Twofish vs AES Encryption
We live in an age where almost everything we do is online. We buy stuff, do bank transactions, and chat with our friends through the web. All these activities involve a lot of data transfer from one point to another. Some of this data is public, but most are confidential and needs protection, so it doesn’t get into the hands of hackers. One way to achieve this is through encryption. Let’s have look at how the comparison Twofish vs AES goes.
History Of Encryption Algorithms
Encryption has been in use long before the internet, restricting access to sensitive and confidential information. In 1977, the United States government established an encryption standard called the Data Encryption Standard (DES). This encryption standard was secure enough. But as hardware became more powerful, that standard became vulnerable and insecure.
This problem led to introducing the Triple-DES or 3DES. The 3DES made use of the Data Encryption Standard encryption but with some differences. It encrypts the data with one key, decrypts with another, then encrypts the data again with another key. While 3DES was still being used around the world, there were already plans by the National Institute of Standards and Technology to deprecate it due to the discovery of vulnerabilities in its approach.
About two decades since introducing the 3DES, the NIST began a search for a better encryption algorithm. It organized a competition and received several entries. Over the next couple of years, they chose the best algorithm. In 2001, they chose the encryption algorithm called Rijndael, now referred to as AES (Advanced Encryption Standard) to be the standard.
Among the finalists for the competition was an encryption algorithm called Twofish, which was also good. In this article, you’ll get a thorough comparison of these two encryption algorithms. But before going ahead with the comparison, it’s vital to understand how they work.
Twofish Encryption Algorithm
Twofish is a symmetric key block cipher. It has a block size of 128 bits with key sizes of up to 256 bits. Though the NIST enforces the use of only 128, 192, and 256-bit keys for encryption. Twofish shares some similarities with some other encryption algorithms. It makes use of a Feistel network which DES and 3DES also apply.
Twofish has certain key properties of the BlowFish algorithm, one of which makes the Twofish algorithm unique from other encryption algorithms. This is the use of pre-computed key-dependent S-boxes. The Twofish algorithm is quite interesting as you will see.
Before the actual encryption takes place, data goes through a process called pre-whitening, where a 128-bit block of the data is divided into four parts and then XORed with sub-keys generated by a key schedule in the algorithm. The result of the XOR which is also a 128-bit block is passed to the encryption algorithm and split into four parts. The first two 32-bit words are then sent to an f function.
The f function contains two g functions each of which contains four key-dependent S-boxes. The f and g functions are black boxes used by the algorithm to scramble the two 32-bit words fed into it. Each 32-bit word splits into four bytes and goes into the S-boxes which accept and output 8 bits. The result of each g function is then combined with an MDS (Maximum Distance Separable) matrix to give a 32-bit word. The two 32-bit words are then passed through a Pseudo-Hadamard Transform (PHT). The results of the PHT are each added to two sub-keys each of which outputs 32-bit words. This marks the end of the f function.
The 32-bit words are then XORed with the remaining 32-bit words from the pre-whitening. The Twofish algorithm joins the result of the XOR operation with the initial set of 32-bit words passed into the F function. This makes up the result of the first round. The Twofish algorithm repeats this process sixteen times after which the result goes through post-whitening, a similar operation to pre-whitening. The result of the post-whitening is the ciphertext.
AES Encryption Algorithm
The AES encryption algorithm formerly known as Rijndael is a symmetric key block cipher. Unlike Twofish, the AES algorithm uses a substitution-permutation network for encryption instead of a Feistel network. It was chosen among several other encryption algorithms as the new standard by the NIST and has been in use since 2001.
The AES algorithm is classified into the three based on the key length used. The classes are:
- 128 bits
- 192 bits
- 256 bits
Just like with Twofish, the AES algorithm uses a 128-bit block size for encryption. The AES algorithm is much simpler in design than the Twofish algorithm as you will see.
To begin the encryption process, the 128-bit block is separated into a four-by-four matrix of 16 bytes. At the next stage which is the expansion stage, the Rijndael key schedule generates a new key based on the initial key given. This new key generated is called a round key. AES then converts the initial key to a four-by-four matrix before combining it with the four-by-four matrix of 16 bytes.
The next stage where a combination takes place with the key, makes use of the round key to combine the key and the block of text. To achieve this combination, an XOR cypher is used to combine the key and the block of data to be encrypted.
After that, the result of the combination undergoes substitution using a pre-computed table. When this stage completes, the algorithm moves to the “shift row” stage. Here, the second row in the resultant matrix from the substitution stage shifts to the left once, the second row to the left twice, and the last row to the left thrice.
The next stage is the “mix column” stage. In this stage, the algorithm applies a mathematical equation to each column in the matrix to further scramble the data. In the end, it adds the round key to the block of data. The result gotten is used to begin a new round. But this time, it doesn’t add the initial key. It begins the round at the substitution stage instead. This is done for the second round till the penultimate round. The last round excludes the “mix column” stage as it only consumes processing power without changing the columns.
The result is ciphertext. The number of rounds used for encryption depends on the key length. Here’s a mapping of the bits to the number of rounds:
- 128 bits uses 10 rounds
- 192 bits uses 12 rounds
- 256 bits uses 14 rounds
Let us now examine the performance and security of the two algorithms.
Twofish vs AES Performance
You can probably guess which algorithm is the faster one here. The Twofish algorithm by design is complex and makes use of 16 rounds no matter the key length being used. All these add up to it being slow and inefficient in most cases.
According to an analysis by IEEE, the AES algorithm is faster for text and image encryption. But with a sufficient increase in RAM, the Twofish algorithm was faster for text encryption, and on the same level with AES for image encryption. This points to Twofish’s inefficiency. It also helps that most of the processors being made recently, now come with AES instruction sets to increase the performance of the algorithm.
Twofish vs AES Security
Although both the AES and the Twofish algorithms are considered computationally secure. Several cryptanalysis studies have revealed attacks on reduced variants of them, particularly the AES algorithm.
Most of the attacks discovered on the AES algorithm have time complexities too large to be considered computationally possible. Hence, they are only theoretical attacks. A semi-practical attack was carried out on a 10 round AES 256 bit algorithm, though, it did require mathematically related encryption keys – Something that is very uncommon in reality where all the encryption keys are generated randomly which means there is no relation between them. While this might seem like a problem, a full 256-bit AES algorithm makes use of 14 rounds, not 10. As far as one is using the full algorithm, an attack is impossible.
Strangely enough, the part of the 256-bit algorithm(a weak key schedule) that makes the attack possible isn’t present in the 128-bit algorithm. So for optimal security, you might use the 128-bit algorithm instead.
As for the Twofish algorithm, there are no practical attacks possible on it, even for reduced variants. The only attacks are theoretical, but computationally impossible because of their large time complexity. The positive side to this is that the attacks weren’t on the full algorithm but on reduced variants of them.
Twofish vs AES Conclusion
For most applications, the AES algorithm is probably the best option as it is fast and secure enough. But if you have a highly confidential piece of information you want to secure and performance isn’t a problem, go for the Twofish algorithm.
What are your thoughts on Twofish vs AES encryption? Let me know down below!