LOGBOOK

HELP

Quiz Entry - updated: 2026.07.05

What are the typical five steps of a de-anonymization attack?

Collect the anonymized target dataset, gather auxiliary public data, identify distinguishing patterns/quasi-identifiers, match patterns across datasets, then validate the re-identification.

  1. Collect the anonymized target dataset.
  2. Gather auxiliary data from public sources (other leaks, public profiles, voter rolls, etc.).
  3. Identify distinguishing patterns / quasi-identifiers present in both.
  4. Match patterns across datasets to link records.
  5. Validate re-identification to confirm the linkage is correct.

The underlying principle: de-anonymization is fundamentally a linkage attack — the anonymized data is matched against an external "auxiliary" dataset via shared quasi-identifiers. The more auxiliary data exists in the world, the weaker any anonymization becomes.

Tip: This is why "anonymized" is a risk level, not a binary state — it depends on what auxiliary data an adversary can obtain, now or in the future.

Go deeper:

From Quiz: PRIVACY / Cryptographic Privacy & Big Data — Zero-Knowledge Proofs, MPC, Homomorphic Encryption & Anonymization | Updated: Jul 05, 2026