UBITECH is proud to announce the official launch of its open-source TPM Direct Anonymous Attestation (DAA) Library, a strategic initiative to bring privacy-preserving attestation capabilities to modern computing systems. This release marks an important milestone in UBITECH’s mission to combine strong security, hardware-based trust, and individual privacy in a seamless, accessible way. Remote attestation is a well-known mechanism by which a device or computing environment can prove its integrity to a verifier. However, traditional attestation schemes often risk revealing identifying information about the attesting platform. Direct Anonymous Attestation (DAA) is a sophisticated cryptographic protocol that allows a platform to prove integrity while remaining anonymous (or pseudonymous) to the verifier, thereby preserving privacy even in contexts requiring strong hardware assurances. By launching this library under an open-source model, UBITECH seeks to empower device makers, system integrators, researchers, and security architects to adopt DAA in real-world systems without locking into proprietary solutions.
About the UBITECH DAA Library
The UBITECH DAA Library is available under an open-source license on GitHub and provides a reference implementation in C designed for TPM 2.0–equipped platforms, as well as compatibility with the IBM TPM 2.0 simulator. It implements the core DAA protocols of join, signing, and verification in a modular way, making it easy to integrate into other systems while also serving as a solid base for research. Developed with production quality in mind, the library balances robustness and extensibility, offering a resource that can be used both for practical deployments and for advancing academic and industrial research into trusted computing. By maintaining this project in the open, UBITECH ensures that improvements and innovations can be shared with and shaped by the broader community.
Strategic Significance for UBITECH and the Wider Ecosystem
With this launch, UBITECH is positioning itself as a driver in the intersection between trusted computing and privacy-preserving infrastructure. The DAA library fits naturally into broader architectures that require hardware-bound credentials, anonymous attestation, or privacy-preserving identity systems. The launch also supports UBITECH’s ongoing engagements and initiatives. For example, in the frame of an Horizon Europe initiative, UBITECH is implementing DAA protocols as a cryptographic foundation for binding verifiable credentials (VCs) to hardware roots-of-trust, enabling stronger assurances without sacrificing user privacy. Moreover, the DAA approach aligns with emerging standardization efforts in remote attestation and privacy-aware trust architectures. For instance, the forthcoming IETF draft “Direct Anonymous Attestation for the Remote Attestation Procedures (RATS) Architecture” maps DAA into a general attestation framework. UBITECH’s implementation is both complementary and timely in this evolving landscape.
People Behind the Launch
This achievement was realized by members of UBITECH’s Secure Systems & Trusted Computing Research Group – Mr. Stefanos Vasileiadis, Trusted Computing Technology Leader, who led the technical development and design of the library, and Dr Thanassis Giannetsos, Head of Unit, who oversaw overall architecture, quality, and integration into UBITECH’s research portfolio. The vision for the library and the broader strategic framing was articulated by Dr. Panagiotis Gouvas, Co-founder and R&D Director at UBITECH, stating that “I’m proud to announce the launch of our open-source TPM Direct Anonymous Attestation (DAA) Library — a strategic step forward in bringing privacy-preserving attestation capabilities to modern systems.”
Use Cases, Adoption, and Future Roadmap
The DAA Library has immediate applicability in a wide range of domains. It can underpin hardware-based digital identity systems where anonymity is essential, strengthen privacy-preserving attestation within zero-trust architectures, and support the issuance of secure digital credentials in emerging verifiable credential ecosystems. It also plays an important role in trusted execution environments and confidential computing, while offering researchers and academic institutions a reliable platform for experimentation and prototyping.
Looking ahead, UBITECH intends to expand the library’s capabilities by extending support to additional platforms beyond TPM 2.0, incorporating revocation and credential update mechanisms, and providing bindings for more programming languages to facilitate integration. In parallel, UBITECH is committed to fostering a community of contributors who will help evolve the project, and will continue engaging with standardization bodies to align the implementation with international efforts around remote attestation, WebAuthn, and privacy-enhancing trust architectures.
Availability & Access
The TPM DAA Library is freely available today on GitHub: github.com/ubitech/daa
Developers, researchers, and interested parties are encouraged to review, adopt, provide feedback, and contribute upstream improvements.
Founded with the mission to build trustworthy, secure, and privacy-aware systems, UBITECH has a strong track record in cybersecurity, trusted computing, and research-driven innovation. Its teams routinely engage in European research projects, standardization efforts, and development of advanced security infrastructure. With the launch of the open-source TPM DAA Library, UBITECH reaffirms its commitment to openness, collaboration, and pushing the forefront of secure and privacy-enhancing technologies.
