Cryptography researchers have demonstrated successful collision attacks against the 3DES (Triple-DES) and Blowfish 64-bit block ciphers. A lot of consumer products and services still support them today.
3DES and Blowfish Ciphers Are Not Safe and Should Not Be Used
Cryptography researchers Karthikeyan Bhargavan and Gaetan Leurent from Inria, France, have created a report that showcases weaknesses in the 3DES and Blowfish ciphers. Their collision attack titled “Sweet32” utilizes cipher block chaining of the two ciphers, which are still used in popular VPN protocols such as TLS, SSH, and IPSec. The attack relies on a weakness that is exploited in the way these methods work.
OpenVPN uses a 64-bit Blowfish cipher in CBC mode by default. 3DES is used in about 1% of all HTTPS connections from Firefox browsers. And some legacy operating systems use 3DES and other legacy ciphers for remote operation. These are just a few examples of vulnerable protocols and software that utilize 3DES and Blowfish. The security researchers suggest all users stop 64-bit block ciphers to ensure maximum protection.
For more information check out their website that discusses the problem in more detail.