What's the difference between Blowfish and Blowfish-compat?

Question

I can't seem to find a source for the differences. I've found this difference in this online decryption tool

http://www.tools4noobs.com/online_tools/decrypt/

I have some encrypted Blowfish data that I'm trying to decrypt through Python's PyCrypto module. The problem, however, is that the data seems to be encrypted with "blowfish-compat", as that's what it takes to decrypt it through the online tool; I can't decrypt it through PyCrypto's module, and I'm gathering that it uses strictly Blowfish decryption (and not Blowfish-compat, whatever that is).

Is it possible to decrypt blowfish-compat through Python somehow? I don't know the differences between the two.

Answer 1

good question. it seems to be something specific to the mcrypt/libmcrypt program.

i couldn't find any docs so i looked at the source for libmcrypt. that contains two modules, one for blowfish, and one for blowfish-compat. when i look at those, the only difference i can see (warning: i am a software engineer, but not a crypto specialist) is that the logic for byte order is swapped (ifdef WORDS_BIGENDIAN is replaced by ifndef WORDS_BIGENDIAN - note the "n").

so my guess is that it is for decoding data on big-endian machines that was encoded on little-endian machines, or vice-versa. or perhaps there is some convention that code should follow about endianness, but some libraries break it, and this compensates.

update aha! and knowing that, googling for "blowfish-compat big-endian" turns up what looks like confirmation. see http://www.spinics.net/lists/crypto/msg00175.html - which discusses an incorrect implementation that got the ordering reversed.

so, in short, your data were incorrectly encoded. the "compat" mode reproduces the bug so that they can be decoded.

given that, it looks like you're short-of-luck on the python front unless you can find a python interface to mcrypt. http://labix.org/python-mcrypt looks like it might work (pypi page - http://pypi.python.org/pypi/python-mcrypt).

(this was one of the most fun answers to provide in a long time :o)

oh, and i got the source from http://sourceforge.net/projects/mcrypt/ by following the "browse all files" link under the download button (the button downloads mcrypt, not libmcrypt).