Some New Observations on the SMS4 Block Cipher in the Chinese WAPI Standard

  • Wentao Zhang
  • Wenling Wu
  • Dengguo Feng
  • Bozhan Su
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5451)


SMS4 is a 128-bit block cipher used in the WAPI standard in wireless networks in China. The cipher has attracted much attention in the past two years. This paper consists of two parts. The first part is on the design of the linear diffusion layer L of SMS4. Some new observations on L are present, which open out the design rationales of L and such class functions to a great extent. The second part is on the differential attack against SMS4. A class of 18-round differential characteristics with a higher probability is given. Then a simple differential attack on 22-round SMS4 is present, which is an improvement of the previous work, thus our attack becomes the best known one on SMS4. Furthermore, we make a remark on the construction of differential characteristics of SMS4.


WAPI Block Cipher SMS4 Diffusion Transformation Differential Cryptanalysis 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Specification of SMS4, Block Cipher for WLAN Products – SMS4 (in Chinese),
  2. 2.
    Daemen, J.: Cipher and Hash Function Design Strategies Based on Linear and Differential Cryptanalysis, Doctoral Dissertation, K.U.Leuven (March 1995)Google Scholar
  3. 3.
    Diffie, W., Ledin, G. (translators): SMS4 Encryption Algorithm for Wireless Networks Cryptology ePrint Archive, report 2008/329, received (July 29, 2008),
  4. 4.
    Dunkelman, O., Toz, D.: Analysis of the Attacking Reduced-Round Versions of the SMS4. In: Chen, L., Ryan, M.D., Wang, G. (eds.) ICICS 2008. LNCS, vol. 5308, pp. 141–156. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  5. 5.
    Etrog, J., Robshaw, M.J.B.: The Cryptanalysis of Reduced-Round SMS4. In: Proceedings of SAC 2008 (2008)Google Scholar
  6. 6.
    Gilbert, H., Handschuh, H.: Security Analysis of SHA-256 and Sisters. In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006, pp. 175–193. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  7. 7.
    Ji, W., Hu, L.: New description of SMS4 by an embedding overGF(28). In: Srinathan, K., Rangan, C.P., Yung, M. (eds.) INDOCRYPT 2007. LNCS, vol. 4859, pp. 238–251. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  8. 8.
    Kanda, M.: Practical security evaluation against differential and linear attacks for Feistel ciphers with SPN round function. In: Stinson, D.R., Tavares, S. (eds.) SAC 2000. LNCS, vol. 2012, pp. 168–179. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  9. 9.
    Kim, T., Kim, J., Hong, S., Sun, J.: Linear and Diffrential Cryptanalysis of Reduced SMS4 Block Cipher, Cryptology ePrint Archive, report 2008/281,
  10. 10.
    Liu, F., Ji, W., Hu, L., Ding, J., Lv, S., Pyshkin, A., Weinmann, R.-P.: Analysis of the SMS4 block cipher. In: Pieprzyk, J., Ghodosi, H., Dawson, E. (eds.) ACISP 2007. LNCS, vol. 4586, pp. 158–170. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  11. 11.
    Lu, J.: Attacking reduced-round versions of the SMS4 block cipher in the chinese WAPI standard. In: Qing, S., Imai, H., Wang, G. (eds.) ICICS 2007. LNCS, vol. 4861, pp. 306–318. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  12. 12.
    Wang, J.B.: The Optimal Permutation in Cryptography Based on Cyclic - Shift Linear Transform. In: ChinaCrypt 2007, pp. 306–307 (2007) (in Chinese)Google Scholar
  13. 13.
    Phan, R.C.W., Siddiqi, M.U.: Generalized Impossible Differentials of Advanced Encryption Standard. Electronics Letters 37(14), 896–898 (2001)CrossRefGoogle Scholar
  14. 14.
    Zhang, L., Zhang, W.T., Wu, W.L.: Cryptanalysis of reduced-round SMS4 block cipher. In: Mu, Y., Susilo, W., Seberry, J. (eds.) ACISP 2008. LNCS, vol. 5107, pp. 216–229. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  15. 15.
    Zhang, L., Wu, W.L.: Differential fault attack on SMS4. Chinese Journal of Computers 29(9) (2006) (in Chinese)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Wentao Zhang
    • 1
  • Wenling Wu
    • 1
  • Dengguo Feng
    • 1
  • Bozhan Su
    • 1
  1. 1.State Key Laboratory of Information Security, Institute of SoftwareChinese Academy of SciencesBeijingP. R. China

Personalised recommendations