From Wikipedia, the free encyclopedia

HAVAL is a cryptographic hash function. Unlike MD5, but like most modern cryptographic hash functions, HAVAL can produce hashes of different lengths – 128 bits, 160 bits, 192 bits, 224 bits, and 256 bits. HAVAL also allows users to specify the number of rounds (3, 4, or 5) to be used to generate the hash. HAVAL was broken in 2004.[1]

HAVAL was invented by Yuliang Zheng, Josef Pieprzyk, and Jennifer Seberry in 1992.

HAVAL hashes[edit]

The HAVAL hashes (also termed fingerprints) are typically represented as 32-, 40-, 48-, 56- or 64-digit hexadecimal numbers. The following demonstrates a 43-byte ASCII input and the corresponding HAVAL hash (256 bits, 5 passes):

HAVAL("The quick brown fox jumps over the lazy dog", 256, 5) =

Even a small change in the message will (with overwhelming probability) result in a completely different hash, e.g. changing the letter d to a c produces the following hash value:

HAVAL("The quick brown fox jumps over the lazy cog", 256, 5) =

The hash of a zero-length string is:

HAVAL("", 256, 5) =


Research has uncovered weaknesses which make further use of HAVAL (at least the variant with 128 bits and 3 passes with 26 operations) questionable. On 17 August 2004, collisions for HAVAL (128 bits, 3 passes) were announced by Xiaoyun Wang, Dengguo Feng, Xuejia Lai, and Hongbo Yu.[2]

See also[edit]


  1. ^ "Lifetimes of cryptographic hash functions".
  2. ^ Collisions for Hash Functions MD4, MD5, HAVAL-128 and RIPEMD

External links[edit]

  • HAVAL (the official HAVAL page with the research paper on HAVAL, the latest C source code and HAVAL OIDs)