|
LingoFish is a highly optimised OOP implementation of the Blowfish cipher, which was designed by Bruce Schneier of Counterpane Labs. It is available with full Lingo source code, free of charge.
About Blowfish
Blowfish is a symmetric block cipher that uses a variable length key between 32 bits and 448 bits. This can yield extremely strong encryption if used correctly. Blowfish is unpatented and license-free, and is available free for all uses.
Advice on usage
To be useful, there must be a key that is known to the sender and receiver of encrypted data, but cannot be discovered by an attacker. When using a symmetric cipher such as Blowfish in your applications, securing the key is often the most difficult, and most overlooked task. Strong encryption is no good unless the key remains private.
I do not intend to present exhaustive suggestions on the safe implementation of strong encryption. However, I must point out that a strong cipher such as Blowfish is only part of the process.
For most applications, there is no need to consider attacks not related to discovering the key. However, if you require truly strong encrpyption for highly sensitive data, I recommend asking for more information in a newsgroup such as sci.crypt.
A warning about strong encryption
The LingoFish implementation does not place any restriction on key lengths, so if you plan to create a product based on this code that allows users to encrpyt data with Blowfish, you should check that your product does not infringe any legal restrictions that might apply to cryptography in your country, or any country you might export to.
Generally anything greater than 128-bit key-length might create legal problems for you, although this generally does not apply to "internal" keys that are not accessible to the user, such as those used for software copy protection. Anything that allows the user to store messages with strong encryption might be considered weapons technology: this certainly applies in both the US and UK, depending on the encryption strength.
As always: if in doubt, ask a lawyer. Don't take my word for it.
| 
