CredID: Credible Multi-Bit Watermark for Large Language Models Identification
This work addresses identity recognition issues for LLM vendors and users to improve security and privacy, but it is incremental as it builds on existing watermarking techniques.
The paper tackles the problem of identifying large language models (LLMs) to address privacy and security concerns by proposing CredID, a credible multi-bit watermarking framework involving a trusted third party and multiple vendors, which enhances watermark credibility and efficiency without compromising text quality and achieves highly accurate identification among vendors.
Large Language Models (LLMs) are widely used in complex natural language processing tasks but raise privacy and security concerns due to the lack of identity recognition. This paper proposes a multi-party credible watermarking framework (CredID) involving a trusted third party (TTP) and multiple LLM vendors to address these issues. In the watermark embedding stage, vendors request a seed from the TTP to generate watermarked text without sending the user's prompt. In the extraction stage, the TTP coordinates each vendor to extract and verify the watermark from the text. This provides a credible watermarking scheme while preserving vendor privacy. Furthermore, current watermarking algorithms struggle with text quality, information capacity, and robustness, making it challenging to meet the diverse identification needs of LLMs. Thus, we propose a novel multi-bit watermarking algorithm and an open-source toolkit to facilitate research. Experiments show our CredID enhances watermark credibility and efficiency without compromising text quality. Additionally, we successfully utilized this framework to achieve highly accurate identification among multiple LLM vendors.