All geek questions in one place

Is AES_256 stronger than blowfish

I am considering using mysql built-in aes_encrypt . I usually use blowfish, but mysql does not seem to support it natively. How to compare 2? Is one stronger than the other?

+4
source share
4 answers

AES has a higher design strength than Blowfish - in particular, it uses 128-bit blocks, unlike the blowfish bit-size. It is also much newer - it has the advantage of adding a few more years to come in cryptographic art.

You may be interested to know that Blowfish designers developed the improved Twofish algorithm, which was a participant (and finalist) in the AES contest.

+2
source

If you only look at security, then these two algorithms are more or less the same. There are some differences in implementation, so if you do not want to use an external function, just go to the assembly in the AES function. If you do this yourself, you can use a new encryption algorithm than Blowfish.

+1
source

You may be interested in the best public cryptanalysis for both algorithms:

For AES, there is an associated key attack in the 192-bit and 256-bit versions, discovered by Alex Biryukov and Dmitry Khovratovich , who uses AES key planning in operations 2^99.5 . This is faster than brute force, but still somewhat impracticable. This attack does not affect 128-bit AES.

For Blowfish, its four rounds are susceptible to a second-order differential attack (Rijmen, 1997). It can also be distinguished (for example, โ€œHey, this box uses Blowfishโ€) for a class of weak keys . However, there is currently no effective cryptanalysis in the full-blown version of Blowfish.

+1
source

This is pretty subjective, but I would say that AES is more widely used than Blowfish, and safety has been proven over the years. So why not?

0
source

Source: https://habr.com/ru/post/1315026/

More articles:


All Articles