Recently I had cause to compare Blowfish algorithms. I was comparing outputs from DI Management's library and PHP's mcrypt. I could not get them to agree in any way. This led me on an interesting chase. According to this posting on Bruce Schneier's website, there was a sign extension bug in early versions of the Blowfish code, and it wo...
I'm running Windows Server 2k8 (maybe that's half the problem?) Anyway, I'm getting different values out of different Blowfish modules in various languages. Is there one which can be relied upon as the standard? For the following examples, assume the key is password and the plaintext 12345678. a. The Online Encrypt Tool with Algorithm ...
I have an application that does time-sensitive communications over UDP (like video streaming or a game). Packets may be lost, and do not need to be re-transmitted. What cipher should I use to encrypt the datagrams? I'm leaning towards blowfish in ECB mode. I know ECB mode has problems, but I need to support missing packets, so the enc...
I implemented Diffie–Hellman key exchange in Java with some large groups from RFC 3526. My output is a fairly large array of bytes. Is it safe to use the first 448 bits (56 bytes) of the output for a blowfish key? Should I transform the bytes in any way, or pick any specific bytes for the key? ...
I have a string (comprised of a userID and a date/time stamp), which I then encrypt using ColdFusion's Encrypt(inputString, myKey, "Blowfish/ECB/PKCS5Padding", "Hex"). In order to interface with a 3d party I have to then perform the following: Convert each character pair within the resultant string into a HEX value. HEX values are th...