This page uses content from Wikipedia and is licensed under CC BY-SA.

SM4 (cipher)

DesignersChinese Government
First published2006 (declassified; standardized March 21, 2012)[1]
Cipher detail
Key sizes128 bits
Block sizes128 bits
Structureunbalanced Feistel network
Best public cryptanalysis
Linear and differential attacks against 22 rounds

SM4 (formerly SMS4)[2] is a block cipher used in the Chinese National Standard for Wireless LAN WAPI (Wired Authentication and Privacy Infrastructure).

SM4 was a cipher proposed to for the IEEE 802.11i standard, but has so far been rejected by ISO. One of the reasons for the rejection has been opposition to the WAPI fast-track proposal by the IEEE.

The SM4 algorithm was invented by Lu Shuwang (Chinese: 吕述望). The algorithm was declassified in January, 2006, and it became a national standard (GB/T 32907-2016) in August 2016.[3]

Cipher detail

A few details of the SM4 cipher are[4][5]:

  • It has a block size of 128 bits.
  • It uses an 8-bit S-box.
  • The key size is 128 bits.
  • The only operations used are 32-bit bitwise XOR, 32-bit circular shifts and S-box applications.
  • Encryption or decryption of one block of data is composed of 32 rounds.
  • Each round updates a quarter (i.e., 32 bits) of the internal state.
  • A non-linear key schedule is used to produce the round keys.
  • Decryption uses the same round keys as for encryption, except that they are in reversed order.

Terms and definitions

Word and byte

Define as a vector set of e bits.

is a word.

is a byte.


S-box is fixed for 8-bit input and 8-bit output, noted as Sbox().

Keys and key parameters

The length of encryption keys is 128 bits, represented as , in which is a word.

A round key is represented as ,where each is a word. It is generated by the encryption key.

is a system parameter.

is a fixed parameter, used to generate .

and are words, used for extension of the algorithm.


On March 21, 2012, the Chinese government published the industrial standard "GM/T 0002-2012 SM4 Block Cipher Algorithm", officially renaming SMS4 to SM4.[2]


  1. ^ "SM4 Block Cipher Algorithm". CNNIC. 2013-12-04. Retrieved 2016-07-24.
  2. ^ a b "Announcement No.23 of the State Cryptography Administration" (in Chinese). The Office of Security Commercial Code Administration (OSCCA). 2012-03-21. Archived from the original on 2016-08-14. Retrieved 2016-07-24.
  3. ^ Lu Shuwang. Overview on SM4 Algorithm[J]. Journal of Information Security Research, 2016, 2(11): 995-1007.
  4. ^ 无线局域网产品使用的SMS4密码算法 Archived 2007-07-10 at the Wayback Machine(in Chinese)
  5. ^ SMS4 Encryption Algorithm for Wireless Networks

External links