The Short Circuit

Mike Morgan's technical journal

Archive for the 'Cryptography' Category

Bruce Schneier’s Blowfish was mentioned again on 24. This time, a character on 24 claimed that the designer of the algorithm put in a backdoor.

Blowfish is neat little encryption algorithm designed in the mid 1990s by Bruce Schneier. I first came across it in the April 1994 issue of Dr. Dobb's Journal, a magazine for working computer programmers and hobbyists.

The magazine ran an associated contest to crack blowfish, and I naively took the bait. The deadline passed without success.  But soon thereafter, I discovered a problem with the C-source code implementation: a sign extension bug.

Specifically, a key in blowfish was represented as array of char in the early C-source implementations.  A char is a type in the C language.   The C language doesn't specify whether chars are supposed to be treated as  signed or unsigned.  However, many compilers treat chars as signed by default,  unless the programmer explicitly declares or casts the char as unsigned.

Continue Reading »

© 2017 The Short Circuit | Entries (RSS) and Comments (RSS) |