Saved in:
Bibliographic Details
Main Author: Zamir, Or
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2401.10360
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866916484114022400
author Zamir, Or
author_facet Zamir, Or
contents We introduce a cryptographic method to hide an arbitrary secret payload in the response of a Large Language Model (LLM). A secret key is required to extract the payload from the model's response, and without the key it is provably impossible to distinguish between the responses of the original LLM and the LLM that hides a payload. In particular, the quality of generated text is not affected by the payload. Our approach extends a recent result of Christ, Gunn and Zamir (2023) who introduced an undetectable watermarking scheme for LLMs.
format Preprint
id arxiv_https___arxiv_org_abs_2401_10360
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle Excuse me, sir? Your language model is leaking (information)
Zamir, Or
Cryptography and Security
Machine Learning
We introduce a cryptographic method to hide an arbitrary secret payload in the response of a Large Language Model (LLM). A secret key is required to extract the payload from the model's response, and without the key it is provably impossible to distinguish between the responses of the original LLM and the LLM that hides a payload. In particular, the quality of generated text is not affected by the payload. Our approach extends a recent result of Christ, Gunn and Zamir (2023) who introduced an undetectable watermarking scheme for LLMs.
title Excuse me, sir? Your language model is leaking (information)
topic Cryptography and Security
Machine Learning
url https://arxiv.org/abs/2401.10360