So What Is SM2?

Prof Bill Buchanan OBE FRSE
2 min readDec 4, 2023

And, so, NIST has defined AES as the standard for symmetric key encryption. But, NIST was pinpointed as possibly pushing a cipher with an NSA backdoor. For companies in China, the ShāngMì (SM) series of ciphers provide one alternative for TLS 1.3 integration and Wireless authentication. With this SM2 defines public key encryption, SM3 defines a hashing function, and SM4 for encryption. Overall, SM4 was developed by Lü Shuwang in 2007 and became a national standard (GB/T 32907–2016) in 2016 [RFC 8998].

In normal elliptic curve signing, we use secp256k1 (as used in Bitcoin and Ethereum) and NIST P-256. So what’s the equivalent for Chinese ciphers? Well, SM2 is a public key method that is defined by the Chinese Commercial Cryptography Administration Office.

ECC

With elliptic curve cryptography, we start with a definition for the curve, such as:

y²=x³+ax+b (mod p)

This defines values for a, b and p. Next, we select a base point on the curve (G and generates a random scalar value (D). This is the private key, and where the public key is generated from a point multiplication of

Q=D.G

This results in an (x,y) point on the curve.

Code

First we create a folder named “bc_sm02”, and then go into that folder.We can…

--

--

Prof Bill Buchanan OBE FRSE

Professor of Cryptography. Serial innovator. Believer in fairness, justice & freedom. Based in Edinburgh. Old World Breaker. New World Creator. Building trust.