diff --git a/crypto/key.go b/crypto/key.go
index fea3e31590797ebe141a92f0ca709c2c6f0750d5..6cd9dc0beb99a52ca33d5d55e7f897abf28963cf 100644
--- a/crypto/key.go
+++ b/crypto/key.go
@@ -182,7 +182,11 @@ type StretchedKeys struct {
 }
 
 // KeyStretcher returns a set of keys for each party by stretching the shared key.
-// (myIV, theirIV, myCipherKey, theirCipherKey, myMACKey, theirMACKey)
+// (myIV, theirIV, myCipherKey, theirCipherKey, myMACKey, theirMACKey).
+// This function accepts the following cipher types:
+// - AES-128
+// - AES-256
+// The function will panic upon receiving an unknown cipherType
 func KeyStretcher(cipherType string, hashType string, secret []byte) (StretchedKeys, StretchedKeys) {
 	var cipherKeySize int
 	var ivSize int
@@ -193,10 +197,8 @@ func KeyStretcher(cipherType string, hashType string, secret []byte) (StretchedK
 	case "AES-256":
 		ivSize = 16
 		cipherKeySize = 32
-	case "Blowfish":
-		ivSize = 8
-		// Note: cypherKeySize arbitrarily selected, needs more thought
-		cipherKeySize = 32
+	default:
+		panic("Unrecognized cipher, programmer error?")
 	}
 
 	hmacKeySize := 20
diff --git a/crypto/key_test.go b/crypto/key_test.go
index dcb962f099a45c3b7eaf53577f6316341c9d956c..013427456f98df3c19f6d2f774236318287269e9 100644
--- a/crypto/key_test.go
+++ b/crypto/key_test.go
@@ -171,3 +171,23 @@ func TestUnknownCurveErrors(t *testing.T) {
 		t.Fatal("expected invalid key type to error")
 	}
 }
+
+func TestPanicOnUnknownCipherType(t *testing.T) {
+	passed := false
+	defer func() {
+		if !passed {
+			t.Fatal("expected known cipher and hash to succeed")
+		}
+		err := recover()
+		errStr, ok := err.(string)
+		if !ok {
+			t.Fatal("expected string in panic")
+		}
+		if errStr != "Unrecognized cipher, programmer error?" {
+			t.Fatal("expected \"Unrecognized cipher, programmer error?\"")
+		}
+	}()
+	KeyStretcher("AES-256", "SHA1", []byte("foo"))
+	passed = true
+	KeyStretcher("Fooba", "SHA1", []byte("foo"))
+}