Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

AES vs Blowfish for file encryption

Tags:

security

encryption

aes

blowfish

I want to encrypt a binary file. My goal is that to prevent anyone to read the file who doesn't have the password.

Which is the better solution, AES or Blowfish with the same key length? We can assume that the attacker has great resources (softwares, knowledge, money) for cracking the file.

like image 535
mimrock Avatar asked Nov 10 '10 17:11

mimrock

People also ask

Is Blowfish good encryption?

Blowfish is a symmetric-key block cipher, designed in 1993 by Bruce Schneier and included in many cipher suites and encryption products. Blowfish provides a good encryption rate in software, and no effective cryptanalysis of it has been found to date.

Why Blowfish is more secure?

In the Blowfish algorithm, the encryption key and the decryption key convert confidential data into ciphertext. Blowfish is the godfather of the Twofish encryption algorithm and AES. Blowfish also uses a block size of 64 that provides massive complexity, making the key entirely secure.

Which encryption techniques are used by AES DES and Blowfish?

AES, DES and Blowfish are based on symmetric key cryptographic technique [8, 12]. All algorithms are block cipher based algorithms.

Is Blowfish more secure than DES?

Blowfish and DES are both symmetric-key 64-bit block encryption algorithms. That's pretty much the end of their similarities. Blowfish is faster and more secure than DES.

1 Answers

Probably AES. Blowfish was the direct predecessor to Twofish. Twofish was Bruce Schneier's entry into the competition that produced AES. It was judged as inferior to an entry named Rijndael, which was what became AES.

Interesting aside: at one point in the competition, all the entrants were asked to give their opinion of how the ciphers ranked. It's probably no surprise that each team picked its own entry as the best -- but every other team picked Rijndael as the second best.

That said, there are some basic differences in the basic goals of Blowfish vs. AES that can (arguably) favor Blowfish in terms of absolute security. In particular, Blowfish attempts to make a brute-force (key-exhaustion) attack difficult by making the initial key setup a fairly slow operation. For a normal user, this is of little consequence (it's still less than a millisecond) but if you're trying out millions of keys per second to break it, the difference is quite substantial.

In the end, I don't see that as a major advantage, however. I'd generally recommend AES. My next choices would probably be Serpent, MARS and Twofish in that order. Blowfish would come somewhere after those (though there are a couple of others that I'd probably recommend ahead of Blowfish).

like image 160
Jerry Coffin Avatar answered Oct 06 '22 10:10

Jerry Coffin
Sign in to Comment

Related questions

Is there a difference between authentication and authorization?
best practice to generate random token for forgot password
client secret in OAuth 2.0
What's the right OAuth 2.0 flow for a mobile app
How to limit setAccessible to only "legitimate" uses?
What is SQL injection? [duplicate]
Disable-web-security in Chrome 48+
How do I secure REST API calls?
Best practices around generating OAuth tokens?
Why use an API key and secret?
What are the risks of running 'sudo pip'?
The necessity of hiding the salt for a hash
Why is printf with a single argument (without conversion specifiers) deprecated?
How to restrict Firebase data modification?
When you use 'badidea' or 'thisisunsafe' to bypass a Chrome certificate/HSTS error, does it only apply for the current site? [closed]
Why is the standard session lifetime 24 minutes (1440 seconds)?
Defeating a Poker Bot
SSL Error: unable to get local issuer certificate
API Keys vs HTTP Authentication vs OAuth in a RESTful API
X-Frame-Options Allow-From multiple domains

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!