all InfoSec news
What Was Your Prompt? A Remote Keylogging Attack on AI Assistants
March 18, 2024, 4:10 a.m. | Roy Weiss, Daniel Ayzenshteyn, Guy Amit, Yisroel Mirsky
cs.CR updates on arXiv.org arxiv.org
Abstract: AI assistants are becoming an integral part of society, used for asking advice or help in personal and confidential issues. In this paper, we unveil a novel side-channel that can be used to read encrypted responses from AI Assistants over the web: the token-length side-channel. We found that many vendors, including OpenAI and Microsoft, have this side-channel.
However, inferring the content of a response from a token-length sequence alone proves challenging. This is because tokens …
advice ai assistants arxiv asking attack can channel confidential cs.ai cs.cl cs.cr encrypted keylogging length novel personal prompt side-channel society the web token web
More from arxiv.org / cs.CR updates on arXiv.org
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Information Security Specialist, Sr. (Container Hardening)
@ Rackner | San Antonio, TX
Principal Security Researcher (Advanced Threat Prevention)
@ Palo Alto Networks | Santa Clara, CA, United States
EWT Infosec | IAM Technical Security Consultant - Manager
@ KPMG India | Bengaluru, Karnataka, India
Security Engineering Operations Manager
@ Gusto | San Francisco, CA; Denver, CO; Remote
Network Threat Detection Engineer
@ Meta | Denver, CO | Reston, VA | Menlo Park, CA | Washington, DC