Data Authentication Algorithm

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

The Data Authentication Algorithm (DAA) is a former U.S. government standard for producing cryptographic message authentication codes. DAA is defined in FIPS PUB 113,[1] which was withdrawn on September 1, 2008. The algorithm is not considered secure by today's standards.

According to the standard, a code produced by the DAA is called a Data Authentication Code (DAC). The algorithm chain encrypts the data, with the last cipher block truncated and used as the DAC.

The DAA is equivalent to ISO/IEC 9797-1 MAC algorithm 1, or CBC-MAC, with DES as the underlying cipher, truncated to between 24 and 56 bits (inclusive).


  1. ^ FIPS PUB 113 - Computer Data Authentication - the Federal Information Processing Standard publication that defines the Data Authentication Algorithm