What Was Your Prompt? A Remote Keylogging Attack on AI Assistants | allinfosecnews.com

March 18, 2024, 4:10 a.m. | Roy Weiss, Daniel Ayzenshteyn, Guy Amit, Yisroel Mirsky

cs.CR updates on arXiv.org arxiv.org

arXiv:2403.09751v1 Announce Type: new
Abstract: AI assistants are becoming an integral part of society, used for asking advice or help in personal and confidential issues. In this paper, we unveil a novel side-channel that can be used to read encrypted responses from AI Assistants over the web: the token-length side-channel. We found that many vendors, including OpenAI and Microsoft, have this side-channel.
However, inferring the content of a response from a token-length sequence alone proves challenging. This is because tokens …

advice ai assistants arxiv asking attack can channel confidential cs.ai cs.cl cs.cr encrypted keylogging length novel personal prompt side-channel society the web token web

More from arxiv.org / cs.CR updates on arXiv.org

Why You Should Not Trust Interpretations in Machine Learning: Adversarial Attacks on Partial Dependence Plots 22 hours ago | arxiv.org

adoption adversarial adversarial attacks artificial +22

Sui Lutris: A Blockchain Combining Broadcast and Consensus 22 hours ago | arxiv.org

agreement arxiv blockchain broadcast +12

Jolteon and Ditto: Network-Adaptive Efficient Consensus with Asynchronous Fallback 22 hours ago | arxiv.org

arxiv asynchronous blockchains clear +19

Noisy Measurements Are Important, the Design of Census Products Is Much More Important 22 hours ago | arxiv.org

arxiv asking august call +19

Graphene: Infrastructure Security Posture Analysis with AI-generated Attack Graphs 22 hours ago | arxiv.org

analysis arxiv assessment attack +31

REED: Chiplet-Based Accelerator for Fully Homomorphic Encryption 22 hours ago | arxiv.org

accelerator accelerators address application +14

Evaluation Methodologies in Software Protection Research 22 hours ago | arxiv.org

arms arxiv assets attackers +20

SoK: Rowhammer on Commodity Operating Systems 22 hours ago | arxiv.org

academia access arxiv attacks +17

Quantum cryptographic protocols with dual messaging system via 2D alternate quantum walks and genuine single … 22 hours ago | arxiv.org

alternate arxiv can cond-mat.dis-nn +17

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote

View on infosec-jobs.com

Information Security Specialist, Sr. (Container Hardening)

@ Rackner | San Antonio, TX

View on infosec-jobs.com

Principal Security Researcher (Advanced Threat Prevention)

@ Palo Alto Networks | Santa Clara, CA, United States

View on infosec-jobs.com

EWT Infosec | IAM Technical Security Consultant - Manager

@ KPMG India | Bengaluru, Karnataka, India

View on infosec-jobs.com

Security Engineering Operations Manager

@ Gusto | San Francisco, CA; Denver, CO; Remote

View on infosec-jobs.com

Network Threat Detection Engineer

@ Meta | Denver, CO | Reston, VA | Menlo Park, CA | Washington, DC

View on infosec-jobs.com