This page uses content from Wikipedia and is licensed under CC BY-SA.

# SM4 (cipher)

SM4
General
DesignersChinese Government
First published2006 (declassified; standardized March 21, 2012)
Cipher detail
Key sizes128 bits
Block sizes128 bits
Structureunbalanced Feistel network
Rounds32
Best public cryptanalysis
linear and differential attacks against 22 rounds

SM4 (formerly SMS4)[1] is a block cipher used in the Chinese National Standard for Wireless LAN WAPI (Wired Authentication and Privacy Infrastructure).

SMS4 was a proposed cipher to be used in IEEE 802.11i standard, but has so far been rejected by ISO. One of the reasons for the rejection has been opposition to the WAPI fast-track proposal by the IEEE.

The SMS4 algorithm was invented by Lu Shu-wang (吕述望). The algorithm was declassified in January, 2006. A few details of the SMS4 cipher are:

• It has a block size of 128 bits
• It uses an 8-bit S-box
• The key size is 128 bits
• The only operations used are XOR, 32-bit circular shifts and S-Box applications
• Encryption or decryption of one block of data is composed of 32 rounds
• Each round updates a quarter of the internal state (i.e., 32 bits)
• A non-linear key schedule is used to produce the round keys
• Decryption uses the same round keys as for encryption, except that they are in reversed order

## Terms and definitions

### Word and byte

Define ${\displaystyle Z_{2}^{e}}$ as a vector set of e bits.

${\displaystyle Z_{2}^{32}}$ is a word.

${\displaystyle Z_{2}^{8}}$ is a byte.

### S-box

S-box is fixed for 8-bit input and 8-bit output, noted as Sbox().

### Keys and key parameters

The length of encryption keys is 128 bits, represented as ${\displaystyle MK=(MK_{0},\ MK_{1},\ MK_{2},\ MK_{3})}$, in which ${\displaystyle MK_{i}\ (i=0,\ 1,\ 2,\ 3)}$ is a word.

A round key is represented as ${\displaystyle (rk_{0},\ rk_{1},\ \ldots ,\ rk_{31})}$,where each ${\displaystyle rk_{i}(i=0,\ \ldots ,\ 31)}$ is a word. It is generated by the encryption key.

${\displaystyle FK=(FK_{0},\ FK_{1},\ FK_{2},\ FK_{3})}$ is a system parameter.

${\displaystyle CK=(CK_{0},\ CK_{1},\ \ldots ,\ CK_{31})}$ is a fixed parameter, used to generate ${\displaystyle rk_{i}}$.

${\displaystyle FK_{i}}$ and ${\displaystyle CK_{i}}$ are words, used for extension of the algorithm.

## Remark

On Mar 21, 2012, the Chinese government published the industrial standard <GM/T 0002-2012 SM4 Block Cipher Algorithm Standard>, officially renaming SMS4 to SM4.

## References

1. ^ "国家密码管理局公告（第23号）" (in Chinese). The Office of Security Commercial Code Administration (OSCCA). 2012-03-21. Archived from the original on 2016-08-14. Retrieved 2016-07-24.