Whisper Leak: How Encrypted AI Chats Still Leak Conversation Topics cover art

Whisper Leak: How Encrypted AI Chats Still Leak Conversation Topics

Whisper Leak: How Encrypted AI Chats Still Leak Conversation Topics

Listen for free

View show details

About this listen

In this episode, we break down Whisper Leak, a newly disclosed side-channel issue affecting encrypted LLM communications. JBO explains how attackers can infer conversation topics using packet size and timing metadata without breaking encryption. The discussion covers how the research team discovered the issue, how vendors (including Microsoft and OpenAI) mitigated it, and what it means for the future of secure AI systems.

01:30 – What Whisper Leak Actually Is 02:30 – Understanding Side-Channel Attacks 04:00 – Why LLMs Are Uniquely Vulnerable 08:00 – Stream Ciphers vs Block Ciphers 13:30 – “Did You Break Encryption?” Clearing Up Misconceptions 16:00 – Fixes & Mitigations Across LLM Vendors 18:30 – Why Some Vendors Were More Vulnerable Than Others 20:00 – Could High-End Adversaries Still Pull This Off? 24:00 – How API Users Can Protect Themselves 25:00 – Designing LLM Systems with Side Channels in Mind

Guests: Jonathan (JBO) Bar Or, Principal Security Researcher, Microsoft Threat Intelligence, who just joined CrowdStrike

Hosts: Elliot Volkman & Neal Dennis
No reviews yet
In the spirit of reconciliation, Audible acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.