This standard is developed in accordance with the rules given in GB/T 1.1-2009.
This part was proposed by the State Cryptography Administration of the People’s Republic of China.
This part is under the jurisdiction of SAC/TC 260 National Technical Committee on Information Technology Security of Standardization Administration of China.
Drafting organizations of this part: Tsinghua University, State Commercial Cryptography Testing Center, Information Engineering University, DCS Center of Chinese Academy of Sciences.
Chief drafting staff of this part: Wang Xiaoyun, Li Zheng, Wang Yongchuan, Yu Hongbo, Xie Yongquan, Zhang Chao, Luo Peng, Lv Shuwang
Information security techniques - SM3 cryptographic hash algorithm
1 Scope
This standard specifies computing methods and steps of SM3 cryptographic hash algorithm and corresponding operation examples.
It is applicable to digital signature and verification, generation and verification of message authentication code and random number generation in commercial cypher application, which can meet the security requirements of various cryptography applications.
2 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
2.1
bit string
binary digit sequence composed of 0 and 1
2.2
big-endian
a representation format of data in memory, specifying the high significant bit at left and the low significant bit at right, i.e. high order byte of digit is placed at the low address of reservoir and low order byte of digit at the high address of reservoir
2.3
message
a bit string with any finite length, used as input data for the hash algorithm in this standard
2.4
hash value
output message digest (bit string) when hash algorithm works on a message
2.5
word
set (string) with length of 32-bit
3 Symbols
For the purposes of this document, the following symbol applies.
ABCDEFGH: registers of 8 words or concatenation of their values
B(i): the ith message grouping
CF: the compression function
FFj: the Boolean function, different equations are taken depending on j
GGj: the Boolean function, different equations are taken depending on j
IV: the initial value, used to determine the initial state of the compression function register
P0: the permutation function in compression function
P1: the permutation function in message extension
Tj: the constant, different values are taken depending on j
m: the message
m': the message after filling
mod: the modulo operation
n: the number of message grouping
∧: 32 bits and operation
∨: 32 bits or operation
⊕: 32 bits exclusive-or operation
¬: 32 bits non-operation
+: mod 232 addition arithmetic operation
<<
Foreword i
1 Scope
2 Terms and definitions
3 Symbols
4 Constant and functions
4.1 Initial value
4.2 Constant
4.3 Boolean function
4.4 Permutation function
5 Algorithm description
5.1 General
5.2 Filling
5.3 Iterative compression
5.4 Outputting hash value
Annex A (Informative) Operation examples