{"id":23824658,"url":"https://github.com/joogswastaken/bf-pprl-attack","last_synced_at":"2025-09-10T17:44:45.386Z","repository":{"id":132864943,"uuid":"577024187","full_name":"JoogsWasTaken/bf-pprl-attack","owner":"JoogsWasTaken","description":"Implementation of a frequency-based re-identification attack on Bloom filters in PPRL protocols","archived":false,"fork":false,"pushed_at":"2022-12-11T19:17:11.000Z","size":19,"stargazers_count":0,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-05-29T00:07:48.018Z","etag":null,"topics":["cybersec","infosec","poc","privacy","python","security"],"latest_commit_sha":null,"homepage":"https://eulenbu.de/posts/bf-pprl-attacks/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/JoogsWasTaken.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2022-12-11T18:34:56.000Z","updated_at":"2024-12-24T12:11:11.000Z","dependencies_parsed_at":"2023-07-23T04:54:02.194Z","dependency_job_id":null,"html_url":"https://github.com/JoogsWasTaken/bf-pprl-attack","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/JoogsWasTaken/bf-pprl-attack","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JoogsWasTaken%2Fbf-pprl-attack","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JoogsWasTaken%2Fbf-pprl-attack/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JoogsWasTaken%2Fbf-pprl-attack/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JoogsWasTaken%2Fbf-pprl-attack/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/JoogsWasTaken","download_url":"https://codeload.github.com/JoogsWasTaken/bf-pprl-attack/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JoogsWasTaken%2Fbf-pprl-attack/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":274497181,"owners_count":25296548,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-10T02:00:12.551Z","response_time":83,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cybersec","infosec","poc","privacy","python","security"],"created_at":"2025-01-02T11:14:43.568Z","updated_at":"2025-09-10T17:44:45.356Z","avatar_url":"https://github.com/JoogsWasTaken.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Frequency-based attack on Bloom filters in PPRL\n\nThis repository contains an implementation of a frequency-based re-identification attack on Bloom filters in privacy-preserving record linkage protocols.\nThe attack was first described by Christen et al.[^1] and discussed on my personal website in a series dedicated to Bloom-filter-based PPRL.\n\n## How to use\n\nYou will need a frequency table of values you want to mask using Bloom filters.\nYou can find an example in the [data directory](./data/) using the top 1k first names in Germany[^2].\nThe first column must contain values and the second column their respective absolute frequencies.\nThe table must be CSV-formatted.\n\nUsing this project assumes you have [Poetry](https://python-poetry.org/) installed.\nRun `poetry install` in the root of this repository, then drop into a virtual environment using `poetry shell`.\n\nTo perform the attack the same way the authors did, you will need to compute the amount of hash values *k*.\nChoose a filter size *m* (e.g. 256) and token size *q* (e.g. 2) and run the following script.\n\n```\n$ python compute_optimal_k.py data/german-names.csv -m 256 -q 2\n24.19163983958364\n```\n\nIn this example, *k* should be 24.\nNext, generate a list of CLKs based on the frequency information of your word list.\nIt's advisable that you create an output directory first, e.g. using `mkdir -p out`.\nSelect an amount of CLKs to generate, e.g. 1m, then run the following script with your previously selected value *k*.\n\n```\n$ python generate_bf.py data/german-names.csv out/german-names-masked.csv -n 1000000 -q 2 -m 256 -k 24\n```\n\nFinally, run the attack with the following script.\nYou can enable CSV output with the `--stdout-csv` flag which will print the amount of exact matches, potential matches, false matches and no matches as comma-separated values.\nThe output file contains the detailed guesses for each CLK.\n\n```\n$ python perform_attack.py data/german-names.csv out/german-names-masked.csv out/german-names-guess.csv -q 2 \nTOTAL WORD COUNT:  1000\nExact matches:     3\nPotential matches: 0\nFalse matches:     81\nNo matches:        916\n```\n\n## References\n\n[^1]: Christen, Peter, et al. \"Efficient cryptanalysis of bloom filters for privacy-preserving record linkage.\" Pacific-Asia Conference on Knowledge Discovery and Data Mining. Springer, Cham, 2017.\n[^2]: Taken from Forebears' \"Most Common Last Names In Germany\" ([URL](https://forebears.io/germany/surnames), [Archive](https://web.archive.org/web/20220922090455/https://forebears.io/germany/surnames))","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjoogswastaken%2Fbf-pprl-attack","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjoogswastaken%2Fbf-pprl-attack","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjoogswastaken%2Fbf-pprl-attack/lists"}