Let's talk about AI and end-to-end encryption

(blog.cryptographyengineering.com)

174 points chmaynard | 2 comments | 17 Jan 25 05:50 UTC | HN request time: 0.424s | source

Show context

lowbatt ◴[17 Jan 25 19:36 UTC] No.42742349[source]▶

Maybe a little off topic, but is there a way for a distributed app to connect to one of the LLM companies (OpenAI, etc.) without the unencrypted data hitting an in-between proxy server?

An app I'm building uses LLMs to process messages. I don’t want the unencrypted message to hit my server - and ideally I wouldn’t have the ability to decrypt it. But I can’t communicate directly from client -> LLM Service without leaking the API key.

replies(3): >>42742683 #>>42742892 #>>42743194 #

1. simonw ◴[17 Jan 25 20:05 UTC] No.42742683[source]▶

>>42742349 #

"But I can’t communicate directly from client -> LLM Service without leaking the API key."

There is a way you can do that right now: the OpenAI WebRTC API introduced the idea of an "ephemeral key": https://platform.openai.com/docs/guides/realtime-webrtc

This provides a way for your server to create a limited-time API key for a user which their browser can then use to talk to OpenAI's API directly without proxying through you.

I love this idea, but I want it for way more than just the WebRTC API, and I'd like it for other API providers too.

My ideal version would be a way to create an ephemeral API key that's only allowed to talk to a specific model with a specific pre-baked system prompt (and maybe tool configuration and suchlike) and that only works for a limited time and has a limited token budget.

replies(1): >>42742912 #

2. lowbatt ◴[17 Jan 25 20:28 UTC] No.42742912[source]▶

>>42742683 (TP) #

interesting, will check that out. thanks!

↑