Design and Security Evaluation of BSP-128: A Hybrid Blowfish and Serpent Inspired 128-Bit Block Cipher

Authors

  • Ammar Abdul Ameer College of Computer Engineering, University of Technology-Iraq, Baghdad, Iraq.
  • Qusay F. Al-Doori College of Artificial Intelligence Engineering, University of Technology-Iraq, Baghdad, Iraq.
  • ِNoor A Yousif College of Artificial Intelligence Engineering, University of Technology-Iraq, Baghdad, Iraq.

DOI:

https://doi.org/10.29304/jqcsm.2026.18.22706

Keywords:

Cryptography Blowfish, Serpent, Block cipher, Feistel network.

Abstract

In this work, a new 128-bit block cipher (namely, Blowfish–Serpent Protocol 128-bit (BSP-128)) has been introduced that allows to improve the performance and implementation of an optimal compromise between security, performance, and implementation efficiency. The key size for the input and output for BSP-128 is also scalable at 128-bit blocks and keys with a length of up to 256 bytes, and the design conforms to the underlying scheme for AES. The BSP-128 algorithm uses a 16-round Feistel network similar to Blowfish and Serpent with multiple architectural improvements that aid the diffusion, so this cipher is much more robust against modern cryptanalysis techniques. The primary goal of BSP-128's design is to be resistant to both differential and linear cryptanalysis. Finally, the round structure was made even more powerful to better handle identified potential security vulnerabilities and targeted attack scenarios discovered in a subsequent internal analysis. By mixing substitution and permutation in the structure of the F–function, BSP-128 transforms from standard SP to a Substitution–Permutation–Substitution (SPS) type of model which boosts the avalanche effect. And we use in-place integer multiplication as a diffusion intermediate for additional mixing details to each round and to maintain the stable quality of the speed as well as security. While Blowfish's fixed-factor algorithm runs on 64-bit blocks and takes up a lot of memory for large lookup tables, BSP-128 automatically supports 128-bit blocks to avoid matching ciphertext attacks and achieve low memory consumption. This attribute of it adds a large value to its ability to work in limited hardware settings such as smart cards. The key expansion mechanism yields 786 bytes of subkeys, which are made from a P-array having 32 subkeys of 64 bits each, and 32 S-boxes with 64 fields per box. It ensures a strong key-dependent transformation and protects against brute-force attacks, thanks to this long key length. While the performance of BSP-128 is highly promising with regard to core security metrics, experimental findings show that BSP-128 surpasses expectations through computational efficiency. The final design will be submitted for public survey and comparison in academia, resulting in a secure and high throughput candidate tailored for contemporary cryptographic uses.

Downloads

Download data is not yet available.

References

Patel, R., Kamboj, P. (2016). Security Enhancement of Blowfish Block Cipher. In: Unal, A., Nayak, M., Mishra, D.K., Singh, D., Joshi, A. (eds) Smart Trends in Information Technology and Computer Communications. SmartCom 2016. Communications in Computer and Information Science, vol 628. Springer, Singapore. https://doi.org/10.1007/978-981-10-3433-6_28

S. B. Nalawade and D. H. Gawali, "Design and implementation of blowfish algorithm using reconfigurable platform," 2017 International Conference on Recent Innovations in Signal processing and Embedded Systems (RISE), Bhopal, India, 2017, pp. 479-484, https://doi.org/10.1109/RISE.2017.8378204

H. Setiawan and K. Rey Citra, "Design of Secure Electronic Disposition Applications by Applying Blowfish, SHA-512, and RSA Digital Signature Algorithms to Government Institution," 2018 International Seminar on Research of Information Technology and Intelligent Systems (ISRITI), Yogyakarta, Indonesia, 2018, pp. 168-173, https://doi.org/10.1109/ISRITI.2018.8864280

M. A. Muin, M. A. Muin, A. Setyanto, Sudarmawan and K. I. Santoso, "Performance Comparison Between AES256-Blowfish and Blowfish-AES256 Combinations," 2018 5th International Conference on Information Technology, Computer, and Electrical Engineering (ICITACEE), Semarang, 2018, pp. 137-141, https://doi.org/10.1109/ICITACEE.2018.8576929.

S. Vyakaranal and S. Kengond, "Performance Analysis of Symmetric Key Cryptographic Algorithms," 2018 International Conference on Communication and Signal Processing (ICCSP), Chennai, 2018, pp. 0411-0415, https://doi.org/10.1109/ICCSP.2018.8524373

S. Varshney, T. Sudarshan and S. Khare, "Efficient Hardware Architecture for Amalgam of Blowfish and Rc6," 2017 International Conference on Current Trends in Computer, Electrical, Electronics and Communication (CTCEEC), Mysore, 2017, pp. 1126-1130, https://doi.org/10.1109/CTCEEC.2017.8455189

I. A. Landge and B. K. Mishra, "VHDL based BLOWFISH implementation for secured Embedded System design," 2017 Third International Conference on Advances in Electrical, Electronics, Information, Communication and Bio-Informatics (AEEICB), Chennai, 2017, pp. 497-501, https://doi.org/10.1109/AEEICB.2017.7972363

Tariq.S.; Tanveer.u. and Ghazanfar. F.(2018). Serpent Algorithm: An improvement by 4 ×4 Sbox from finite Chain ring. International Conference on Applied and Engineering Mathematics (ICAEM), 2018(3):32-37. https://doi.org/10.25130/tjps.v25i6.320

Osvik DA. 2000. Speeding up serpent. In: AES candidate conference. 317–329.

Ahmed I, Ali G, Hassin S. 2017. New approach for serpent block cipher algorithm based on multi techniques. Iraqi Journal of Information Technology 7(3):1–13

G. Farooq, “Serpent algorithm: An improvement by 4 × 4 S-box from finite chain ring,” in Proc. 2018 Int. Conf. Applied and Engineering Mathematics (ICAEM), Pakistan, Nov. 2018, doi: 10.1109/ICAEM.2018.8536293.

Yousif I. A. 2019. Proposed A permutation and substitution methods of serpent block cipher. Ibn AL- Haitham Journal For Pure and Applied Sciences 32(2):131 https://doi.org/10.30526/32.2.2120

Ali Y.H, Ressan HA. 2016. Image encryption using block cipher based serpent algorithm. Engineering and Technology Journal 34(2):278–28

14. Khan M, Shah T, Mahmood H, Gondal MA, Hussain I. 2012. A novel technique for the construction of strong S-boxes based on Chaotic Lorenz Systems. Nonlinear Dynamics 70(3):2303–2311 DOI 10.1007/s11071-012-0621

15. Elkamchouchi HM, Takieldeen AE, Shawky MA. 2018. A modified Serpent based algorithm for image encryption. In: 2018 35th National Radio Science Conference (NRSC). Piscataway: IEEE, 239–248 https://doi.org/10.1109/NRSC.2018.8354369

K. Hazra, A. Mahato, A. Mandal and A. K. Chakraborty, "A hybrid cryptosystem of image and text files using blowfish and Diffie-Hellman techniques," 2017 8th Annual Industrial Automation and Electromechanical Engineering Conference (IEMECON), Bangkok, 2017, pp. 137 141, https://doi.org/10.1109/IEMECON.2017.8079577

Zagi, H.R., & Maolood, A.T. (2020). A NOVEL SERPENT ALGORITHM IMPROVEMENT BY THE KEY SCHEDULE INCREASE SECURITY. Tikrit Journal of Pure Science. https://doi.org/10.25130/tjps.v25i6.320

Elshoush HT, Al-Tayeb BM, Obeid KT. 2021. Enhanced Serpent algorithm using Lorenz 96 Chaos-based block key generation and parallel computing for RGB image encryption. PeerJ Computer Science 7:e812 https://doi.org/10.7717/peerj-cs.812

Adeniyi, A.E.; Misra, S.; Daniel, E.; Bokolo, A., Jr. Computational Complexity of Modified Blowfish Cryptographic Algorithm on Video Data. Algorithms 2022, 15, 373. https://doi.org/10.3390/a15100373

A. T. Hashim, A. H. Jassem, and S. A. Ali, “A novel design of Blowfish algorithm for image security,” Journal of Physics: Conference Series, vol. 1818, no. 1, Art. no. 012085, 2021, doi: 10.1088/1742-6596/1818/1/012085.

W. W. Souror, M. Fouad, and A. Takieldeen, “Hybrid-Blowfish security strengths using side channel countermeasures,” in Proc. 2023 Int. Telecommun. Conf. (ITC-Egypt), Alexandria, Egypt, Jul. 18–20, 2023,. https://doi.org/10.1109/ITC-Egypt58155.2023.10206358’G. Singh and M. Kapoor, “Blowfish cryptography based security technique,” International Journal of Research and Innovation in Multidisciplinary, vol. 2, no. 1, Jan. 2025.

Shakir M. “A new feedback symmetric block cipher method”, Ph.D, Thesis University of Technology, Baghdad, 1997.

Rukhin, A., Soto, J., Nechvatal, J., Smid, M., Barker, E., Leigh, S., Levenson, M., Vangel, M., Banks, D., Heckert, A., Dray, J., & Vo, S. (2010). A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications (NIST Special Publication 800-22 Revision 1a). National Institute of Standards and Technology. https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-22r1a.pdf

Downloads

Published

2026-06-28

How to Cite

Abdul Ameer, A., F. Al-Doori, Q., & A Yousif ِ. (2026). Design and Security Evaluation of BSP-128: A Hybrid Blowfish and Serpent Inspired 128-Bit Block Cipher. Journal of Al-Qadisiyah for Computer Science and Mathematics, 18(2), Comp 350–366. https://doi.org/10.29304/jqcsm.2026.18.22706

Issue

Vol. 18 No. 2 (2026): JQCM

Section

Computer Articles

License

Copyright (c) 2026 Ammar Abdul Ameer, Qusay F. Al-Doori, ِNoor A Yousif

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.