work

This week was relatively uneventful. It was a very research-focused week, which is a lot of fun. I'm a little afraid that I may have too many projects ongoing simultaneously. Fortunately, they're all kind of going at different paces, so I don't expect to have to write five papers at the same time later this year. I am pretty pleased with most of the projects, but I'm also a little worried about getting scooped on some of our more popular projects.

Other than that, I'm working slowly on grant writing and some contract work, but there's nothing particularly interesting to report on that front. As a bit of an aside, I have been trying to "vibe-code" formal verification of some cryptography proofs, since I don't know anything about formal verification. It definitely has used a lot of tokens, but I think it's been making slow progress. Not sure if it would ever pan out into a paper, but should be a good learning experience either way.

non-work

After my dad left, there wasn't a lot that I did during the week. I was mostly just preparing for my long trip which started yesterday! I flew across the country with my cat to stay with my partner in San Diego for a few weeks. He did alright in the carrier, but it's a long flight. He's much happier now that he's here with our other cat. I'm glad they get along well and have fun playing :-). Looking forward to working from here for the next bit! There's a lot of fun stuff to do around here. So even though I'll have to take meetings remotely and in a different timezone, I'm grateful that my job gives me the flexibility to stay with her.

Other than that, my copy of The Rise and Fall of the Neoliberal Order expired before I could finish it. While I'm on the waitlist for that, I've been reading The Age of Extraction by Tim Wu. I don't think it's as interesting a read for me (comparatively), because I think it's a diagnosis of huge internet companies that I've heard before. There are still plenty of tidbits that I hadn't heard before, and it's always nice to get a somewhat different perspective on it. The book is short, so I should probably finish it this week. I'm only halfway through now, so I'll reserve my full judgment.

questions

• Have people run leakage-abuse type attacks against language model systems?
  • Matthew Green had a really great blog post about chain-of-thought blobs being sent in LLM API messages.
  • This seemed a little problematic -- especially since they were all encrypted under the same key and are subject to relay attacks. Could an adversary capture the blob and use it to have an LLM leak info?
  • I've also been curious about how RAG Learning could be a vulnerability. I don't know how it gets implemented in an API setting though.
  • I think if there's a real vulnerability there, it could also motivate even further Tiptoe-like work.
• Is it possible to preprocess a database to have faster hint generation in PIR with client-side preprocessing?
  • I've wondered this before, but on the plane I watched a great talk by Henry Corrigan-Gibbs about PIR, and he asked the same one.
  • I feel like combining client-side and server-side preprocessing must be the best way to achieve a more practical PIR.
  • He also pointed out that there are no "algebraic" client-side preprocessing schemes. I wonder how someone could do this too
• How much follow-up work is there on this paper?
  • I wonder if the techniques could be pushed further or applied to other encrypted data structures

Thanks for reading to the end! Here's a picture of our two cats excited to get some food this morning.