Threefish Algorithm: T-Mix Cipher using

SHA-256

1.Introduction
1.1. Blowfish:
Blowfish is one of the encryption algorithms intended for providing security. The
Blowfish works on 64-bit block size. The key size of the Blowfish Algorithm uses 32-bits to
448-bits. There are 16 rounds and four number of substitution boxes of 512 entries (each of 32-
bits). Blowfish generates 18 Subkeys for encryption.

The steps that are involved in the Blowfish Algorithm are Sub Key Generation,
Initialization of Substitution Boxes and Encryption. Encryption process mainly involves Rounds
and Post Processing. The major drawback of Blowfish is it is limited to 64-bit size only and the
key generation of Blowfish is time consuming.

1.1.1. Key Schedule in Blowfish:

 The key size is variable (32-448 bits) of K1 to K14.

 The subkeys are stored in the P-array.
 18 subkeys are stored in P-array with each array element being 32-bits entry.
 Each subkey in the P-array represents in the hexadecimal form.

1.1.2. Generation of Subkeys:

 Initialize first the P-array and then the four S-boxes, in order, with a fixed string.
 XOR P1 with the first 32 bits of the key, XOR P2 with the second 32-bits of the key, and
so on for all bits of the key (possibly up to P14).

P [0] = P [0] XOR K1

P [1] = P [1] XOR K2 to P [13] = P [13] XOR K14.

 If the key has less bits then roll over the first 32-bits until the entire P-array has been
XORed with key bits.

P [14] = P [14] XOR K1 to P [17] = P [17] XOR K4

  Now the resultant array holds 18 subkeys that is used during the entire encryption and
decryption.

1.2. Twofish:

Two fish is an encryption algorithm which is a symmetric block cipher. The block
size of two fish is 128-bits and the key size is up to 256-bits. There are 16 rounds in two fish.
The building blocks of two fish are Feistel Network, S-Boxes, MDS Matrix, Pseudo-Hadamard
Transform, Whitening and Key Scheduling. The major drawback of two fish is key dependent
S-boxes.

1.2.1. Key Schedule in Two Fish:

 The Global key ‘M’ is a 128-bits user supplied key.

M = m0,m1,m2,m3 (each of 32-bits).
 There are two different sets of subkeys K and S.

A. For K set Twofish needs:

 Two words of keys in each round.

 Four words for Input Whitening and four words for Output Whitening.
 The key schedule has to provide forty words of expanded key i.e., k0 to k39.

B. For S set Twofish needs:

 Two subkeys S0 and S1.

 They are fixed during the entire encryption and decryption process.
 S0 and S1 are used in the S-box inside the g-function in the encryption.

C. Generation of Subkeys:

Part1:

 The global key M is taken as:

m0, m1, m2, m3, …………., m13, m14, m15.
 mo

01 A4 55 87 5A 58 DB 9E m1 S0,0

A4 56 82 F3 1E C6 68 E5 m2 S0,1

02 A1 FC C1 47 AE 3D 19 m3 S0,2

A4 55 87 5A 58 DB 9E 03 m4 S0,3

RS Matrix m5

m6

m7

fig1: Matrix multiplication for S0

m8

01 A4 55 87 5A 58 DB 9E m9 S1,0

A4 56 82 F3 1E C6 68 E5 m10 S1,1

02 A1 FC C1 47 AE 3D 19 m11 S1,2

A4 55 87 5A 58 DB 9E 03 m12 S1,3

RS Matrix m13

m14

m15

fig2: Matrix multiplication for S1

 The result from the above fig1 and fig2 as S1 and S2 are used in the function ‘g’
in the encryption process as shown in the fig3.
 fig3: Function ‘g’ in Twofish Encryption.
Part 2:
 The global key is taken as :
Mo = mo, m1, m2, m3
M1 = m4, m5, m6, m7
M2 = m8, m9, m10, m11
M3 = m12, m13, m14, m15.
 Now separate the even and odd section as:
Meven = M0, M2
Modd = M1, M3
 These are used in the function ‘h’ to generate forty (40) subkeys as shown in the
fig4 below.
 fig4: Function ‘h’ in Twofish

 The function ‘h’ generated forty (40) words each of 32-bits.

 Among those words four are used in the Input Whitening and four are used in the
Output Whitening.
 Remaining words are used in all 16 rounds of function ‘g’ in the encryption
process.

1.2.2. Difference between Twofish and Blowfish:

 In blowfish the subkeys holds in an array whereas in twofish there are two sets
different sets of subkeys K and S.
 The key schedule of blowfish is time consuming to encrypt data as it is faster in
twofish.
 Blowfish is limited to 64-bit size only whereas twofish is limited upto 128-bits.
 Probabilistic based attacks can somewhat easily crack the algorithm due to the small
bits of data in blowfish.

1.2.3. How Twofish superior than Blowfish:

  Twofish is superior than blowfish as it can encrypt large amount of data with the
same key and much faster than blowfish.
 Each function in twofish serves a distinct role, which makes the design conservative.
 Twofish combines best-in-class cryptography cryptography system in one compact
algorithm.

1.3. Threefish:

Three Fish is a tweakable block cipher. The block size and the key size of three fish are
same which is of 256,512 or 1024-bits. There are 72 number of rounds for 256 and 512-bit block
cipher and 80 number of rounds for 1024-bit block cipher. Three fish uses tweak values which
gives strength to the algorithm. In traditional model, tweak values are added to the key
scheduling.

fig5: Block diagram of Threefish

1.3.1. Key Schedule in Threefish:

 Threefish generates Nr /4+1 subkeys from the cipher key, where Nr is the number of
rounds.
 Along with the cipher key K, Threefish uses the 128-bit tweak value T and 64-bit
constant value C240 to produce these subkeys (K0, K1, …, KNw-1).
  Prior to start the subkeys scheduling, the two 64-bit words of tweak value (t0, t1) are
extended to further word t2.
 In addition, the 64-bit words of the original key (K0, K1, …, KNw-1) are used to extend
the KNw key word as the following:t2= t0⊕ t1(2)KNw = 𝐶240 ⊕ 𝐾0 ⊕ … ⊕ 𝐾𝑁𝑤−1
(3)
 The subkeys in every round are defined as the following:
K(s+i) mod (Nw + 1) i = 0,…Nw − 4
Ks,i = K(s+i) mod (Nw + 1) ⊞ ts mod 3 𝑖 = Nw-3
K(s+i) mod (Nw + 1) ⊞ ts mod3 𝑖 = Nw-2
K(s+i) mod (Nw + 1) ⊞ s i = Nw-1
where 0 ≤ i ≤ Nw -1, and 0 ≤ s ≤ Nr / 4, the symbol ⊕ denotes bitwise xor operation,
and ⊞ denotes to addition modulo 264 [3], [4], [7].

How Threefish is different from Twofish:

 Threefish is different from Twofish in key scheduling process.

 The difference is that, Threefish uses tweak values as it strengthes the key whereas
Twofish uses a different key for each dataset which makes it slow.
 Two fish uses key dependent S-boxes which is the major drawback threefish doesn’t use
any S-Box or other table lookups in order to avoid time attack [24].
Why difference occur:

 As an impossible differential attack that breaks six rounds out of 16 of the 256-bit key
version using 2256 steps.
 As of 2000, the best published cryptanalysis on the Twofish block cipher is a truncated
differential cryptanalysis of the full 16-round version. The paper claims that the
probability of truncated differentials is 2−57.3 per block and that it will take roughly 251
chosen plaintexts (32 petabytes worth of data) to find a good pair of truncated
differentials.
 To overcome these attacks on twofish, threefish brought a huge difference to provide the
security to the key and encryption processes.

Strength of Threefish:
  The strength of threefish lies on tweak buffer.
 Tweaks are the random user defined values which is not able to guess by third person.
 These tweaks can differ from one to another.

Drawback:

 An attack that combines rotational cryptanalysis with the rebound attack was published.
The attack mounts a known-key distinguisher against 53 of 72 rounds in Threefish-256,
and 57 of 72 rounds in Threefish-512.
 A related key boomerang attack against a reduced round Threefish version was
published. For the 32-round version, the time complexity is 2226 and the memory
complexity is 212 for the 33-round version, the time complexity is 2352.17 with a
negligible memory usage. 

To overcome the drawback of the actual threefish, a modified threefish is proposed.

The proposed work provides more security. It focus on both key schedule and encryption. For
key scheduling process it replaces with the hash function (SHA-256) which belongs to the SHA-
2 family. The reason why the process changed because it is secure and no such cryptanalytical
attacks found yet.