Saved in:
Bibliographic Details
Main Authors: Perry, Neil, Gupte, Sanket, Pitta, Nishant, Rotem, Lior
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2504.08977
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866909576572436480
author Perry, Neil
Gupte, Sanket
Pitta, Nishant
Rotem, Lior
author_facet Perry, Neil
Gupte, Sanket
Pitta, Nishant
Rotem, Lior
contents Recent steganographic schemes, starting with Meteor (CCS'21), rely on leveraging large language models (LLMs) to resolve a historically-challenging task of disguising covert communication as ``innocent-looking'' natural-language communication. However, existing methods are vulnerable to ``re-randomization attacks,'' where slight changes to the communicated text, that might go unnoticed, completely destroy any hidden message. This is also a vulnerability in more traditional encryption-based stegosystems, where adversaries can modify the randomness of an encryption scheme to destroy the hidden message while preserving an acceptable covertext to ordinary users. In this work, we study the problem of robust steganography. We introduce formal definitions of weak and strong robust LLM-based steganography, corresponding to two threat models in which natural language serves as a covertext channel resistant to realistic re-randomization attacks. We then propose two constructions satisfying these notions. We design and implement our steganographic schemes that embed arbitrary secret messages into natural language text generated by LLMs, ensuring recoverability even under adversarial paraphrasing and rewording attacks. To support further research and real-world deployment, we release our implementation and datasets for public use.
format Preprint
id arxiv_https___arxiv_org_abs_2504_08977
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Robust Steganography from Large Language Models
Perry, Neil
Gupte, Sanket
Pitta, Nishant
Rotem, Lior
Cryptography and Security
Recent steganographic schemes, starting with Meteor (CCS'21), rely on leveraging large language models (LLMs) to resolve a historically-challenging task of disguising covert communication as ``innocent-looking'' natural-language communication. However, existing methods are vulnerable to ``re-randomization attacks,'' where slight changes to the communicated text, that might go unnoticed, completely destroy any hidden message. This is also a vulnerability in more traditional encryption-based stegosystems, where adversaries can modify the randomness of an encryption scheme to destroy the hidden message while preserving an acceptable covertext to ordinary users. In this work, we study the problem of robust steganography. We introduce formal definitions of weak and strong robust LLM-based steganography, corresponding to two threat models in which natural language serves as a covertext channel resistant to realistic re-randomization attacks. We then propose two constructions satisfying these notions. We design and implement our steganographic schemes that embed arbitrary secret messages into natural language text generated by LLMs, ensuring recoverability even under adversarial paraphrasing and rewording attacks. To support further research and real-world deployment, we release our implementation and datasets for public use.
title Robust Steganography from Large Language Models
topic Cryptography and Security
url https://arxiv.org/abs/2504.08977