HAVAL is a cryptographic hash function. Unlike MD5, but like most modern cryptographic hash functions, HAVAL can produce hashes of different lengths. HAVAL can produce hashes in lengths of 128 bits, 160 bits, 192 bits, 224 bits, and 256 bits. HAVAL also allows users to specify the number of rounds (3, 4, or 5) to be used to generate the hash.
HAVAL was invented by Yuliang Zheng, Josef Pieprzyk, and Jennifer Seberry in 1992.
The HAVAL hashes (also termed fingerprints) are typically represented as 32-, 40-, 48-, 56- or 64-digit hexadecimal numbers. The following demonstrates a 43-byte ASCII input and the corresponding HAVAL hash (256 bits, 5 passes):
Even a small change in the message will (with overwhelming probability) result in a completely different hash, e.g. changing the letter d to a c produces the following hash value:
The hash of a zero-length string is:
Research has uncovered weaknesses which make further use of HAVAL (at least the variant with 128 bits and 3 passes with 26 operations) questionable. On 17 August 2004, collisions for HAVAL (128 bits, 3 passes) were announced by Xiaoyun Wang, Dengguo Feng, Xuejia Lai, and Hongbo Yu.