Abstract: The security of SM3 hash function was revaluated by using the meet-in-the-middle attack. The preimage and pseudo-collision attack on 29-step SM3 hash function (from the 1-st step) with padding was presented. The time com-plexities are 2254 and 2125 respectively. Therefore, the 29-step SM3 hash function is not immune to preimage and pseu-do-collision attack.