An attack aligns differently shuffled intermediate activations from secure Transformer inference queries to recover model weights with low error using roughly one dollar of queries.
How to generate and exchange secrets , year=
2 Pith papers cite this work. Polarity classification is still indexing.
2
Pith papers citing it
years
2026 2representative citing papers
A new distributed SGD algorithm integrates Paillier homomorphic encryption with heterogeneous random stepsizes and an attenuation factor to deliver privacy against honest-but-curious agents and eavesdroppers while converging almost surely to the optimum.
citing papers explorer
-
On the (In-)Security of the Shuffling Defense in the Transformer Secure Inference
An attack aligns differently shuffled intermediate activations from secure Transformer inference queries to recover model weights with low error using roughly one dollar of queries.
-
Privacy-Preserving Distributed Stochastic Optimization with Homomorphic Encryption and Heterogeneous Stepsizes
A new distributed SGD algorithm integrates Paillier homomorphic encryption with heterogeneous random stepsizes and an attenuation factor to deliver privacy against honest-but-curious agents and eavesdroppers while converging almost surely to the optimum.