Non-randomness of the Full 4 and 5-Pass HAVAL

  • Hirotaka Yoshida
  • Alex Biryukov
  • Christophe De Cannière
  • Joseph Lano
  • Bart Preneel
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3352)


HAVAL is a cryptographic hash function proposed in 1992 by Zheng, Pieprzyk and Seberry. Its structure is quite similar to other widely used hash functions such as MD5 and SHA-1. The specification of HAVAL includes a security parameter: the number of passes (that is, the number of times that a particular word of the message is used in the computation) which can be chosen equal to 3, 4 or 5. In this paper we cryptanalyze the compression functions of the 4-pass and the 5-pass HAVAL using differential cryptanalysis. We show that each of these two functions can be distinguished from a truly random function.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Biham, E., Shamir, A.: Differential Cryptanalysis of the Data Encryption Standard. Springer, Heidelberg (1993)zbMATHGoogle Scholar
  2. 2.
    Biryukov, A., Wagner, D.: Advanced slide attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 589–606. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  3. 3.
    den Boer, B., Bosselaers, A.: Collisions for the compression function of MD5. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 293–304. Springer, Heidelberg (1994)Google Scholar
  4. 4.
    Damgård, I.: A design principle for hash functions. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 416–427. Springer, Heidelberg (1990)Google Scholar
  5. 5.
    Dobbertin, H.: The status of MD5 after a recent attack. Cryptobytes 2(2), 1–6 (1996)MathSciNetGoogle Scholar
  6. 6.
    Gilbert, H., Handschuh, H.: Security Analysis of SHA-256 and Sisters. In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006, pp. 175–193. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  7. 7.
    Handschuh, H., Naccache, D.: SHACAL, Submission to the NESSIE project (2000), Available from
  8. 8.
    Her, Y.-S., Sakurai, K., Kim, S.-H.: Attacks for finding collision in reduced versions of 3-pass and 4-pass HAVAL. International Conference on Computers, Communications and Systems CE-15, 75–78 (2003)Google Scholar
  9. 9.
    Calyptix Security, HAVAL source code (reference implementation), available at
  10. 10.
    Kasselman, P., Penzhorn, W.: Cryptanalysis of reduced version of HAVAL. Electronics letters 36(1), 30–31 (2000)CrossRefGoogle Scholar
  11. 11.
    Lai, X., Massey, J.: Markov Ciphers and Differential Cryptanalysis. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 17–38. Springer, Heidelberg (1991)Google Scholar
  12. 12.
    Menezes, A., van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1997)zbMATHGoogle Scholar
  13. 13.
    Park, S., Sung, S.H., Chee, S., Lim, J.: On the security of reduced versions of 3-pass HAVAL. In: Batten, L.M., Seberry, J. (eds.) ACISP 2002. LNCS, vol. 2384, pp. 406–419. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  14. 14.
    Rivest, R.: The MD5 message-digest algorithm. Request for Comments (RFC) 1321, Internet Activities Board, Internet Privacy Task Force (April 1992)Google Scholar
  15. 15.
    van Rompay, B., Biryukov, A., Preneel, B., Vandewalle, J.: Cryptanalysis of 3-Pass HAVAL. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 228–245. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  16. 16.
    National Institute of Standards and Technology, FIPS-180-2: Secure Hash Standard (SHS) (August 2002)Google Scholar
  17. 17.
    Saarinen, M.: Cryptanalysis of Block Ciphers Based on SHA-1 and MD5. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 36–44. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  18. 18.
    Zheng, Y., Pieprzyk, J., Seberry, J.: HAVAL – a one-way hashing algorithm with variable length of output. In: Zheng, Y., Seberry, J. (eds.) AUSCRYPT 1992. LNCS, vol. 718, pp. 83–104. Springer, Heidelberg (1993)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Hirotaka Yoshida
    • 1
    • 2
  • Alex Biryukov
    • 2
  • Christophe De Cannière
    • 2
  • Joseph Lano
    • 2
  • Bart Preneel
    • 2
  1. 1.Systems Development LaboratoryHitachi, Ltd.YokohamaJapan
  2. 2.Dept. ESAT/SCD-COSICKatholieke Universiteit LeuvenLeuven-HeverleeBelgium

Personalised recommendations