Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

An LLM Framework For Cryptography Over Chat Channels

Danilo Gligoroski, Mayank Raikwar, Sonu Kumar Jha

TL;DR

This work tackles the problem of secure covert communication over open chat channels in surveillance-heavy contexts by proposing an LLM-driven cryptographic embedding framework. It introduces EmbedderLLM to place ciphertext characters at precise positions inside human-like text, supports both symmetric and public-key cryptography, and remains agnostic to the specific LLM and to quantum threat models. Theoretical security notions—IND-CC and SS-ADV—are developed to analyze indistinguishability and adversarial detection, with concrete examples such as password-based AEAD and an ECDHE-style key exchange (ECDHE-LLM). The framework aims to enable undetectable encrypted traffic within normal-language conversations, while acknowledging ethical considerations and outlining directions for efficiency, robustness, and post-quantum extensions. These ideas suggest a provocative direction for covert communications using LLMs, balancing cryptographic functionality with careful attention to potential misuse and policy implications.

Abstract

Recent advancements in Large Language Models (LLMs) have transformed communication, yet their role in secure messaging remains underexplored, especially in surveillance-heavy environments. At the same time, many governments all over the world are proposing legislation to detect, backdoor, or even ban encrypted communication. That emphasizes the need for alternative ways to communicate securely and covertly over open channels. We propose a novel cryptographic embedding framework that enables covert Public Key or Symmetric Key encrypted communication over public chat channels with humanlike produced texts. Some unique properties of our framework are: 1. It is LLM agnostic, i.e., it allows participants to use different local LLM models independently; 2. It is pre- or post-quantum agnostic; 3. It ensures indistinguishability from human-like chat-produced texts. Thus, it offers a viable alternative where traditional encryption is detectable and restricted.

An LLM Framework For Cryptography Over Chat Channels

TL;DR

This work tackles the problem of secure covert communication over open chat channels in surveillance-heavy contexts by proposing an LLM-driven cryptographic embedding framework. It introduces EmbedderLLM to place ciphertext characters at precise positions inside human-like text, supports both symmetric and public-key cryptography, and remains agnostic to the specific LLM and to quantum threat models. Theoretical security notions—IND-CC and SS-ADV—are developed to analyze indistinguishability and adversarial detection, with concrete examples such as password-based AEAD and an ECDHE-style key exchange (ECDHE-LLM). The framework aims to enable undetectable encrypted traffic within normal-language conversations, while acknowledging ethical considerations and outlining directions for efficiency, robustness, and post-quantum extensions. These ideas suggest a provocative direction for covert communications using LLMs, balancing cryptographic functionality with careful attention to potential misuse and policy implications.

Abstract

Recent advancements in Large Language Models (LLMs) have transformed communication, yet their role in secure messaging remains underexplored, especially in surveillance-heavy environments. At the same time, many governments all over the world are proposing legislation to detect, backdoor, or even ban encrypted communication. That emphasizes the need for alternative ways to communicate securely and covertly over open channels. We propose a novel cryptographic embedding framework that enables covert Public Key or Symmetric Key encrypted communication over public chat channels with humanlike produced texts. Some unique properties of our framework are: 1. It is LLM agnostic, i.e., it allows participants to use different local LLM models independently; 2. It is pre- or post-quantum agnostic; 3. It ensures indistinguishability from human-like chat-produced texts. Thus, it offers a viable alternative where traditional encryption is detectable and restricted.

Paper Structure

This paper contains 30 sections, 2 theorems, 46 equations, 3 figures, 3 tables, 4 algorithms.

Table of Contents

  1. Introduction
  2. Motivation
  3. Contribution
  4. Paper Organization
  5. Related Work
  6. Transformers
  7. Notations and a special function $\textsc{EmbedderLLM}$
  8. Modeling the Distinguishability of Texts Outputs From Algorithm \ref{['Alg:EmbedderLLM']} From Human-Like Produced Texts
  9. Discussion on Algorithm \ref{['Alg:EmbedderLLM']}
  10. Execution (in)efficiency
  11. Redundancy (in)efficiency
  12. Practical vs cryptographically strong probabilities
  13. (In)Plausability of assumption \ref{['assumption3']}
  14. Using Algorithm \ref{['Alg:EmbedderLLM']} with more than one LLM model
  15. LLM Cryptography
  16. ...and 15 more sections

Key Result

Theorem 1

The probability a $Story$ generated by $\textsc{EmbedderLLM}(\text{LLM}, \textit{TOPIC}, \varepsilon, T_0, k_0, \mathbf{C}, \mathbf{b}, l, sec)$ to have a token produced with parameters $T\notin [0.7, 0.9]$ and $k \notin [40, 60]$ denoted as $P_{dist}$ is less than $2^{-sec}$.

Figures (3)

  • Figure 1: The chat between Alice and Bob with highlighted embedded characters and positions
  • Figure :
  • Figure :

Theorems & Definitions (8)

  • Theorem 1
  • proof
  • Proposition 1
  • proof
  • Definition 1: IND-CC Game
  • Definition 2: SS-ADV Game
  • Definition 3: PK-DH Security
  • Definition 4: TOK-STAT Distinguishability