The Steganographic Potentials of Language Models

TL;DR

This paper investigates the ability of large language models to perform steganography, revealing that while current models have basic hiding capabilities, explicit guidance significantly improves their performance.

Contribution

The study demonstrates that fine-tuning LLMs with reinforcement learning enhances their steganographic abilities and explores their potential to hide reasoning in realistic scenarios.

Findings

Fine-tuned models show improved steganographic capacity.

Current models have rudimentary but improvable hiding abilities.

Explicit guidance markedly enhances concealment performance.

Abstract

The potential for large language models (LLMs) to hide messages within plain text (steganography) poses a challenge to detection and thwarting of unaligned AI agents, and undermines faithfulness of LLMs reasoning. We explore the steganographic capabilities of LLMs fine-tuned via reinforcement learning (RL) to: (1) develop covert encoding schemes, (2) engage in steganography when prompted, and (3) utilize steganography in realistic scenarios where hidden reasoning is likely, but not prompted. In these scenarios, we detect the intention of LLMs to hide their reasoning as well as their steganography performance. Our findings in the fine-tuning experiments as well as in behavioral non fine-tuning evaluations reveal that while current models exhibit rudimentary steganographic abilities in terms of security and capacity, explicit algorithmic guidance markedly enhances their capacity for information concealment.