
Research Article


Randomness Analysis on Blowfish Block Cipher Using ECB and CBC Modes 

Ashwak Mahmood Alabaichi,
Ramlan Mahmood,
Faudziah Ahmad
and
Mohammed S. Mechee



ABSTRACT

Randomness of the output is one of the significant factors
in measuring the security of any cryptographic algorithm. Nonrandom block cipher
is vulnerable to any type of attack. This paper presents the National Institute
of Standard and Technology (NIST) statistical tests of the Blowfish algorithm
to investigate its randomness. Blowfish algorithm with Electronic Codebook (ECB)
and Cipher Block Chaining (CBC) modes were conducted for these tests. In addition,
comparisons between them were introduced. The analysis showed that Blowfish
algorithm with ECB mode was inappropriate with data such as text and image files
which have large strings of identical bytes. This inconsistency is due to the
majority of the 188 statistical tests of NIST statistical tests failing in all
rounds.





Received: April 06, 2013;
Accepted: May 15, 2013;
Published: July 19, 2013


INTRODUCTION
Blowfish algorithm was designed by Schneier at the Cambridge Security Workshop
in December 1993 to replace the Data Encryption Standard (DES). This fast, free
alternative to existing encryption algorithms has since been widely analyzed
and gradually accepted as a good and powerful encryption algorithm offering
several advantages, among them its suitability and efficiency for implementing
hardware. It is also unpatented and therefore does not require any license.
The elementary operators of Blowfish algorithm comprise table lookup, addition
and XOR with the table being made up of four Sboxes and a Parray. Based on
Feistel rounds, Blowfish algorithm is a cipher with the Ffunction design being
a simplified version of the principles employed in DES to provide similar security,
faster speed and higher efficiency in software. Due to its good encryption rate
in software, no effective cryptanalysis has been found to date (Schneier,
1994; Meyers and Desoky, 2008; Mousa,
2005; Thakur and Kumar, 2011). Even though it is
not as wellknown as AES, the uniqueness of Blowfish algorithm and the efficiency
of its algorithm have led to its growing popularity in the open source community
(Cornwell, 2012).
The block cipher requires the generated cipher text to be distributed uniformly
when dissimilar plaintext blocks are used during encryption. By statistically
analyzing the block cipher it can be determined if the tested algorithm meets
this requirement. A nonrandom block cipher can be susceptible to attacks of
many types (Isa and Z’Aba, 2012).
The test suite Rukhin et al. (2010) from NIST
was selected for testing Blowfish algorithm generated sequences. These statistical
tests are appropriate for evaluating generators of random and pseudorandom
numbers that cryptographic applications use. To the knowledge of the researchers,
there have not been any statistical tests performed on Blowfish algorithm with
ECB and CBC modes.
The five sections in this study include the following: Section 2 describes
the Blowfish algorithm, ECB and CBC modes; section 3 categorizes and explains
each Blowfish algorithm Data type for statistical test; section 4 provides the
results of the experiment and empirical analysis of the randomness testing on
Blowfish algorithm with ECB and CBC modes, while section 5 provides the conclusion
and recommendations for future work.
BLOWFISH BLOCK CIPHER Blowfish algorithm is a symmetric block cipher using a Feistel network, iterating
simple encryption and decryption functions of 16 times. Each A Feistel structure
offers various advantages which are appeared, particularly in hardware system.
The decryption process of the cipher text required only reversing the key schedule.
The Blowfish algorithm can be divided into: key expansion and data encryption
(Cornwell, 2012; Schneier, 1994;
Kumar et al., 2010).
Key Expansion of the Blowfish algorithm starts with the Parray and Sboxes
and utilizes many subkeys, which have to be precomputed before data encryption
or decryption. The Parray comprises eighteen 32bit subkeys: P1, P2…
P18.
In this section a key of maximum 448 bits is converted into several subkey
arrays up to a total of 4168 bytes.
There are 256 entries for each of the four 32bit Sboxes:
• 
S1, 0, S1, 1,..., S1, 255 
• 
S2, 0, S2, 1,..., S2, 255 
• 
S3, 0, S3, 1,..., S3, 255 
• 
S4, 0, S4, 1,..., S4, 255 
How these subkeys are calculated is explained below:
• 
First, the Parray is initialized followed by the four Sboxes,
with a fixed string, which has the hexadecimal digits of p_{i} 
• 
XOR P1 with the key’s first 32 bits, XOR P2 with its second 32 bits
and so on, until the key’s bits are up to P14. The cycle is iterated
through the key bits until the entire Parray has been XORed with key bits 
• 
The Blowfish algorithm is then used to encrypt the allzero string, employing
the described subkeys in steps 1 and 2 
• 
P1 and P2 are replaced with the step 3 out put 
• 
Encrypt the step 3 output with the Blow fish algorithm using the modified
subkeys 
• 
Replace P3 and P4 with the output of step 5 
• 
The process is continued and all elements of the Parray are replaced,
followed by all four SBoxes, with the output continuously changing 
Data encryption commences with a 64bit block element of plaintext morphing
into a 64 bit ciphertext. The 64bit segment is instantly broken up into two
equal segments that are then used in the Blowfish algorithm as the base. The
exclusiveoroperation (XOR) is then executed between the first 32bit block
segment (L) and the first Parray. The obtained 32bit data go to the F function
which permutes the data to give a 32bit block segment, which is XOR'ed with
the second 32bit segment (R) from the 64bit plaintext split. On completion
of the XOR operation, the 32bit segments L and R are swapped for future iterations
of the Blowfish algorithm. Figure 1 illustrates the architecture
of the Blowfish algorithm with 16 rounds. The input is a 64bit data element,
X, which is divided into two 32bit halves: XL and XR.
FFunction of blowfish algorithm is probably the most complex part of the algorithm
and the only part that utilizes the SBoxes. It accepts a 32bit stream of data
and splits that into four equal sections. Each 8bit subdivision is changed
into a 32bit data stream using their corresponding SBox. The obtained 32bit
data is XOR'ed or combined to give a final 32bit value for permutations of
the Blowfish algorithm (note that all addition is modulo 2^{32}).

Fig. 1: 
Blowfish architecture 

Fig. 2: 
Ffunction architecture 
Figure 2 Describes the architecture of the F function (Cornwell,
2012; Bagad and Dhotre, 2008; Van
Tilborg and Jajodia, 2011; Schneier, 1996).
Decryption is similar to encryption but P1, P2...P18 are used in the reverse
order: In order to reduce the risks of clever attack on the cipher, consecutive
blocks of message can be chained together so that identical blocks of plaintext
are not seen as identical blocks in ciphertext. The attacker would then not
be able to identify the file type. A random nonzero initialization vector IV
of the same length as a common block is used to begin the chain. CBC mode is
demonstrated by the following steps (Meyers and Desoky,
2008; Dworkin, 2005).
C_{1} = CIPH_{K} (P_{1}⊕
IV) 
C_{j} = CIPH_{K} (P_{j}⊕
C_{j1} ) 
P_{1} = CIPH^{1}_{K} (C_{1})⊕
IV 
P_{j} = CIPH^{1}_{K} (C_{j})⊕
C_{j1} 
where, P_{j} is the jth plaintext block. C_{j} the jth ciphertext
block. CIPH_{K }the forward cipher function of the block cipher algorithm
under the key K is applied to the data block X. CIPH^{1}_{K}
is the inverse cipher function of the block cipher algorithm under the key K
is applied to the data block X.
The Electronic Codebook (ECB) mode is another mode which is confidentialitybased,
with a key assigned to a fixed ciphertext block for each plaintext block, similar
to assigning codes in a codebook (Dworkin, 2005).
Table 1: 
Breakdown of the 188 statistical tests performed through
analysis 

The definition of the Electronic Codebook (ECB) mode is:
C_{j} = CIPH_{ K} (P_{j}) 
P_{j} = CIPH^{1}_{K} (C_{j}),
for j = 1… n 
Blowfish data types: Testing the randomness on the Blowfish algorithm
was done by applying the NIST Statistical Suite (Rukhin et
al., 2010). All such testing consisted of 15 core statistical tests
that can be viewed as 188 statistical tests under different parameter inputs,
Table 1 shows the individual core statistical test, followed
by the number of tests done for each core test. In this section, we provide
four Categories of Data such as, Random Plaintext/Random 128Bit keys (Soto,
1999), image, text and video files.
Random plaintext/random 128bit keys: The basis of this experiment was
the data generated with the BlumBlumShub (BBS) pseudorandom bit generator
because it is a cryptographically secure pseudorandom bit generator and similar
to the data type used in testing Advanced Encryption Standard Finalist Candidates
(Menezes et al., 1997).
A total of 128 sequences were established for the purpose of examining the
randomness of ciphertext (based on random plaintext and random 128bit keys.
Each sequence resulted from the concatenation of 16256 ciphertext blocks of
length 64 bits (1040384 bits) using 16256 random plaintexts blocks of length
64 bits and a random 128bit key in ECB mode one time and another time in CBC.
Image files: This experiment was based on a data set of 128 sequences
of image files in different formats. Each sequence resulted from the concatenation
of 24580 (1573120 bits) ciphertext block of 64bit length using 24580 plaintexts
blocks of the 64bit length and a random 256bit key in ECB mode one time and
another time in CBC mode.
Text files: This experiment was based on a data set of 128 text files,
with each file consisting of a sequence resulting from the concatenation of
16256 (1040384 bits) ciphertext block of 64bit length using 16256 plaintexts
blocks of 64bit length and a random 256bit key in ECB mode one time and another
time in CBC.
Video files: This experiment was based on a data set of 128 video files.
Each file consisted of a sequence resulting from the concatenation of 16256
(1040384 bits) ciphertext blocks of 64bit length using 16256 plaintexts blocks
of 64bit length and a random 256bit key in ECB mode one time and another time
in CBC mode.
EXPERIMENTAL RESULTS
Testing the randomness of the Blowfish algorithm was done on the four types
of data mentioned in the previous section in both partial and full round considerations
(Soto and Bassham, 2000; Isa and
Z’Aba, 2012).
Full round testing (FRT): When testing in full round with Blowfish algorithm,
all four data types were generated, meaning that the data derived have to complete
16 for all types of data (Soto and Bassham, 2000; Isa
and Z’Aba, 2012; Ariffin et al., 2011).
Partial round testing (PRT): Soto and Bassham (2000)
tested Fesitel network Twofish rounds in pairs. After each round, some of the
data bits were left basically intact without change and thus twofish appeared
to be nonrandom after one round under the test conditions but the result was
different after two rounds when the data bits were affected. Twofish rounds
were tested in pairs with even numbered rounds from 214. Therefore, In Partial
Round Testing on Blowfish algorithm, all four data types were generated using
the Partial round of Blowfish algorithm in pairs from 214. In the following
we discuss the output of implementing Random Test for the four types of data
on Blowfish algorithm with ECB and CBC modes in PRT and FRT, respectively.
Random plaintext/random 128bit keys: We illustrate the Random Plaintext/Random
128bit keys files results of PRT and FRT for Blowfish algorithm with ECB and
CBC modes in Fig. 3 and 4, respectively.



Fig. 3(ah): 
Results of random plaintext/random 128bit keys for (a) Second
roud with ECB mode, (b) Fourth round with ECB mode, (c) Sixth round with
ECB mode (d) Eighth round with ECB mode, (e) Tenth round with ECB mode,
(f) Twelfth round with ECB mode, (g) Fourteenth round with ECB mode and
(h) Sixteenth round with ECB mode 



Fig. 4(ah): 
Results of random plaintext/random 128bit keys for (a) Second
round with CBC mode, (b) Fourth round with CBC mode, (c) Sixth round with
CBC mode, (d) Eighth round with CBC mode, (e) Tenth round with CBC mode,
(f) Twelfth round with CBC mode, (g) Fourteenth round with CBC mode and
(h) Sixteenth round with CBC mode 
In each of the dished line at 96.09% indicated the smallest proportion satisfying
the 0.01 criterion of acceptance, while the solid line at 99% indicated the
proportion expected.
It is evident that the output of Blowfish algorithm with both modes on this
type of data is random for all rounds because most of the 188 statistical tests
were above 96%.
Image files: We illustrate the image files results of PRT and FRT for
Blowfish algorithm with ECB and CBC modes in Fig. 5 and 6,
respectively.
It is evident that Blowfish algorithm with CBC mode is random for all rounds
because most of the 188 statistical tests were above 96%, while the output from
the Blowfish algorithm with ECB is nonrandom for all rounds because most of
the 188 statistical tests were below 96%.
Text files: We illustrate the text files results of PRT and FRT for
Blowfish algorithm with ECB and CBC modes in Fig. 7 and 8,
respectively.
It is evident that the output from Blowfish algorithm with CBC mode is random
for all rounds because most of the 188 statistical tests were above 96%, while
the output from the Blowfish algorithm with ECB mode is nonrandom for all rounds
as the majority of the 188 statistical tests were below 96%.
Video files: We illustrate the Video files results of PRT and FRT for
Blowfish algorithm with ECB and CBC modes in Fig. 9 and 10,
respectively.


Fig. 5(ah): 
Results of image for (a) Second round with ECB mode, (b)
Fourth round with ECB mode, (c) Sixth round with ECB mode, (d) Eighth round
with ECB mode, (e) Tenth round with ECB mode, (f) Twelfth round with ECB
mode, (g) Fourteenth round with ECB mode and (h) Sixteenth round with ECB
mode 


Fig. 6(ah): 
Results of image for (a) Second round with CBC mode, (b) Fourth
round with CBC mode, (c) Sixth round with CBC mode, (d) Eighth round with
CBC mode, (e) Tenth round with CBC mode, (f) Twelfth round with CBC mode,
(g) Fourteenth round with CBC mode and (h) Sixteenth round with CBC mode 


Fig. 7(ah): 
Results of text for (a) Second round with ECB mode, (b) Fourth
round with ECB mode, (c) Sxth round with ECB mode, (d) Eighth round with
ECB mode, (e) Tenth round with ECB mode, (f) Twelfth round with ECB mode,
(g) Fourteenth round with ECB mode and (h) Sixteenth round with ECB mode 


Fig. 8(ah): 
Results of text for (a) Second round with CBC mode, (b) Fourth
round with CBC mode, (c) Sixth round with CBC mode, (d) Eighth round with
CBC mode, (e) Tenth round with CBC mode, (f) Twelfth round with CBC mode,
(g) Fourteenth round with CBC mode and (h) Results of text for sixteenth
round with CBC mode 


Fig. 9(ah): 
Results of video for (a) Second round with ECB mode, (b)
Fourth round with ECB mode, (c) Sixth round with ECB mode, (d) Eighth round
with ECB mode, (e) Tenth round with ECB mode, (f) Twelfth round with ECB
mode, (g) Fourteenth round with ECB mode and (h) Sixteenth round with ECB
mode 


Fig. 10(ah): 
Results of video for (a) Second round with CBC mode, (b)
Fourth round with CBC mode, (c) Sixth round with CBC mode, (d) Eighth round
with CBC mode, (e) Tenth round with CBC mode, (f) Twelfth round with CBC
mode, (g) Fourteenth round with CBC mode and (h) Sixteenth round with CBC
mode 
It is obvious that the output from Blowfish algorithm with CBC mode is random
for all rounds because most of the 188 statistical tests were above 96%, while
the output from the Blowfish algorithm with ECB mode on completion of first
round, seems to be nonrandom because most of the 188 statistical tests were
below 96%. From the end of the second round until the end of the sixteenth round,
statistics produced are similar to Blowfish algorithm with CBC mode except Approximate
Entropy (159) and serial (186, 187) tests statistical test which were below
96% for all rounds.
CONCLUSION AND FUTURE WORK
From the result it can be seen that Blowfish algorithm with ECB mode is not
suitable for image and text files that have large strings of identical bytes.
However, using CBC mode with Blowfish algorithm 64bits could pass NIST tests,
meaning that it can be used to encrypt any type of file without restrictions
on the file contents. Future work should apply the same experiment on extended
Blowfish algorithm 128 bits.

REFERENCES 
1: Meyers, R.K. and A.H. Desoky, 2008. An implementation of the blowfish cryptosystem. Proceedings of the IEEE International Symposium, Signal Processing and Information Technology, December 1619, 2008, Sarajevo, Bosnia and Herzegovina, pp: 346351.
2: Mousa, A., 2005. Data encryption performance based on Blowfish. Proceedings of the 47th International Symposium ELMAR, June 810, 2005, Zadar, Croatia, pp: 131134.
3: Thakur, J. and N. Kumar, 2011. DES, AES and Blowish: Symmetric key cryptography algorithms simulation based performance analysis. Int. J. Emerg. Technol. Adv. Eng., 1: 612. Direct Link 
4: Cornwell, J.W., 2012. Blowfish survey. https://cs.columbusstate.edu/caeia/StudentPapers/cornwell.jason.pdf.
5: Isa, H. and M.R. Z'aba, 2012. Randomness analysis on LED block ciphers. Proceedings of the 5th International Conference on Security of Information and Networks, October 2527, 2012, Jaipur, India, pp: 6066.
6: Rukhin, A., J. Soto, J. Nechvatal, M. Smid and E. Barker et al., 2010. A statistical test suite for random and pseudorandom number generators for cryptographic applications. NIST Special Publication 80022 Revision 1a, National Institute of Standards and Technology, Gaithersburg, MD., April 2010, pp: 1131.
7: Dworkin, M., 2005. Recommendation for block cipher modes of operation: The CMAC mode for authentication. National Institute of Standards and Technology, Special Publication 80038B. csrc.nist.gov/publications/nistpubs/80038C/SP80038B.pdf.
8: Soto, J., 1999. Randomness testing of the AES candidate algorithms. National Institute of Standards and Technology, NIST IR 6390, pp: 19.
9: Schneier, B., 1994. Description of a New VariableLength Key, 64 Bit Block Cipher (Blowfish). In: Fast Software Encryption: Cambridge Security Workshop Cambridge, U.K., December 911,1993 Proceedings. Anderson, R. (Ed.). SpringerVerlag, London, UK., ISBN: 3540581081, pp: 191204.
10: Kumar, R.S., E. Pradeep, K. Naveen and R. Gunasekaran, 2010. A novel approach for enciphering data of smaller bytes. Int. J. Comp. Theory Engine., 2: 654659. Direct Link 
11: Bagad, V.S. and A.I. Dhotre, 2008. Cryptography and Network Security. 2nd Revised Edn., Technical Publications, Pune, India, ISBN13: 9788184313406, Pages: 202.
12: Van Tilborg, H.C.A. and S. Jajodia, 2011. Encyclopaedia of Cryptography and Security. 2nd Edn., Springer, USA., ISBN 9781441959065.
13: Schneier, B., 1996. Applied Cryptography: Protocols, Algorithms and Source Code in C. 2nd Edn., John Wiley and Sons, New York, USA., ISBN13: 9780471117094, pp: 758.
14: Soto, J. and L. Bassham, 2000. Randomness testing of the advanced encryption standard finalist candidates. NIST IR 6483, National Institute of Standards and Technology, U.S. Department of Commerce, Gaithersburg, MD., USA., March 2000.
15: Menezes, A.J., P.C. van Oorschot and S.A. Vanstone, 1997. Handbook of Applied Cryptography. CRC Press, New York, USA.
16: Arifﬁn, S., R. Mahmod, A. Jaafar and M.R.K. Ariffin, 2011. Byte permutations in block cipher based on immune systems. Proceedings of the 3rd International Conference on Software Technology and Engineerin, August 1213, 2011, ASME Press, New York, pp: 16.



