Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


DARPA Shredder Challenge: Who'll Solve $50,000 Puzzle?

Can you use determination and computational power to reassemble 6,068 pieces of paper into a readable document? DARPA hopes so.

Government Innovators
Slideshow: Government Innovators
(clickimage for larger view and for full slideshow)
More than 5,000 teams have signed up to compete in a Defense Advanced Research Projects Agency's (DARPA's) shredder challenge, and those that have solved the first two levels of the test have mainly used manual methods to reassemble shredded pieces of paper. Now, the agency says, it will take computational methods to solve the rest.

DARPA introduced the so-called Shredder Challenge last week. The task is to reassemble five shredded documents and $50,000 will go to the winner, which will be judged on the number of problems solved and their degree of difficulty.

The aim of the challenge is to develop ways to reconstruct shredded documents that U.S. soldiers come across to use to gather intelligence information. The Department of Defense (DOD) also wants to try to discern how enemies might be reassembling U.S. documents by crowdsourcing this activity.

The Obama administration has made ample use of crowdsourcing and challenges to help the feds solve technology and other problems, even creating an entire website for agencies to post challenges for people to solve for a range of cash prizes.

[ DARPA is trying a number of unusual tactics. Read DARPA Investigates Storytelling As Security Science. ]

Sixteen teams have solved the first Shredder Challenge puzzle and two have solved the second, mainly by manual means--such as printing, cutting out and sorting by hand the various pieces of the puzzle--and "sheer patience and determination," DARPA Director Regina E. Dugan said in a statement Wednesday.

The first two problems contained 224 and 373 pieces, respectively, and some teams already have used algorithms to separate pieces individually before sorting them, according to DARPA.

The next three get considerably more difficult, however, and if someone were to come up with a computational, automated means for reconstructing shredded documents, they "could find an advantage" for solving them, Dugan said.

To solve puzzle 3, teams must sort through and reassemble 1,115 pieces of paper, while puzzle 4 has 2,340 pieces and puzzle 5 has 6,068 pieces.

Dugan said it will be a combination of using "powerful computation methods with shared tasking and the diverse insights of the crowd" that will decide the winner of the challenge.

The Shredder Challenge website has received close to 4 million hits since Oct. 27, and more than 5,000 teams have registered to participate. The challenge also has inspired a lot of chatter online, as the teams involved are using blogs and a forum on the challenge's website to discuss the challenge and its technical aspects, according to DARPA.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
3/30/2012 | 9:30:31 AM
re: DARPA Shredder Challenge: Who'll Solve $50,000 Puzzle?
This challenge definitely required hard work. The winners did a great job on this. Being a part of the shredding Houston industry, it is amazing news for us to know that they were able to make a software to un-shred documents and important papers. We just hope it doesn't fall in the wrong hands.
SOC 2s & Third-Party Assessments: How to Prevent Them from Being Used in a Data Breach Lawsuit
Beth Burgin Waller, Chair, Cybersecurity & Data Privacy Practice , Woods Rogers PLC,  12/5/2019
Navigating Security in the Cloud
Diya Jolly, Chief Product Officer, Okta,  12/4/2019
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2019-12-09
IBM Watson Assistant for IBM Cloud Pak for Data 1.0.0 through 1.3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session....
PUBLISHED: 2019-12-09
IBM Planning Analytics 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 168519.
PUBLISHED: 2019-12-09
IBM Planning Analytics 2.0 is vulnerable to malicious file upload in the My Account Portal. Attackers can make use of this weakness and upload malicious executable files into the system and it can be sent to victim for performing further attacks. IBM X-Force ID: 168523.
PUBLISHED: 2019-12-09
IBM DataPower Gateway throug 6.0.14 and 2018.4.1.0 through 2018.4.1.5 have a default administrator account that is enabled if the IPMI LAN channel is enabled. A remote attacker could use this account to gain unauthorised access to the BMC. IBM X-Force ID: 168883.
PUBLISHED: 2019-12-09
An unsafe deserialization vulnerability exists in CA Release Automation (Nolio) 6.6 with the DataManagement component that can allow a remote attacker to execute arbitrary code.