<ul><li>Researchers from MITRE and Worcester Polytechnic Institute published a paper on exploiting CPU cache side-channels to leak tokens from Large Language Models (LLMs).</li><li>The paper, titled 'Spill The Beans,' introduces a novel method to use cache side-channels to extract tokens generated by LLMs by detecting cache hits on shared lower-level caches.</li><li>Challenges include the large size of LLMs leading to quick eviction of embedding vectors from the cache, managed by balancing monitored tokens against potential leakage. The study demonstrates the feasibility of leaking tokens from LLMs via cache side-channels, highlighting vulnerabilities and suggesting implications for privacy and security.</li><li>Proof of concept experiments show recovery rates of 80%-90% for high entropy API keys and 40% for English text with single shot monitoring. Rates are dependent on the token set monitored and can be improved with specialization.</li></ul>

Cache Side-Channel Attacks On LLMs (MITRE, WPI)

Discover more