# HAVAL

**HAVAL** is a cryptographic hash function. Unlike MD5, but like most modern cryptographic hash functions, HAVAL can produce hashes of different lengths. HAVAL can produce hashes in lengths of 128 bits, 160 bits, 192 bits, 224 bits, and 256 bits. HAVAL also allows users to specify the number of rounds (3, 4, or 5) to be used to generate the hash.

HAVAL was invented by , , and in 1992.

## Contents

## HAVAL hashes

The HAVAL hashes (also termed *fingerprints*) are typically represented as 32-, 40-, 48-, 56- or 64-digit numbers. The following demonstrates a 43-byte input and the corresponding HAVAL hash (256 bits, 5 passes):

HAVAL("The quick brown fox jumps over the lazy og", 256, 5) = b89c551cdfe2e06dbd4cea2be1bc7d557416c58ebb4d07cbc94e49f710c55be4

Even a small change in the message will (with overwhelming probability) result in a completely different hash, e.g. changing the letter <tt>d</tt> to a <tt>c</tt> produces the following hash value:

HAVAL("The quick brown fox jumps over the lazy og", 256, 5) = 60983bb8c8f49ad3bea29899b78cd741f4c96e911bbc272e5550a4f195a4077e

The hash of a zero-length string is:

HAVAL("", 256, 5) = be417bb4dd5cfb76c7126f4f8eeb1553a449039307b1a3cd451dbfdc0fbbe330

## Security

Research has uncovered weaknesses which make further use of HAVAL (at least the variant with 128 bits and 3 passes with 2<sup>6</sup> operations) questionable. On 17 August 2004, for HAVAL (128 bits, 3 passes) were announced by , Dengguo Feng, , and Hongbo Yu.