Let's talk about encrypted reasoning
6 hours ago
- #LLM security
- #encrypted reasoning
- #side channels
- LLM APIs for reasoning models send encrypted reasoning blocks to clients, which contain hidden chain-of-thought data, not visible in normal outputs.
- Encrypted reasoning blocks can be replayed across sessions and accounts due to a global encryption key, potentially leading to unpredictable model behavior if injected maliciously.
- Side channels like reasoning block length or response time can leak secret information by correlating with complex computations based on hidden data.