Trusted answers to developer questions
Trusted Answers to Developer Questions

Related Tags

algorithm

What is the Twofish encryption algorithm?

Shahpar Khan

Grokking Modern System Design Interview for Engineers & Managers

Ace your System Design Interview and take your career to the next level. Learn to handle the design of applications like Netflix, Quora, Facebook, Uber, and many more in a 45-min interview. Learn the RESHADED framework for architecting web-scale applications by determining requirements, constraints, and assumptions before diving into a step-by-step design process.

About Twofish

The Twofish encryption algorithm was a submissions (it ended up as a finalist) in the NISTNational Institute of Standards and Technology and was called to replace the DES encryption algorithm in 1997. John Kelsey, Chris Hall, Niels Ferguson, David Wagner, Doug Whiting, and Bruce Schneier designed the Twofish algorithm. It is completely free, and there are no patent royalties on the algorithm, copyright on the code, or any license fees.

How does it work?

Twofish encryption algorithm

The steps that the Twofish algorithm goes through are summarized in the image above. Here is a summary of each step:

  1. In each round of the Twofish algorithm, two 32-bit words serve as input into the F function.
  2. Each word is broken up into four bytes. Those four bytes are sent through four different key-dependent S-boxesa basic component of any symmetric key algorithm that performs a substitution..
  3. The four output bytes (the S-boxes have 8-bit input and output) are combined using a Maximum Distance Separable (MDS) matrix and combined into a 32-bit word.
  4. Then, the two 32-bit words are combined using a Pseudo-Hadamard Transform (PHT).
  5. The two 32-bit words are then added to two round subkeys.
  6. Finally, the two 32-bit words are XORed with the right half of the text.

There are also two 1-bit rotations going on, one before and one after the XOR.

Twofish has something called prewhitening and postwhitening where additional subkeys are XORed into the text block before the first round and after the last round.

More about the Twofish algorithm

Naturally, one might ask, “How secure is Twofish encryption?”

To answer this, we can zoom in on a single fact, the encryption key used by Twofish is 128bit in size, which means it is almost impossible to breach Twofish by sheer brute-force. This makes the encryption algorithm very secure.

Observe the table below from a measurement study of different encryption algorithms:

Comparison of space complexity

The table shows how the Twofish algorithm fares against other encryption algorithms in its league. After encryption, the Twofish algorithm converts data of size 240KB to a whopping 955KB, which is the most among all other encryption algorithms, except Blowfish. However, the larger size of the encrypted data may cause the program to execute slower if the encryption algorithm is applied to massive data.

Regardless, the Twofish algorithm is used by some products, including:

RELATED TAGS

algorithm

CONTRIBUTOR

Shahpar Khan
Copyright ©2022 Educative, Inc. All rights reserved

Grokking Modern System Design Interview for Engineers & Managers

Ace your System Design Interview and take your career to the next level. Learn to handle the design of applications like Netflix, Quora, Facebook, Uber, and many more in a 45-min interview. Learn the RESHADED framework for architecting web-scale applications by determining requirements, constraints, and assumptions before diving into a step-by-step design process.

Keep Exploring