i had got Hagen Reddmann's free TCipher package,which has Blowfish class with Init func :

procedure TCipher_Blowfish.Init(const Key; Size: Integer; IVector: Pointer);
var
I,J: Integer;
B: array[0..7] of Byte;
K: PByteArray;
P: PIntArray;
S: PBlowfish;
begin
InitBegin(Size);
K := @Key;
S := User;
P := Pointer(PChar(User) + SizeOf(Blowfish_Data));
Move(Blowfish_Data, S^, SizeOf(Blowfish_Data));
Move(Blowfish_Key, P^, Sizeof(Blowfish_Key));
J := 0;
for I := 0 to 17 do
begin
P[I] := P[I] xor (K[(J + 0) mod Size] shl 24 +
K[(J + 1) mod Size] shl 16 +
K[(J + 2) mod Size] shl 8 +
K[(J + 3) mod Size]);
J := (J + 4) mod Size;
end;
FillChar(B, SizeOf(B), 0);
for I := 0 to 8 do
begin
Encode(@B);
P[I * 2] := SwapInteger(PCipherRec(@B).A);
P[I * 2 + 1] := SwapInteger(PCipherRec(@B).B);
end;
for I := 0 to 3 do
for J := 0 to 127 do
begin
Encode(@B);
S[I, J * 2] := SwapInteger(PCipherRec(@B).A);
S[I, J * 2 +1] := SwapInteger(PCipherRec(@B).B);
end;

FillChar(B, SizeOf(B), 0);
InitEnd(IVector);
end;

i had question here, is BF_set_key in bf section of OpenSSL package is same like Init procedure here ? do the *IVector same like *Key in BF_set_key ? and then, blowfish is symetric cipher, right ? say that i'm gonna establish a connection with blowfish only. what i'm gonna do are pass our pwd to Init/BF_set_key, then i encode msg and send it to my pal in another side. now, my pal has to do the same, pass pwd to Init/set_key and then decode it. is this works ? coz i'm still not understand what Init/set_key do under the hood. i had read the counterpane tut. it said there's P & Sbox array. from Init func i see that P & Sbox array updated at the end. what i think is it's gonna be diff P & Sbox every time encode/decode gets called. and with this then i think such connection is can't be, coz the my pal's P & Sbox are diff from me since i've encode something while he do nothing yet. can anyone tell what's wrong with this ?

If you both know the password, then you have no need of SSL. SSL is for establishing connections between computers with no prior relationship and involves asymmetric (public-key) crypto.

Blowfish is a 64-bit symmetric cipher. Use a hash function to convert your passphrase into a 64-bit key. Then you encrypt using that key, and he decrypts using that key.

hi Mike, i don't understand how the connection is establihed, i mean how the protocol works out. is it true when i encrypt msg with a key [init blowfish] then the s-box and p array is get updated ? if then how the other computer can decrypt it without knowing the updated s-box and p array ?

If you both put the same key (or passphrase) into blowfish, it will synchronize itself. As your friend begins to decrypt the message, his cipher's internal state will change in the same way as yours did and everything will work fine.

The S and P boxes are initialized before encrypting, when you supply the key. They don't change after that.

I said to use a hash function on your passphrase to get 64 bits of key. You can do that, or you can just put the key in directly to blowfish, since the key length is variable.

Is Delphi your language of choice? There are other easy-to-use implementations in other languages, too.

Quote:
"The S and P boxes are initialized before encrypting, when you supply the key. They don't change after that. "

why is that? what's in my mind is s-box and p box are both got updated each time i encrypt/decrypt something, is that true? coz u say it in the beginning that internal's state'll changed. well, i agree with that. but after both put the key to init, and then i put my msg to encrypt and send it to him. and in this point, i think the s-box and p-box got updated again, right? what i think again is...is it true that the only one who can decrypt it is me, coz the my 1st internal state has changed and the other is not yet ?

to be clear say like this:
s1,p1 -----[init with my key]----> s1',p1'
s2,p2------[init with his key,same]-----> s2',p2'
s1',p1'-----[encrypt my msg]------>s1'',p1''
s2',p2'-----[decrypt my msg]------>?

yep, in this point i don't understand.

No, the S and P box don't change when you encrypt something. You set them up once when you provide the key and they don't change until you want a new key.

Quoting from Applied Crypto:

Blowfish is a Feistel network consisting of 16 rounds. The input is a 64-bit data element x. To encrypt:


That's the code for encrypting one block. If you do that to every block, you get ECB mode encryption. Note that the S and P tables are only referenced, not modified.

? encrypt/decrypt not change s/p box, or i'm wrong reading that s-box are session dependent ?
um.. about Feistel network. i see that encrypt/decrypt just involve reverse subkey for input to F(). if encrypt/decrypt is not changing s/p box, is it possible to make the s/p box to earlier state, with reverse the subkey for F()?

i see one using blowfish like this :
s,p ----[key]---> s',p' for init
s',p'----[xored key]--->ciphertext for encrypt

is it a secure way ? is it known as one of four mode operation ?

Look, it's not that hard. For a given key, you set up the S and P boxes ONCE and then they never change again. Encrypt, decrypt, it doesn't matter. They don't change as long as the key is the same.

For decryption, you're right, you use them in reverse order, but they DON'T CHANGE.

if it really doesn't change, then am i wrong if i say the blowfish strength is at difficulty in reverse the s/pbox to earlier [phi] state ?

The hard problem is deriving the S and P boxes when you don't know the password. There'd be no point in reversing the S & P boxes to the phi state. If you knew the S & P boxes, you wouldn't need to know the key, since only the S & P boxes are used for encryption.

If all you get to see is a bunch of plaintexts and the corresponding ciphertexts, then it's very hard to figure out the S & P boxes.

ok, i got that. and thanks for all of your replies, Mike, since i see noone replying me anymore, maybe coz i'm very new-b.

oh! Hi, Mike, you said that there are other easy-to-use implementations in other languages. i want to know that, please tell me.

thanks

Try Wei Dai's Crypto++ library

www.eskimo.com/~weidai

(if that doesn't work, remove the tilde)

thanks Mike