28-07-2012, 11:16 AM
Encrypting data with the Blowfish algorithm
blowfish.pdf (Size: 141.87 KB / Downloads: 120)
Modern embedded systems
need data security more than
ever before. Our PDAs store personal
e-mail and contact lists; GPS
receivers and, soon, cell phones
keep logs of our movements;[1]
and our automobiles record our
driving habits.[2] On top of that,
users demand products that can
be reprogrammed during normal
use, enabling them to eliminate
bugs and add new features as
firmware upgrades become available.
Data security helps keep private
data private. Secure data
transmissions prevent contact
lists and personal e-mail from
being read by someone other
than the intended recipient,
keep firmware upgrades out of
devices they don’t belong in, and
verify that the sender of a piece of
information is who he says he is.
The sensibility of data security is
even mandated by law in certain
applications: in the U.S. electronic
devices cannot exchange
personal medical data without
encrypting it first, and electronic
engine controllers must not
permit tampering with the data
tables used to control engine
emissions and performance.
Terminology
In cryptographic circles, plaintext
is the message you’re trying to
transmit. That message could be
a medical test report, a firmware
upgrade, or anything else that
can be represented as a stream
of bits. The process of encryption
converts that plaintext message
into ciphertext, and decryption
converts the ciphertext back into
plaintext.
Data security in practice
Let’s say an embedded system
wants to establish a secure dataexchange
session with a laptop,
perhaps over a wireless medium.
At the start of the session, both
the embedded system and laptop
compute a private Blowfish
key and public and private RSA
keys. The embedded system
and laptop exchange the public
RSA keys and use them to encrypt
and exchange their private
Blowfish keys. The two machines
then encrypt the remainder of
their communications using
Blowfish. When the communications
session is over, all the keys
are discarded.
The Blowfish algorithm
Blowfish is a symmetric encryption
algorithm, meaning that
it uses the same secret key to
both encrypt and decrypt messages.
Blowfish is also a block
cipher, meaning that it divides
a message up into fixed length
blocks during encryption and
decryption. The block length
for Blowfish is 64 bits; messages
that aren’t a multiple of eight
bytes in size must be padded.
Blowfish is public domain, and
was designed by Bruce Schneier
expressly for use in performanceconstrained
environments such
as embedded systems.[3] It has
been extensively analysed and
deemed “reasonably secure” by
the cryptographic community.
blowfish.pdf (Size: 141.87 KB / Downloads: 120)
Modern embedded systems
need data security more than
ever before. Our PDAs store personal
e-mail and contact lists; GPS
receivers and, soon, cell phones
keep logs of our movements;[1]
and our automobiles record our
driving habits.[2] On top of that,
users demand products that can
be reprogrammed during normal
use, enabling them to eliminate
bugs and add new features as
firmware upgrades become available.
Data security helps keep private
data private. Secure data
transmissions prevent contact
lists and personal e-mail from
being read by someone other
than the intended recipient,
keep firmware upgrades out of
devices they don’t belong in, and
verify that the sender of a piece of
information is who he says he is.
The sensibility of data security is
even mandated by law in certain
applications: in the U.S. electronic
devices cannot exchange
personal medical data without
encrypting it first, and electronic
engine controllers must not
permit tampering with the data
tables used to control engine
emissions and performance.
Terminology
In cryptographic circles, plaintext
is the message you’re trying to
transmit. That message could be
a medical test report, a firmware
upgrade, or anything else that
can be represented as a stream
of bits. The process of encryption
converts that plaintext message
into ciphertext, and decryption
converts the ciphertext back into
plaintext.
Data security in practice
Let’s say an embedded system
wants to establish a secure dataexchange
session with a laptop,
perhaps over a wireless medium.
At the start of the session, both
the embedded system and laptop
compute a private Blowfish
key and public and private RSA
keys. The embedded system
and laptop exchange the public
RSA keys and use them to encrypt
and exchange their private
Blowfish keys. The two machines
then encrypt the remainder of
their communications using
Blowfish. When the communications
session is over, all the keys
are discarded.
The Blowfish algorithm
Blowfish is a symmetric encryption
algorithm, meaning that
it uses the same secret key to
both encrypt and decrypt messages.
Blowfish is also a block
cipher, meaning that it divides
a message up into fixed length
blocks during encryption and
decryption. The block length
for Blowfish is 64 bits; messages
that aren’t a multiple of eight
bytes in size must be padded.
Blowfish is public domain, and
was designed by Bruce Schneier
expressly for use in performanceconstrained
environments such
as embedded systems.[3] It has
been extensively analysed and
deemed “reasonably secure” by
the cryptographic community.