Aircloak Attack Challenge

The first bounty program for anonymized data re-identification.
As part of its commitment to transparency and strong anonymization, Aircloak offers the world’s first bounty program for re-identification of anonymized data.

Aircloak’s platform is available to participating “attackers” – white-hat privacy engineers and researchers.

The first season of the challenge ended June 1 2018.

The attackers may supply their own data sets to attack, or use one of the data sets supplied by Aircloak. The attacker may assume substantial prior knowledge of the data set. The goal of the attacker is to single out users. This is the main criteria for anonymization used by the GDPR.

Higher bounties are paid when the attacker can single out more users with less prior knowledge, with the highest bounty set at $5,000.

To participate in the challenge

Read the challenge rules and contact us at challenge@aircloak.com.
Right now the challenge is paused but feel free to sign up for upcoming challenge announcements (infrequent):



Resources:

Attack Challenge statistics

A bounty program is only as good as its attackers. Cumulative challenge statistics as of May 22 (challenge started Nov. 29, 2017).

Participants registered for announcements 96
Participants with attack accounts 33
Participants with one or more attacks 4
Participating institutions 12
Number of submitted attack sketches 11
Number of attacks 9
Number of finished attacks with payout 2
Number of finished attacks with no payout 0
Number of datasets 5
Total attack queries 33M

Hall of Fame

Attackers

Name Attacks Total bounty
Aloni Cohen – MIT
Kobbi Nissim – Georgetown University
1 $5000
Apostolos Pyrgelis – UCL (University College London)
Carmela Troncoso – EPFL
Emiliano De Cristofaro – UCL
1 $5000

 

Attacks

Reward α κ Name Affiliation
$5000 0 100% Aloni Cohen / Kobbi Nissim MIT / Georgetown Univ.
$5000 0 95% Apostolos Pyrgelis / Carmela Troncoso / Emiliano De Cristofaro UCL / EPFL