by replacing the current key
segment, before incrementing to the next segment to be used to seed
the encryption function. The segment is hashed with the state (with
a side-shift cycle completed over 4 rounds), then the new state is
transformed by the dissociation function.
The output of the encryption function (the state) is hashed with the
current block of input data (plaintext on the first pass) to produce
the ciphertext. The state is also fed back into the key schedule.
Each block of input is hashed with the state on every round.
The state is purely a product of the key, the input data has no
effect on the state. Errors in transmission don't perpetuate.
The encryption function is basically the same dissociation function
used by Bruce Schneier's Blowfish algorithm, including the 1024-word
multi-dimensional 's-box' table of fractional values of PI. This is
an exceptionally effective dissociation function.
Any key length is permitted by the Ambit algorithm. No weak keys
such as "a" or "me" show any loss of quality of the ciphertext.
However, short keys and keys such as "password" or "letmein" are
vulnerable to a key attack. Therefore, a key length of at least 160
bits (20 bytes) is recommended, and 240 bits (30 bytes) if the key
is limited to keyboard characters. Don't use predictable keys!
Key length is truncated or expanded to 512 bits (64 bytes).
The resultant ciphertext will be exactly 4 bytes larger than the
source data due to an appended 32-bit CRC checksum.
Credit of course to Bruce Schneier for the Blowfish algorithm.
Thanks to Fredrik Qvarfort for the original Blowfish VB class.
Although the Ambit cipher permits variable length keys, an implementation
may dictate key length - so the key length property is no longer used to
initialize the key transformation process.
An assignment to the Key property now expands and transforms the new key
into temporary memory. It then compares this encrypted key with the previous
p-boxes. If it is the same the Key property exits, if not the new key is
copied into the p-boxes, and generates the key-dependant s-boxes.
Initialization of the key schedule, as well as the state, use the key-dependant
s-boxes along with the encryption function. Now only the creation of the
key-dependant s-boxes use the initialization constants.
You are free to use any part or all of this code even for commercial
purposes under the agreement that you receive absolutely no warranties
expressed or implied.
You are also free to implement the Ambit design, or parts of it, in any way.