HAVAL is a one-way hashing algorithm that supports 15 different levels of security. It was designed in 1992. Its code was last revised in April 1997. This new version of code corrects an implementation error in the previous versions discovered by Paulo Barreto (pbarretouninet.com.br). While many of its peers, including MD4 and MD5, have been fully or partially broken, no successful attack on HAVAL has been reported so far. Hence it can serve as a "drop-in" replacement of MD5. When PASS=3, the throughput of HAVAL is 113.64 megabits per second on UltraSparc (compiler=CC), and 92.6 megabits per second on Pentium Pro 180 (compiler=gcc).

Yuliang Zheng, Josef Pieprzyk and Jennifer Seberry: "HAVAL --- a one-way hashing algorithm with variable length of output", Advances in Cryptology --- AUSCRYPT'92, Lecture Notes in Computer Science, Vol.718, pp.83-104, Springer-Verlag, 1993.

haval-1.1.tar.gz (C source code)

The OIDs for HAVAL are as follows:

1.3.6.1.4.1.18105.2.1.1.1  - HAVAL-3-128
1.3.6.1.4.1.18105.2.1.1.2  - HAVAL-3-160
1.3.6.1.4.1.18105.2.1.1.3  - HAVAL-3-192
1.3.6.1.4.1.18105.2.1.1.4  - HAVAL-3-224
1.3.6.1.4.1.18105.2.1.1.5  - HAVAL-3-256
1.3.6.1.4.1.18105.2.1.1.6  - HAVAL-4-128
1.3.6.1.4.1.18105.2.1.1.7  - HAVAL-4-160
1.3.6.1.4.1.18105.2.1.1.8  - HAVAL-4-192
1.3.6.1.4.1.18105.2.1.1.9  - HAVAL-4-224
1.3.6.1.4.1.18105.2.1.1.10 - HAVAL-4-256
1.3.6.1.4.1.18105.2.1.1.11 - HAVAL-5-128
1.3.6.1.4.1.18105.2.1.1.12 - HAVAL-5-160
1.3.6.1.4.1.18105.2.1.1.13 - HAVAL-5-192
1.3.6.1.4.1.18105.2.1.1.14 - HAVAL-5-224
1.3.6.1.4.1.18105.2.1.1.15 - HAVAL-5-256

Note: HAVAL-3-128 refers to HAVAL with 3 passes and 128-bit fingerprint length, HAVAL-4-256 refers to HAVAL with 4 passes and 256-bit fingerprint length, and so on.)

The source code of HAVAL is released as open source under the BSD license.

This software is OSI Certified Open Source Software. OSI Certified is a certification mark of the Open Source Initiative.