The SM4 cipher has a key size and a block size of 128 bits each. Encryption or decryption of one block of data is composed of 32 rounds. A non-linear
key schedule is used to produce the round keys and the decryption uses the same round keys as for encryption, except that they are in reversed order.
Keys and key parameters The length of encryption keys is 128 bits, represented as MK=(MK_0,\ MK_1,\ MK_2,\ MK_3), in which MK_i\ (i=0,\ 1,\ 2,\ 3) is a 32-bit word. The round keys are represented by (rk_0,\ rk_1,\ \ldots,\ rk_{31}), where each rk_i(i=0,\ \ldots,\ 31) is a 32-bit word. It is generated by the encryption key and the following parameters: • FK=(FK_0,\ FK_1,\ FK_2,\ FK_3) • CK=(CK_0,\ CK_1,\ \ldots,\ CK_{31}) FK_i and CK_i are 32-bit words used to generate the round keys.
Round Each round are computed from the four previous round outputs X_i, X_{i+1}, X_{i+2}, X_{i+3} such that: X_{i+4} = X_i \oplus F(X_{i+1} \oplus X_{i+2} \oplus X_{i+3} \oplus rk_i) Where F is a substitution function composed of a non-linear transform, the S-box and linear transform L
S-box SM4's S-box is fixed for 8-bit input and 8-bit output, noted as Sbox(). As with
Advanced Encryption Standard (AES), the S-box is based on the
multiplicative inverse over . The affine transforms and polynomial bases are different from that of AES, but due to
affine isomorphism it can be calculated efficiently given an
AES S-Box. ==History==