信息安全研究 ›› 2016, Vol. 2 ›› Issue (11): 983-994.

• 密码算法专题 • 上一篇    下一篇

SM3密码杂凑算法

王小云   

  1. 清华大学
  • 收稿日期:2016-11-29 出版日期:2016-11-15 发布日期:2016-11-29
  • 通讯作者: 王小云

SM3 Cryptographic Hash Algorithm

  • Received:2016-11-29 Online:2016-11-15 Published:2016-11-29

摘要: 密码杂凑算法是3类基础密码算法之一,它可以将任意长度的消息压缩成固定长度的摘要,主要用于数字签名和数据完整性保护等.SM3密码杂凑算法的消息分组长度为512b,输出摘要长度为256b.该算法于2012年发布为密码行业标准(GMT 0004—2012),2016年发布为国家密码杂凑算法标准(GBT 32905—2016).总结了SM3密码杂凑算法的设计原理、算法特点、软硬件实现和安全性分析,同时将SM3密码杂凑算法和国际通用杂凑算法在实现效率和安全性方面进行比较.

关键词: SM3算法, 密码杂凑算法, 碰撞攻击, 原像攻击, 区分攻击

Abstract: The cryptographic hash functions play an important role in modern cryptography. They are used to compress messages of arbitrary length to fixed length hash values. The most common cryptographic applications of hash functions are with digital signature and for data integrity. SM3 cryptographic hash algorithm is issued as the industry standard in 2012. In 2016, it was published as national standard. It takes a 512bit message as input and outputs a 256bit hash value. This paper summarizes the design, properties, software and hardware implementations and cryptanalysis of SM3 cryptographic hash algorithm. Furthermore, we compare SM3 with other hash standards.

Key words: SM3 algorithm, cryptographic hash function, collision attack, preimage attack, distinguishing attack