AES vs Blowfish for file encryption

Question

I want to encrypt a binary file  My goal is that to prevent anyone to read the file who doesn t have the password   Which is the better solution  AES or Blowfish with the same key length  We can assume that the attacker has great resources  softwares  knowledge  money  for cracking the file

User · Answer

AES    I also am assuming you mean twofish not the much older and weaker blowfish   Both  AES  amp  twofish  are good algorithms  However even if they were equal or twofish was slightly ahead on technical merit I would STILL chose AES   Why   Publicity   AES is THE standard for government encryption and thus millions of other entities also use it   A talented cryptanalyst simply gets more  bang for the buck  finding a flaw in AES then it does for the much less know and used twofish   Obscurity provides no protection in encryption  More bodies looking  studying  probing  attacking an algorithm is always better   You want the most  vetted  algorithm possible and right now that is AES   If an algorithm isn t subject to intense and continual scrutiny you should place a lower confidence of it s strength   Sure twofish hasn t been compromised   Is that because of the strength of the cipher or simply because not enough people have taken a close look       YET

User · Answer

It is a not-often-acknowledged fact that the block size of a block cipher is also an important security consideration  though nowhere near as important as the key size    Blowfish  and most other block ciphers of the same era  like 3DES and IDEA  have a 64 bit block size  which is considered insufficient for the large file sizes which are common these days  the larger the file  and the smaller the block size  the higher the probability of a repeated block in the ciphertext - and such repeated blocks are extremely useful in cryptanalysis    AES  on the other hand  has a 128 bit block size   This consideration alone is justification to use AES instead of Blowfish

User · Answer

In terms of the algorithms themselves I would go with AES  for the simple reason is that it s been accepted by NIST and will be peer reviewed and cryptanalyzed for years   However I would suggest that in practical applications  unless you re storing some file that the government wants to keep secret  in which case the NSA would probably supply you with a better algorithm than both AES and Blowfish   using either of these algorithms won t make too much of a difference   All the security should be in the key  and both of these algorithms are resistant to brute force attacks   Blowfish has only shown to be weak on implementations that don t make use of the full 16 rounds   And while AES is newer  that fact should make you lean more towards BlowFish  if you were only taking age into consideration    Think of it this way  BlowFish has been around since the 90 s and nobody  that we know of  has broken it yet      Here is what I would pose to you    instead of looking at these two algorithms and trying to choose between the algorithm  why don t you look at your key generation scheme   A potential attacker who wants to decrypt your file is not going to sit there and come up with a theoretical set of keys that can be used and then do a brute force attack that can take months   Instead he is going to exploit something else  such as attacking your server hardware  reverse engineering your assembly to see the key  trying to find some config file that has the key in it  or maybe blackmailing your friend to copy a file from your computer   Those are going to be where you are most vulnerable  not the algorithm

User · Answer

I know this answer violates the terms of your question  but I think the correct answer to your intent is simply this  use whichever algorithm allows you the longest key length  then make sure you choose a really good key  Minor differences in the performance of most well regarded algorithms  cryptographically and chronologically  are overwhelmed by a few extra bits of a key

User · Answer

Probably AES  Blowfish was the direct predecessor to Twofish  Twofish was Bruce Schneier s entry into the competition that produced AES  It was judged as inferior to an entry named Rijndael  which was what became AES    Interesting aside  at one point in the competition  all the entrants were asked to give their opinion of how the ciphers ranked  It s probably no surprise that each team picked its own entry as the best -- but every other team picked Rijndael as the second best   That said  there are some basic differences in the basic goals of Blowfish vs  AES that can  arguably  favor Blowfish in terms of absolute security  In particular  Blowfish attempts to make a brute-force  key-exhaustion  attack difficult by making the initial key setup a fairly slow operation  For a normal user  this is of little consequence  it s still less than a millisecond  but if you re trying out millions of keys per second to break it  the difference is quite substantial   In the end  I don t see that as a major advantage  however  I d generally recommend AES  My next choices would probably be Serpent  MARS and Twofish in that order  Blowfish would come somewhere after those  though there are a couple of others that I d probably recommend ahead of Blowfish

User · Answer

Both algorithms  AES and twofish  are considered very secure  This has been widely covered in other answers   However  since AES is much widely used now in 2016  it has been specifically hardware-accelerated in several platforms such as ARM and x86  While not significantly faster than twofish before hardware acceleration  AES is now much faster thanks to the dedicated CPU instructions

User · Answer

The algorithm choice probably doesn t matter that much  I d use AES since it s been better researched  What s much more important is choosing the right operation mode and key derivation function   You might want to take a look at the TrueCrypt format specification for inspiration if you want fast random access  If you don t need random access than XTS isn t the optimal mode  since it has weaknesses other modes don t  And you might want to add some kind of integrity check or message authentication code  too

[security] AES vs Blowfish for file encryption

Examples related to security

Examples related to encryption

Examples related to aes

Examples related to blowfish