Twofish
 The Twofish algorithm
|
|
| General | |
|---|---|
| Designers | Bruce Schneier |
| First published | 1998 |
| Derived from | Blowfish, SAFER, Square |
| Related to | Threefish |
| Certification | AES finalist |
| Cipher detail | |
| Key sizes | 128, 192 or 256 bits |
| Block sizes | 128 bits |
| Structure | Feistel network |
| Rounds | 16 |
| Best public cryptanalysis | |
|
Truncated differential cryptanalysis requiring roughly 251 chosen plaintexts. Impossible differential attack that breaks 6 rounds out of 16 of the 256-bit key version using 2256 steps. |
|
Truncated differential cryptanalysis requiring roughly 251 chosen plaintexts.
In cryptography, Twofish is a symmetric key block cipher with a block size of 128 bits and key sizes up to 256 bits. It was one of the five finalists of the Advanced Encryption Standard contest, but it was not selected for standardization. Twofish is related to the earlier block cipher Blowfish.
Twofish's distinctive features are the use of pre-computed key-dependent S-boxes, and a relatively complex key schedule. One half of an n-bit key is used as the actual encryption key and the other half of the n-bit key is used to modify the encryption algorithm (key-dependent S-boxes). Twofish borrows some elements from other designs; for example, the pseudo-Hadamard transform (PHT) from the SAFER family of ciphers. Twofish has a Feistel structure like DES. Twofish also employs a Maximum Distance Separable matrix.
On most software platforms Twofish was slightly slower than Rijndael (the chosen algorithm for Advanced Encryption Standard) for 128-bit keys, but it is somewhat faster for 256-bit keys.
Twofish was designed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson; the "extended Twofish team" who met to perform further cryptanalysis of Twofish and other AES contest entrants included Stefan Lucks, Tadayoshi Kohno, and Mike Stay.
...
Wikipedia