**Blowfish** symmetric block cipher algorithm encrypts block data of 64-bits at a time. The algorithm follows fiestal network and is divided into 3 main parts:

1. Key-expansion

2. Data Encryption

3. Data Decryption

**1.Key Expansion**

Prior to any data encryption and decryption, these keys should be computed before-hand.

The p-array consists of 18, 32-bit sub-keys:

P1, P2,., P18

Four 32-bit S-Boxes consist of 256 entries each:

S1, 0, S1, 1,. S1, 255

S2, 0, S2, 1,.. S2, 255

S3, 0, S3, 1,.. S3, 255

S4, 0, S4, 1 …………..S4, 255

Generating the Sub-keys:

The sub-keys are calculated and generated using the Blowfish algorithm:

1. Initialize first the P-array and then the four S-boxes, in order, with a fixed string. This string consists of the hexadecimal digits of pi (less the initial 3): P1 = 0x243f6a88, P2 = 0x85a308d3, P3 = 0x13198a2e, P4 = 0x03707344, etc

2. XOR P1 with the first 32 bits of the key, XOR P2 with the second 32-bits of the key, and so on for all bits of the key (possibly up to

P14). Repeatedly cycle through the key bits until the entire P-array has been XORed with key bits. (For every short key, there is at least one equivalent longer key; for example, if A is a 64-bit key, then AA, AAA, etc., are equivalent keys.)

3. Encrypt the all-zero string with the Blowfish algorithm, using the subkeys described in steps (1) and (2).

4. Replace P1 and P2 with the output of step (3).

5. Encrypt the output of step (3) using the Blowfish algorithm with the modified sub-keys.

6. Replace P3 and P4 with the output of step (5).

7. Continue the process, replacing all entries of the P array, and then all four S-boxes in order, with the output of the continuously changing Blowfish algorithm.

In total, 521 iterations are required to generate all required sub-keys. Applications can store the sub-keys rather than execute this derivation process multiple times.

**2.Data Encryption**

It is having a function to iterate 16 times of network. Each round consists of key-dependent permutation and a key and data-dependent substitution. All operations are XORs and additions on 32-bit words. The only additional operations are four indexed array data lookup tables for each round.

**Algorithm**: Blowfish Encryption

Divide x into two 32-bit halves: xL, xR

For i = 1to 16:

xL = XL XOR Pi

xR = F(XL) XOR xR

Swap XL and xR

Swap XL and xR (Undo the last swap.)

xR = xR XOR P17

xL = xL XOR P18

Recombine xL and xR

**3.Data Decryption**

Decryption is exactly the same as encryption, except that P1, P2 ….. P18 are used in the reverse order.