# SM4 (cipher)

SM4
General
DesignersChinese Government
First published2006 (declassified; standardized March 21, 2012)[1]
Cipher detail
Key sizes128 bits
Block sizes128 bits
Structureunbalanced Feistel network
Rounds32
Best public cryptanalysis
Linear and differential attacks against 22 rounds

SM4 (formerly SMS4)[2] is a block cipher used in the Chinese National Standard for Wireless LAN WAPI (Wired Authentication and Privacy Infrastructure).

SM4 was a cipher proposed to for the IEEE 802.11i standard, but has so far been rejected by ISO. One of the reasons for the rejection has been opposition to the WAPI fast-track proposal by the IEEE.

The SM4 algorithm was invented by Lu Shuwang (Chinese: 吕述望). The algorithm was declassified in January, 2006, and it became a national standard (GB/T 32907-2016) in August 2016.[3]

## Cipher detail

A few details of the SM4 cipher are[4][5]:

• It has a block size of 128 bits.
• It uses an 8-bit S-box.
• The key size is 128 bits.
• The only operations used are 32-bit bitwise XOR, 32-bit circular shifts and S-box applications.
• Encryption or decryption of one block of data is composed of 32 rounds.
• Each round updates a quarter (i.e., 32 bits) of the internal state.
• A non-linear key schedule is used to produce the round keys.
• Decryption uses the same round keys as for encryption, except that they are in reversed order.

## Terms and definitions

### Word and byte

Define ${\displaystyle Z_{2}^{e}}$ as a vector set of e bits.

${\displaystyle Z_{2}^{32}}$ is a word.

${\displaystyle Z_{2}^{8}}$ is a byte.

### S-box

S-box is fixed for 8-bit input and 8-bit output, noted as Sbox().

### Keys and key parameters

The length of encryption keys is 128 bits, represented as ${\displaystyle MK=(MK_{0},\ MK_{1},\ MK_{2},\ MK_{3})}$, in which ${\displaystyle MK_{i}\ (i=0,\ 1,\ 2,\ 3)}$ is a word.

A round key is represented as ${\displaystyle (rk_{0},\ rk_{1},\ \ldots ,\ rk_{31})}$,where each ${\displaystyle rk_{i}(i=0,\ \ldots ,\ 31)}$ is a word. It is generated by the encryption key.

${\displaystyle FK=(FK_{0},\ FK_{1},\ FK_{2},\ FK_{3})}$ is a system parameter.

${\displaystyle CK=(CK_{0},\ CK_{1},\ \ldots ,\ CK_{31})}$ is a fixed parameter, used to generate ${\displaystyle rk_{i}}$.

${\displaystyle FK_{i}}$ and ${\displaystyle CK_{i}}$ are words, used for extension of the algorithm.

## Remark

On March 21, 2012, the Chinese government published the industrial standard "GM/T 0002-2012 SM4 Block Cipher Algorithm", officially renaming SMS4 to SM4.[2]

## References

1. ^ "SM4 Block Cipher Algorithm". CNNIC. 2013-12-04. Retrieved 2016-07-24.
2. ^ a b "Announcement No.23 of the State Cryptography Administration" (in Chinese). The Office of Security Commercial Code Administration (OSCCA). 2012-03-21. Archived from the original on 2016-08-14. Retrieved 2016-07-24.
3. ^ Lu Shuwang. Overview on SM4 Algorithm[J]. Journal of Information Security Research, 2016, 2(11): 995-1007.
4. ^ 无线局域网产品使用的SMS4密码算法 Archived 2007-07-10 at the Wayback Machine(in Chinese)
5. ^ SMS4 Encryption Algorithm for Wireless Networks