The Data Authentication Algorithm (DAA) is a former U.S. government standard for producing cryptographic message authentication codes. DAA is defined in FIPS PUB 113,[1] which was withdrawn on September 1, 2008. The algorithm is not considered secure by today's standards.According to the standard, a code produced by the DAA is called a Data Authentication Code (DAC). The algorithm chain encrypts the data, with the last cipher block truncated and used as the DAC.
The DAA is equivalent to ISO/IEC 9797-1 MAC algorithm 1, or CBC-MAC, with DES as the underlying cipher, truncated to between 24 and 56 bits (inclusive).