Home / Definitions / Twofish


Abby Braden
Last Updated May 24, 2021 8:02 am

In cryptography, Twofish is an encryption algorithm designed by Bruce Schneir. It is a symmetric key block cipher, meaning a single key is used for both encryption and decryption. Twofish has a block size of 128 bits and key sizes up to 256 bits.

Twofish is related to the earlier block cipher Blowfish, which is a 64-bit clock cipher that uses a key length varying between 32 and 448 bits also developed by Bruce Schneir. Twofish is also related to Advanced Encryption Standard (AES), a 128-bit block cipher that the United States government adopted as it’s specification for the encryption of electronic data by the U.S. National Institute of Standards and Technology In 2001. While Twofish was a finalist to become the industry standard for encryption, it was beaten out by AES because of Twofish’s slower speed.

Twofish features

Twofish has distinguishing features that set it apart from other cryptographic protocols including using a pre-computed, key-dependent S-box (substitution box), which is a basic component of any symmetric key algorithm that performs substitution. The S-box works to mask the relationship between the key and the ciphertext. Because of the precomputation, Twofish is vulnerable to side channel attacks.

The encryption algorithm employs a Maximum Distance Separable matrix, or a matrix that represents a function with certain diffusion properties that have useful applications in cryptography. Twofish has a Fiestel structure, which is a symmetric structure used in the construction of block ciphers. This same structure is also used in Data Encryption Standard (DES), an influential encryption standard that was popular in the 1970s.

Twofish has not been patented, and the reference implementation has been placed in the public domain, meaning that the algorithm is free for anyone to use without restrictions. Twofish has less widespread usage than Blowfish.