Blowfish

河豚是一種對稱密鑰分組密碼，由布魯斯·施耐爾（Bruce Schneier）於1993年設計。

Blowfish is a symmetric-key block cipher, designed in 1993 by Bruce Schneier and included in many cipher suites and encryption products. Blowfish provides a good encryption rate in software and no effective cryptanalysis of it has been found to date. However, the Advanced Encryption Standard (AES) now receives more attention, and Schneier recommends Twofish for modern applications

bcrypt is also the name of a cross-platform file encryption utility developed in 2002 that implements Blowfish

Blowfish's use of a 64-bit block size (as opposed to e.g. AES's 128-bit block size) makes it vulnerable to birthday attacks, particularly in contexts like HTTPS. In 2016, the SWEET32 attack demonstrated how to leverage birthday attacks to perform plaintext recovery (i.e. decrypting ciphertext) against ciphers with 64-bit block size. The GnuPG project recommends that Blowfish not be used to encrypt files larger than 4 GB due to its small block size.

A reduced-round variant of Blowfish is known to be susceptible to known-plaintext attacks on reflectively weak keys. Blowfish implementations use 16 rounds of encryption and are not susceptible to this attack. Nevertheless, Bruce Schneier has recommended migrating to his Blowfish successor, Twofish.