Cryptographic
SM3
A 256-bit cryptographic hash function published by China’s State Cryptography Administration (SCA), standardized as GM/T 0004-2012 and ISO/IEC 10118-3. SM3 sits structurally between SHA-256 and the Merkle-Damgård family it descends from; mandatory in many Chinese commercial crypto deployments.
At a glance
| Output | 256 bits (32 bytes, 64 hex chars) |
|---|---|
| Block size | 512 bits |
| Construction | Merkle-Damgård, Davies-Meyer-like compression |
| Rounds | 64 |
| Standard | GM/T 0004-2012; ISO/IEC 10118-3:2018 |
| Collision security | 2128 generic |
| Preimage security | 2256 |
| Length extension | Yes |
| Status | No practical break known; mandated in Chinese commercial systems |
Where it is used
- Chinese commercial cryptography , with SM2 (signatures / KEX) and SM4 (block cipher) as the official suite.
- TLS 1.3 cipher suite with SM2 / SM3 / SM4 (RFC 8998).
- Trusted Cryptography Modules (TCM) , the Chinese TPM equivalent.
- Domestic blockchain projects , e.g., Hyperledger Fabric with SM-suite configuration.
Internal structure
SM3 looks like a tightened SHA-256: 64 rounds operating on eight 32-bit words, with a message schedule that mixes 16 input words into 68 expanded words. The round function uses two boolean expressions (alternating across the round count) and two custom rotation patterns. The result is conservatively over-mixed compared to SHA-256, which is why no practical attack better than a few reduced-round results exists.
Security status
The best published cryptanalysis is on heavily reduced-round variants (up to about 35 of 64 rounds for collisions, 30 of 64 for preimages). Full SM3 has no known break and is widely deployed in Chinese systems under serious scrutiny.
Try it
SM3 is in the comparator catalog; the algorithm catalog links it from the cryptographic family list.
References
- IETF draft: SM3 cryptographic hash algorithm (Shen et al.)
- RFC 8998 , ShangMi (SM) cipher suites for TLS 1.3
- ISO/IEC 10118-3:2018 (SM3 included)
Visualize
SM3 on your input
11 bytes · 0-bit digest
Hex digest
Bit grid (0 bits, teal = 1, slate = 0)
Byte pixel art (0 bytes, hue = byte value mod 360°)
Avalanche , flipping the lowest bit of the first input byte changed 0 of 0 output bits
Quick quiz
Test yourself on sm3
10 multiple-choice questions. Pick an answer for each, then submit to see explanations.
Q1.What is the output size of SM3?
Q2.Who published SM3?
Q3.What construction does SM3 use?
Q4.Which TLS RFC defines an SM2/SM3/SM4 ciphersuite?
Q5.Which Chinese commercial-cryptography suite uses SM3 as its hash?
Q6.Is full SM3 practically broken?
Q7.What's SM3's block size?
Q8.Why was SM3 created when SHA-256 already existed?
Q9.Is SM3 used in Chinese Trusted Cryptography Modules (TCM)?
Q10.How many rounds does SM3 use?