Twofish vs Blowfish | Encryption Differences
According to Wired, Bruce Schneier is one of the world’s foremost security experts. He’s the creator of Blowfish and Twofish. Two of the most famous cryptography algorithms in popular culture and the real world. So, how do they compare?
Being the “old version” of Twofish, Blowfish is less secure. Twofish uses much more advanced algorithms that encrypt data more securely than Blowfish. Despite Blowfish using several rounds of encryption, Twofish is still more secure, thanks to its complex built-in mathematical formulas.
What is an encryption algorithm? What’s the Blowfish algorithm? What’s the Twofish algorithm? Some information in this blog post is revealed for the first time. So, keep reading to get a basic understanding of two of the most prominent cryptography algorithms in the cybersecurity world.
In this blog post, you’ll get to uncover:
- What Is an Encryption Algorithm?
- What Is Blowfish, How It Works, And What Are Its Uses?
- Blowfish Pros and Cons
- What Is Twofish, How It Works, And What Are Its Uses?
- Twofish Pros and Cons
What Is an Encryption Algorithm?
An encryption algorithm is a mechanism that secures data while it’s moving over a public network like the internet.
It uses mathematical formulas to convert the data into a “secret language” that others can’t read.
Let’s say you’re writing an email to a colleague. When you click the “send” button, the email travels through the internet to your recipient.
Along the journey, someone can intercept the email and read what’s inside.
The encryption algorithm encrypts the email from your side with a secret lock and sends the key to your recipient. So, hackers can’t read it. Once received, your colleague can use the key to unlock the email.
It’s like translating the email into a code language and then taking that translation and translating it into a different language.
The two types of encryption are symmetrical and asymmetrical. Symmetric encryption uses the same key for encryption and decryption. Asymmetric encryption uses a public key for encryption and a private key for decryption.
What Is Blowfish, How It Works, And What Are Its Uses?
Security guru Bruce Schneier created Blowfish in 1993 to be an alternative to Data Encryption Standard (DES). Because Blowfish is a symmetric encryption method, it’s faster and offers a better encryption rate.
Blowfish has a variable key length between 32 and 448 bits. As a 64-bit block cipher, it encrypts data in chunks or blocks. It’s also stronger than stream cipher.
Blowfish divide the data into two parts. Each side is divided into smaller pieces and encrypted separately. Then, it encrypts the bits of data several times over. After that, it replaces the bits of encrypted data from each side. Finally, it recombined them into one part.
Since it’s symmetrical encryption, the decryption process is identical to the encryption process, but it’s in reverse.
Some password management software uses Blowfish to generate, store, and encrypt data. Even ransomware creators used Blowfish in the past to encrypt victim files illegally.
Pros Of Blowfish
- Symmetrical encryption is faster because the process of encryption and decryption are the same.
- Blowfish is not patented, free, and open-source. Anyone can use it for their cryptography projects.
- Blowfish also uses less computing power because it performs fewer operations than other algorithms.
- It remains unbreakable even to this day because brute force attacks will take years and years to crack it.
Cons Of Blowfish
- The key schedule of Blowfish is time-consuming to encrypt data, which is both a pro and con.
- Probabilistic-based attacks can somewhat easily crack the algorithm due to the small bits of data.
What Is Twofish, How It Works, And What Are Its Uses?
Cryptographer Bruce Schneier designed Twofish based on his earlier work on Blowfish. Twofish is the “upgrade Blowfish.”
When the National Institute of Standards and Technology (NIST) held a competition for an Advanced Encryption Standard (AES) algorithm to replace the DES algorithm, Twofish was a Finalist.
Like Blowfish, Twofish is one of the symmetric encryption algorithms that use block ciphers. The block sizes are 128 bits and keys up to 256 bits.
Twofish works by passing the data through several formulas. First, the data will pass through Function F, which separates the data into smaller encrypted pieces.
Each piece of data goes through another formula for more encryption. Then, the bits of data are swapped with each other. The swapped pieces are combined through another algorithm.
The output goes through another round of encryption until it’s complete.
To this day, no cryptanalysis has managed to crack Twofish. So, it’s alive and well and remains unbreakable.
TrueCrypt used Twofish as the cryptography algorithm to encrypt Windows drives.
Twofish was also used to encrypt files before sending them from a local computer to the database.
If you want more information about Twofish and its inner workings, you might want to read The Twofish Encryption Algorithm: A 128-Bit Block Cipher by Bruce Schneier himself.
Pros Of Twofish
- Each function in Twofish serves a distinct role, which makes the design conservative.
- Twofish combines best-in-class cryptography systems in one compact algorithm.
- Twofish can encrypt a large amount of data with the same key and much faster than Blowfish.
Cons Of Twofish
- While it’s faster than Blowfish, some algorithms are much faster and provide a higher level of security.
- Twofish uses S-boxes for encryption, which makes it vulnerable to side-channel attacks.
- Twofish uses a different key for each dataset, which makes it slow.
Twofish is more advanced, secure, and safe than Blowfish. If you’re considering one of both, go with Twofish.
However, these algorithms have limited uses. From a security standpoint, they might even be outdated.
When you’re looking for a secure algorithm for your VPN, wireless network, or mobile app, consider AES. It’s the most widely used algorithm today because it’s the standard.
Use Blowfish and Twofish for study or training purposes. For serious projects, stick with the standard.
However, since Blowfish and Twofish are open-source, you can use them as a basis to create your own algorithm. That way, it’ll be pretty hard for hackers to break your system.