If You Don’t Want AES and ChaCha20 … There’s SM4

If You Don’t Want AES and ChaCha20 … There’s SM4

While AES has been proven to be secure, it hasn’t stopped Google from promoting ChaCha20. While AES is highly secure, in some applications it is perhaps too resource-intensive for some devices. ChaCha20 — a stream cipher — often has lesser processing requirements. So while AES and ChaCha20 are popular, in China, OSCCA (Organization of State Commercial Administration of China) has also authorized SM4 for public use [here]:

The method was invented by Shu-Wang in 2003 and focused on efficient Wi-Fi use. It was then published as SM4 in 2012 by OSCCA. Overall, SM4 uses a 128-bit key, a 128-bit cipher block, has 32 rounds, and uses an 8-bit S-box. Each round uses XOR, 32-bit circular shifts and S-Box operations:

In this case rki is the round key, and provides 32 bits of the encryption key each round. The S-box function takes an 8-bit value and then maps to an output 8-bit value:

In each round with the T box (see Figure 2), we use four of the S-boxes for each of the four eight-bit values.

The latest version of OpenSSL now implements SM4 [here]:

And we can implement with [here]:

Linux command: echo -n "Hello" | openssl enc -sm4 -pass pass:"qwerty" -e -base64 -S 241fa86763b85341
Windows command: echo | set /p =  "Hello" | openssl enc -sm4 -pass pass:"qwerty" -e -base64 -S 241fa86763b85341

Message: Hello
Mode: sm4
Password: qwerty
Salt: 241fa86763b85341
========
U2FsdGVkX18kH6hnY7hTQQK66zNdqWEz7Bty7UgyqNo=