The Twofish Algorithm Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Twofish is an encryption algorithm designed and analysed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall and Niels Ferguson. Its main creator Bruce Schneier is a well-known American cryptographer. He is also the founder of BT Counterpane, a company that sells managed computer network security services. The company is formerly known as Counterpane Internet Security, Inc. and was first founded in August 1999. The company is then acquired by BT Group (one of the largest telecommunications services companies in the world) on 25 October, 2006 thus changing its name to the current BT Counterpane.

Twofish algorithm is originally created with the purpose to replace DES (Data Encryption Standard) as a much better encryption. The emergence of better technology has made DES a more vulnerable encryption as its relatively small 56-bit key is prone to brute force attack and faster processor can decrypt it easier. Bruce also created the blowfish algorithm in 1993 as a better and safer alternative to DES but it has not much influenced as better encryption standard were to be developed later on.

National Institute of Standards and Technology (NIST) made a competition to find a better encryption standard on 2nd January 1997. The winner of the competition would be recognised as the new encryption standard known as AES (Advanced Encryption Standard). Twofish is one of the encryption algorithm submitted to the competition and it has performed relatively well to be one of its top five finalists. Unfortunately, on 2nd October 2000, NIST announced twofish did not win the competition and was not chosen for standardisation. The complicated structure of the algorithm and its complicated analysis for weak keys and hidden relations together with being slower on most platforms did not let it win.

Twofish is known as a successor to blowfish as they both implement a similar algorithm with different block-cipher and key-lengths. Like blowfish, twofish is also not patented as its creator wants it to be free and available to the public. The encryption algorithm is available and can be found freely in the net. Even though its algorithm is free to be viewed; it is still considered secure among today's encryption algorithm.

Encryption Algorithm

Twofish is a 128-bit block cipher that accepts a key of any length up to 256 bits. It conforms to the rule of the NIST AES competition where the encryption must be able to accept key length of 128-, 192-, and 256-bit keys. A block cipher is a symmetric key cipher which means it uses a single key for encryption and decryption. Its building blocks are Feistel Networks, S-Boxes, MDS Matrices, Pseudo-Hadamard Transforms, Whitening, and Key Schedule.

Figure 1: Twofish structure

(source: Figure 1 [online image]Available, June 15, 1998 )

Figure 1 shows the block cipher for twofish. It uses 16-round Feistel network with additional whitening technique to secure the input and output. By using whitening, twofish XORs 128 bits of subkey for both before the first Feistel and after the last Feistel round. They are also known as "pre-whitening" and "post-whitening". These subkeys are calculated in the same manner as the 16-round subkeys but is unique because it is only done for both that process itself and used anywhere in the encryption. The elements difference between a pure Feistel network and twofish is the implementation of rotating 1-bit in twofish.

The encryption first separate the plaintext used into four words each with 32-bits. In the input whitening step, those separated words are XORed with four key words. Then the 16-round process will start by taking two 32-bit words ( the two vertical lines along the left of Figure 1 ) and input it into the F function. Each of the two words is then break into four bytes to be passed into G function for each of the two words.

G function contains four different key-dependant S-boxes that will be used to substitute the four bytes broken out from the 32-bit words. These S-boxes are built using two fixed 8-by-8-bit permutations and key material. After that, the four resulting output from the S-boxes are combined back into 32-bit words using a linear mixing step based on Maximum Distance Separable (MDS) matrix.

The results of both the G functions is then combined and mixed using Pseudo-Hadamard Transforms (PHT). After the PHT process, the output is then added two keywords and XORed into the remaining two words where one of which is rotated left by 1 bit first and the other is rotated right afterwards. The remaining two words referred to are located on the right side of the diagram ( the two vertical lines along the right of Figure 1 ) . After that, the left and right halves are then swapped for the next round. This will be repeated until 16 times.

At the last round, the swap is reversed and the four words that were split during the start of the encryption and processed through until the final round is then are XORed with four more key words to produce the ciphertext. The 1-bit rotation done before and after the whitening step is to break the byte structure of the key.

Some additional information is that twofish can accept keys of any byte length up to 256 bits and it will convert key-sizes from input not defined as 128-, 192-, and 256-bit by padding the key end with zero bytes to the next larger length. An example is input with 60-bit key length will be converted into 128-bit and input with 180-bit will be converted into 192-bit.

**Notes**maybe want talk about the block ciphers mention


Twofish is an open source encryption algorithm; therefore there are a lot of device that can use it freely. It is workable with all standard block-cipher chaining modes such as Cipher-block chaining (CBC) and Cipher feedback (CFB).

Sum stuff :: And it's flexible; it can be used in network applications where keys are changed frequently and in applications where there is little or no RAM and ROM available.

**Notes**Not really sure what to write, might take this topic off


The creators of twofish prioritise performance when designing the algorithm. It is designed with more efficiency than most AES encryption at that time. When it was first designed, the designers ensure it works for technology at that time such as 32-bit CPUs, 8-bit smart cards, and dedicated Very-large-scale-integration (VLSI) hardware. Twofish is a highly flexible algorithm due to its unique structure that allow several layers of performance tradeoffs, depending on the relative importance of encryption speed, key setup, memory use, hardware gate count, and other implementation parameters.

The operations involved in twofish encryption is interoperable as it is just implementation trade-offs and do not affect the main calculations of twofish such as two different CPU with different type of processor might be used to process each of the both end in the algorithm. It can be set according to user needs such as encrypting large data with the same key can be done by allocating longer time for key setup but shorter time for encryption due to the same key is used. Another option is suitable for the situation where user needs to encrypt smaller data with rapidly changing keys, twofish can be set to slower encryption but key will be generated faster.

Experiments were done when the encryption were created back in 1998. During that year, large microprocessors such as Pentium Pro otherwise known as Pentium II were considered the most advanced technology. On a Pentium Pro, a fully optimized assembly language version of Twofish can encrypt or decrypt data in 285 clock cycles per block, or 17.8 clock cycles per byte, after a 12700-clock key setup (equivalent to encrypting 45 blocks). Using a 200 MHz processor for Pentium Pro, the throughput for the process is slightly lower than 90 Mbits/sec.

Sum stuff:: Twofish is fast on both 32-bit and 8-bit CPUs (smart cards, embedded chips, and the like), and in hardware.