Advertisement

HAVAL — A one-way hashing algorithm with variable length of output (extended abstract)

  • Yuliang Zheng
  • Josef Pieprzyk
  • Jennifer Seberry
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 718)

Abstract

A one-way hashing algorithm is a deterministic algorithm that compresses an arbitrary long message into a value of specified length. The output value represents the fingerprint or digest of the message. A cryptographically useful property of a one-way hashing algorithm is that it is infeasible to find two distinct messages that have the same fingerprint. This paper proposes a one-way hashing algorithm called HAVAL. HAVAL compresses a message of arbitrary length into a fingerprint of 128, 160, 192, 224 or 256 bits. In addition, HAVAL has a parameter that controls the number of passes a message block (of 1024 bits) is processed. A message block can be processed in 3, 4 or 5 passes. By combining output length with pass, we can provide fifteen (15) choices for practical applications where different levels of security are required. The algorithm is very efficient and particularly suited for 32-bit computers which predominate the current workstation market. Experiments show that HAVAL is 60% faster than MD5 when 3 passes are required, 15% faster than MD5 when 4 passes are required, and as fast as MD5 when full 5 passes are required. It is conjectured that finding two collision messages requires the order of 2n/2 operations, where n is the number of bits in a fingerprint.

Keywords

Boolean Function Bend Function Bent Function Message Block Strict Avalanche Criterion 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [Ber92]
    Thomas A. Berson. Differential cryptanalysis mod 232 with applications to MD5. In Advances in Cryptology — Proceedings of EuroCrypt'92, Lecture Notes in Computer Science. Springer-Verlag, 1992. (to appear).Google Scholar
  2. [Dam87]
    I. Damgård. Collision free hash functions and public key signature schemes. In Advances in Cryptology — Proceedings of EuroCrypt'87, Lecture Notes in Computer Science. Springer-Verlag, 1987.Google Scholar
  3. [Dam90]
    I. Damgård. A design principle for hash functions. In G. Brassard, editor, Advances in Cryptology — Proceedings of Crypto'89, Lecture Notes in Computer Science, Vol. 435, pages 416–427. Springer-Verlag, 1990.Google Scholar
  4. [DH76]
    W. Diffie and M. Hellman. New directions in cryptography. IEEE Transactions on Information Theory, IT-22(6):472–492, 1976.Google Scholar
  5. [Kal92]
    B. Kaliski. The MD2 message digest algorithm, April 1992. Request for Comments (RFC) 1319.Google Scholar
  6. [Knu73]
    Donald E. Knuth. The Art of Computer Programming, Sorting and Searching, volume 3. Addison-Wesley, 1973.Google Scholar
  7. [Mer78]
    R. Merkle. Secure communication over insecure channels. Communications of the ACM, 21:294–299, 1978.Google Scholar
  8. [Mer90]
    R. C. Merkle. A fast software one-way hash function. Journal of Cryptology, 3(1):43–58, 1990.Google Scholar
  9. [NIS91]
    NIST. A proposed federal information processing standard for digital signature standard (DSS), August 1991.Google Scholar
  10. [NIS92]
    NIST. A proposed federal information processing standard for secure hash (SHS), January 1992.Google Scholar
  11. [NY89]
    M. Naor and M. Yung. Universal one-way hash functions and their cryptographic applications. In Proceedings of the 21-st ACM Symposium on Theory of Computing, pages 33–43, 1989.Google Scholar
  12. [Riv92a]
    R. Rivest. The MD4 message digest algorithm, April 1992. Request for Comments (RFC) 1320. (Also presented at Crypto'90, 1990).Google Scholar
  13. [Riv92b]
    R. Rivest. The MD5 message digest algorithm, April 1992. Request for Comments (RFC) 1321.Google Scholar
  14. [Rom90]
    J. Rompel. One-way functions are necessary and sufficient for secure signatures. In Proceedings of the 22-nd ACM Symposium on Theory of Computing, pages 387–394, 1990.Google Scholar
  15. [Rot76]
    O. S. Rothaus. On “bent” functions. Journal of Combinatorial Theory (A), 20:300–305, 1976.Google Scholar
  16. [Sch92]
    C. P. Schnorr. FFT-Hash II, efficient cryptographic hashing, April 1992. Presented at EuroCrypt'92.Google Scholar
  17. [SZ92]
    J. Seberry and X.-M. Zhang. Highly nonlinear 0–1 balanced boolean functions satisfying strict avalanche criterion, 1992. AusCrypt'92, Gold Coast.Google Scholar
  18. [Vau92]
    S. Vaudenay. FFT-Hash-II is not yet collision-free. In Rump Session, Crypto'92, 1992.Google Scholar
  19. [ZMI91]
    Y. Zheng, T. Matsumoto, and H. Imai. Structural properties of one-way hash functions. In A. J. Menezes and S. A. Vanstone, editors, Advances in Cryptology — Proceedings of Crypto'90, Lecture Notes in Computer Science, Vol. 537, pages 303–311. Springer-Verlag, 1991.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1993

Authors and Affiliations

  • Yuliang Zheng
    • 1
  • Josef Pieprzyk
    • 1
  • Jennifer Seberry
    • 1
  1. 1.Department of Computer ScienceUniversity of WollongongWollongongAustralia

Personalised recommendations