Score:0

Security of Blowfish with secret S-boxes

pf flag

There are similar questions about secret S-box(es), but none of them about secret Blowfish (or any other canonical Feistel cipher) S-Boxes, only about secret AES S-Box.

Let's suppose that instead of using Pi hexadecimal number in Blowfish S-Boxes, I use my own S-Box taken from /dev/random and keep it secret.

Blowfish modifies all the 32-bits halves of plaintext 16 times, each half gets 8 inputs 32-bits each from the F-function (totaling 256-bits).

Does keeping the S-Boxes secret improves security of Blowfish by 256-bits?

/\ As each half of plaintext receives 8 32-bits words from the F-function in which the S-boxes are processed, the entire plaintext is modified 8 times considering the two halves concatenated in a 64-bt block, receiving a total of 256-bits from the F-function.

kelalaka avatar
in flag
As in DES research has shown that Random S-Boxes are not as secure as the design. You are asking obscuring the design that is not the way in the cryptography in which the only key is secret by Kerckhoff's principles...
cn flag
Blowfish already has secret S-boxes for encryption. Those Pi S-boxes are used for generating secret S-boxes and subkeys from key. You could replace them and keep them secret, but you probably wouldn't gain much.
cn flag
There might be chosen-key attacks to recover S-boxes like for GOST block cipher, but GOST has smaller S-boxes. However Blowfish already has big key and its block size is too small anyway.
cn flag
Also it could be hard to keep S-boxes secret. If you distribute binary, it can be extracted.
phantomcraft avatar
pf flag
@kelalaka Bruce Schneier said that Blowfish can be implemented with smaller S-boxes and also, the first Blowfish implementation written by him, used only zeroes as initial S-Boxes (encryption with supplied key over zeroes).
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.