Data Authentication Algorithm

From Wikipedia, the free encyclopedia

The Data Authentication Algorithm (DAA) is a former U.S. government standard for producing cryptographic message authentication codes. DAA is defined in FIPS PUB 113,[1] which was withdrawn on September 1, 2008.[citation needed] The algorithm is not considered[by whom?] secure by today's standards.[citation needed] According to the standard, a code produced by the DAA is called a Data Authentication Code (DAC). The algorithm chain encrypts the data, with the last cipher block truncated and used as the DAC.

The DAA is equivalent to ISO/IEC 9797-1 MAC algorithm 1, or CBC-MAC, with DES as the underlying cipher, truncated to between 24 and 56 bits (inclusive).


  1. ^ FIPS PUB 113 – Computer Data Authentication – the Federal Information Processing Standard publication that defines the Data Authentication Algorithm