Fooling around with encrypted reasoning blobs
Summary
Cryptography researcher Matthew Green explores encrypted reasoning blocks in frontier LLM APIs, showing that reasoning data is cryptographically protected yet may be replayable or leak via side channels. The post outlines how these encrypted blobs are transmitted, potential attack vectors (replays and timing/length side channels), and practical recommendations for providers to harden key management and for developers to sanitize inputs. It emphasizes privacy implications and the need for policy considerations around model reasoning data.