What is the Twofish encryption algorithm?

About Twofish

The Twofish encryption algorithm was a submissions (it ended up as a finalist) in the NISTNational Institute of Standards and Technology and was called to replace the DES encryption algorithm in 1997. John Kelsey, Chris Hall, Niels Ferguson, David Wagner, Doug Whiting, and Bruce Schneier designed the Twofish algorithm. It is completely free, and there are no patent royalties on the algorithm, copyright on the code, or any license fees.

How does it work?

Twofish encryption algorithm

The steps that the Twofish algorithm goes through are summarized in the image above. Here is a summary of each step:

  1. In each round of the Twofish algorithm, two 32-bit words serve as input into the F function.
  2. Each word is broken up into four bytes. Those four bytes are sent through four different key-dependent S-boxesa basic component of any symmetric key algorithm that performs a substitution..
  3. The four output bytes (the S-boxes have 8-bit input and output) are combined using a Maximum Distance Separable (MDS) matrix and combined into a 32-bit word.
  4. Then, the two 32-bit words are combined using a Pseudo-Hadamard Transform (PHT).
  5. The two 32-bit words are then added to two round subkeys.
  6. Finally, the two 32-bit words are XORed with the right half of the text.

There are also two 1-bit rotations going on, one before and one after the XOR.

Twofish has something called prewhitening and postwhitening where additional subkeys are XORed into the text block before the first round and after the last round.

More about the Twofish algorithm

Naturally, one might ask, “How secure is Twofish encryption?”

To answer this, we can zoom in on a single fact, the encryption key used by Twofish is 128bit in size, which means it is almost impossible to breach Twofish by sheer brute-force. This makes the encryption algorithm very secure.

Observe the table below from a measurement study of different encryption algorithms:

Comparison of space complexity

The table shows how the Twofish algorithm fares against other encryption algorithms in its league. After encryption, the Twofish algorithm converts data of size 240KB to a whopping 955KB, which is the most among all other encryption algorithms, except Blowfish. However, the larger size of the encrypted data may cause the program to execute slower if the encryption algorithm is applied to massive data.

Regardless, the Twofish algorithm is used by some products, including:

New on Educative
Learn to Code
Learn any Language as a beginner
Develop a human edge in an AI powered world and learn to code with AI from our beginner friendly catalog
🏆 Leaderboard
Daily Coding Challenge
Solve a new coding challenge every day and climb the leaderboard

Free Resources

Copyright ©2025 Educative, Inc. All rights reserved