Sign up to save your podcasts
Or
Share Whisper Leak: How Encrypted AI Chats Still Leak Conversation Topics
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Whisper Leak: How Encrypted AI Chats Still Leak Conversation Topics
In this episode, we break down Whisper Leak, a newly disclosed side-channel issue affecting encrypted LLM communications. JBO explains how attackers can infer conversation topics using packet size and timing metadata without breaking encryption. The discussion covers how the research team discovered the issue, how vendors (including Microsoft and OpenAI) mitigated it, and what it means for the future of secure AI systems.
01:30 – What Whisper Leak Actually Is
02:30 – Understanding Side-Channel Attacks
04:00 – Why LLMs Are Uniquely Vulnerable
08:00 – Stream Ciphers vs Block Ciphers
13:30 – “Did You Break Encryption?” Clearing Up Misconceptions
16:00 – Fixes & Mitigations Across LLM Vendors
18:30 – Why Some Vendors Were More Vulnerable Than Others
20:00 – Could High-End Adversaries Still Pull This Off?
24:00 – How API Users Can Protect Themselves
25:00 – Designing LLM Systems with Side Channels in Mind
Guests: Jonathan (JBO) Bar Or, Principal Security Researcher, Microsoft Threat Intelligence, who just joined CrowdStrike
Hosts: Elliot Volkman & Neal Dennis
View all episodes
By Adopting Zero Trust
5
44 ratings
In this episode, we break down Whisper Leak, a newly disclosed side-channel issue affecting encrypted LLM communications. JBO explains how attackers can infer conversation topics using packet size and timing metadata without breaking encryption. The discussion covers how the research team discovered the issue, how vendors (including Microsoft and OpenAI) mitigated it, and what it means for the future of secure AI systems.
01:30 – What Whisper Leak Actually Is
02:30 – Understanding Side-Channel Attacks
04:00 – Why LLMs Are Uniquely Vulnerable
08:00 – Stream Ciphers vs Block Ciphers
13:30 – “Did You Break Encryption?” Clearing Up Misconceptions
16:00 – Fixes & Mitigations Across LLM Vendors
18:30 – Why Some Vendors Were More Vulnerable Than Others
20:00 – Could High-End Adversaries Still Pull This Off?
24:00 – How API Users Can Protect Themselves
25:00 – Designing LLM Systems with Side Channels in Mind
Guests: Jonathan (JBO) Bar Or, Principal Security Researcher, Microsoft Threat Intelligence, who just joined CrowdStrike
Hosts: Elliot Volkman & Neal Dennis