Ask HN: End-to-end encrypted LLM chat (open- and closed-model)

15 hours ago 1

I’m exploring a software layer—analogous to public/private-key crypto—so a user can converse with an LLM where prompts and responses remain unreadable to all intermediaries, including the model host. (I mean “cipher” in the cryptographic sense.)

Two cases: Open-weights model: ensure the operator still can’t read prompts/responses. Closed, hosted model: true E2EE so even the provider can’t inspect content.

Topics we can discuss: Best near-term path: TEEs with attestation, FHE/HE, MPC/split inference, PIR for retrieval, differential privacy, or hybrids? How to handle key exchange/rotation for forward secrecy? Practical performance/accuracy limits (e.g., non-linearities, KV-cache, streaming)? Minimal viable architecture and realistic threat model? Any prior art or teams you’d point me to?

Please DM if you are interested in working with me.

Read Entire Article
  1. Homepage
  2. Technology
  3. Ask HN: End-to-end encrypted LLM chat (open- and closed-model)

Related

Casey Muratori: I can always tell a good programmer in an interview

Casey Muratori: I can always tell a good programmer in an in...

22 minutes ago 0
I Went All in on AI. The MIT Study Was Right

I Went All in on AI. The MIT Study Was Right

22 minutes ago 0
Elon Musk says he needs $1T to control Tesla's robot army

Elon Musk says he needs $1T to control Tesla's robot army

24 minutes ago 0
Hostinger Web Hosting