A professional C implementation of the Direct Anonymous Attestation (DAA) - Variant A protocol, featuring attribute-based credentials and selective disclosure. This library leverages the security of mbedTLS and the high-performance pairing-friendly curves of MIRACL Core.
DAA-A is a cryptographic protocol that allows a hardware or software "Holder" to prove their legitimacy to a "Verifier" without revealing their unique identity. This implementation extends the core DAA capability by adding Attribute-Based Credentials, allowing the holder to:
- Prove possession of a Verifiable Credential (VC) issued by a trusted authority.
- Selectively disclose only specific attributes (e.g., "Age > 18") while keeping others cryptographically hidden.
- Ensure "Unlinkability": Multiple presentations by the same holder cannot be linked together by the verifier.
- Bilinear Pairings: Built on the Barreto-Naehrig (BN-P256) pairing-friendly curve.
- Selective Disclosure: Holder-controlled privacy at the attribute level.
- Zero-Knowledge Proofs: Uses Schnorr-style proofs for attribute commitments.
- Security-First Design: Includes secure memory zeroization for sensitive secret material.
- Professional Logging: Structured diagnostic output for protocol monitoring.
- CMake (version 3.10 or higher)
- GCC or Clang compiler
- Make or another build system supported by CMake
- Internet connection (to fetch
mbedTLSandMIRACL Coredependencies during the first build)
The project uses a standard CMake workflow. A helper script is provided for convenience.
# Option 1: Using the helper script
chmod +x build.sh
./build.sh
# Option 2: Manual CMake build
mkdir -p build && cd build
cmake ..
make -j$(nproc)The project includes a comprehensive demonstration suite that exercises the full protocol lifecycle: Context Setup → Key Generation → Issuance → Presentation → Verification.
Use the provided test script to run various scenarios (hidden attributes, full disclosure, etc.):
chmod +x run_tests.sh
./run_tests.shYou can run the demonstration binary directly with custom parameters:
# Usage: ./build/daa-a <num_attributes> <disclosure_comma_separated>
# Example: 5 attributes, disclose 1st and 3rd (1=Visible, 0=Hidden)
./build/daa-a 5 1,0,1,0,0include/daa-a/: Public API headers and data structure definitions.src/daa-a.c: Core protocol logic for holders and verifiers.src/vc_issuer.c: Issuer-side operations (Keygen and Credential Signing).src/cryptoutils.c: Low-level wrappers for MbedTLS and MIRACL integration.app/main.c: Command-line demonstration application.
This implementation is made possible by the following open-source projects:
- mbedTLS: Used for core ECC operations, SHA-256 hashing, and constant-time memory utilities.
- MIRACL Core: Provides the high-performance implementation of the BN-P256 pairing-friendly curve and bilinear pairing primitives.
- Stefanos Vasileiadis (svasileiadis@ubitech.eu) - Software Leading Engineer
- Thanassis Giannetsos (agiannetsos@ubitech.eu) - Scientific Lead
- Panagiotis Gouvas (pgouvas@ubitech.eu) - Technical Coordination
This project is licensed under the Apache License, Version 2.0. See the LICENSE file for details.
Copyright 2025-2026 UBITECH Ltd (https://ubitech.eu)