Daode Zhang

Yu Lin, Qizhi Zhang, Wenqiang Ruan et al.

The rapid development of large language models (LLMs) has driven the widespread adoption of cloud-based LLM inference services, while also bringing prominent privacy risks associated with the transmission and processing of private data in remote inference. For privacy-preserving LLM inference technologies to be practically applied in industrial scenarios, three core requirements must be satisfied simultaneously: (1) Accuracy and efficiency losses should be minimized to mitigate degradation in service experience. (2) The inference process can be run on large-scale clusters consist of heterogeneous legacy xPUs. (3) Compatibility with existing LLM infrastructures should be ensured to reuse their engineering optimizations. To the best of our knowledge, none of the existing privacy-preserving LLM inference methods satisfy all the above constraints while delivering meaningful privacy guarantees. In this paper, we propose AloePri, the first privacy-preserving LLM inference method for industrial applications. AloePri protects both the input and output data by covariant obfuscation, which jointly transforms data and model parameters to achieve better accuracy and privacy. We carefully design the transformation for each model component to ensure inference accuracy and data privacy while keeping full compatibility with existing infrastructures of Language Model as a Service. AloePri has been integrated into an industrial system for the evaluation of mainstream LLMs. The evaluation on Deepseek-V3.1-Terminus model (671B parameters) demonstrates that AloePri causes accuracy loss of 0.0%~3.5% and exhibits efficiency equivalent to that of plaintext inference. Meanwhile, AloePri successfully resists state-of-the-art attacks, with less than 5\% of tokens recovered. To the best of our knowledge, AloePri is the first method to exhibit practical applicability to large-scale models in real-world systems.

Wenhua Gao, Li Yang, DaoDe Zhang et al.

In order to prevent eavesdropping and tampering, the network security protocols use a handshake with an asymmetric cipher to establish a session-specific shared key with which further communication is encrypted using a symmetric cipher. The commonly used asymmetric algorithms include public key encryption, key exchange and identity-based encryption(IBE). However, the network security protocols based on classic identity-based encryption do not have perfect forward security. To solve the problem, we construct the first quantum IBE (QIBE) scheme based on the learning with errors problem, and prove that our scheme is fully secure under the random oracle. Moreover, we construct the quantum circuit of our QIBE scheme and give an estimate of the quantum resource of our circuit including the numbers of Hadamard gate, phase gate, T gate, CNOT gate and the total qubits used in the circuit, and conclude that the quantum resources required by our scheme increase linearly with the number of bits of the encrypted quantum plaintext. Our scheme exhibits the following advantages: (i) The classic key generation center (KGC) system still can be used for our QIBE scheme to generate and distribute the secret identity keys so that the cost can be reduced when the scheme is implemented. The reason why the classic KGC can be used is that the public and private keys are in the form of classic bits. (ii) The network security protocols using a handshake with our QIBE scheme can provide perfect forward security. In our scheme, the ciphertext is transmitted in the form of a quantum state that is unknown to the adversary and therefore cannot be copied and stored. Thus, in the network security protocols based on our QIBE construction, the adversary cannot decrypt the previous quantum ciphertext to threat the previous session keys even if the identity secret key is threatened.