Jerry Whiting writes:

...

One reason we chose to use Blowfish as the basis for carrick is that it _is_ a new algorithm. One has to assume that the NSA et al. has tools optimized to crack DES and possibly IDEA/RSA. At least let's give them something else to sweat over.

Perry writes: They won't sweat over it long. Blowfish was broken.

My understanding is that Blowfish using only 3 rounds, not the full 16, has been broken. And yes, duplicate entries in an S-box are weak keys. carrick uses the full 16 rounds and we check for weak keys. I'll sleep at night. Jerry Whiting