PRAG End-to-End Privacy-Preserving Retrieval-Augmented Generation

Proceedings of the 33rd ACM International Conference on the Foundations of Software Engineering

Evidencebot: A privacy-preserving, customizable rag-based tool for enhancing large language model interactions

N. I. Khan, V. Filkov

Published: 2025

2025 IEEE/CIC International Conference on Communications in China (ICCC)

Privacy-preserving llm-based rag with split inference and masked privacy recovery

Y. Wei, P. Xia, Y. Ni, J. Li

Published: 2025

Proceedings of the 33rd ACM International Conference on Information and Knowledge Management

Generative ai and retrieval-augmented generation (rag) systems for enterprise

A. Xu, T. Yu, M. Du, P. Gundecha, Y. Guo, X. Zhu, M. Wang, P. Li, X. Chen

Published: 2024

Frontiers in Artificial Intelligence Research

Rag-based ai agents for enterprise software development: Implementation patterns and production deployment

X. Zhao, T. Sun, S. Ren, J. Yang, Y. Liu

Published: 2025

Proceedings of the 4th International Workshop on Knowledge-Augmented Methods for Natural Language Processing

Ekrag: Benchmark rag for enterprise knowledge question answering

T. Yu, W. Zhou, L. Leiyang, A. Shukla, M. Mmadugula, P. Gundecha, N. Burnett, A. Xu, V. Viseth, T. Tbar

Published: 2025

2025 IEEE/ACM Conference on Connected Health: Applications, Systems and Engineering Technologies (CHASE)

Privacy-preserving medical advising system on mobile devices: On-device phi anonymization, medical report retrieval, and cloud-based rag

T. B. Weerasekara, C. Chandeepa, O. S. Amarasuriya, C. Hettiarachchi

Published: 2025

Findings of the Association for Computational Linguistics: ACL 2025

Remoterag: A privacy-preserving llm cloud rag service

Y. Cheng, L. Zhang, J. Wang, M. Yuan, Y. Yao

Published: 2025

Amazon.com, Inc.

Knowledge bases for amazon bedrock

Alibaba Group Holding Limited

Mother of all breaches (moab) reveals 26 billion records

C. Team

Published: 2024

Western Sydney University

Cyber incident update: October 23, 2025

Western Sydney University

Published: 2025

Cybernews

Huawei source code and data breach reported

G. Radauskas

Published: 2025

Forbes

13 billion unique passwords exposed in extensive data leak

Z. Doffman

Published: 2025

BleepingComputer

Sedgwick confirms breach at government contractor subsidiary

L. Abrams

Published: 2026

2025 IEEE Conference on Artificial Intelligence (CAI)

Rag with differential privacy

N. Grislain

Published: 2025

Privacy-preserving retrieval-augmented generation with differential privacy

T. Koga, R. Wu, Z. Zhang, K. Chaudhuri

Published: 2024

2024 IEEE 48th Annual Computers, Software, and Applications Conference (COMPSAC)

Textual differential privacy for context-aware reasoning with large language model

J. Yu, J. Zhou, Y. Ding, L. Zhang, Y. Guo, H. Sato

Published: 2024

29th USENIX Security Symposium (USENIX Security 20)

SANNS: Scaling up secure approximate k-Nearest neighbors search

H. Chen, I. Chillotti, Y. Dong, O. Poburinnaya, I. Razenshteyn, M. S. Riazi

Published: 2020

Proceedings of the 29th Symposium on Operating Systems Principles

Private web search with tiptoe

A. Henzinger, E. Dauterman, H. Corrigan-Gibbs, N. Zeldovich

Published: 2023

IACR Cryptol. ePrint Arch.

Pacmann: Efficient private approximate nearest neighbor search

M. Zhou, E. Shi, G. Fanti

Published: 2024

arXiv preprint

Fortify your foundations: Practical privacy and security for foundation model deployments in the cloud

M. Chrapek, A. Vahldiek-Oberwagner, M. Spoczynski, S. Constable, M. Vij, T. Hoefler

Published: 2024

IEEE Access

Toward efficient encrypted image retrieval in cloud environment

Z. Huang, M. Zhang, Y. Zhang

Published: 2019

IEEE Transactions on Dependable and Secure Computing

Achieving efficient and privacy-preserving exact set similarity search over encrypted data

Y. Zheng, R. Lu, Y. Guan, J. Shao, H. Zhu

Published: 2020

IEEE Transactions on Information Forensics and Security

Secure and efficient similarity retrieval in cloud computing based on homomorphic encryption

N. Wang, W. Zhou, J. Wang, Y. Guo, J. Fu, J. Liu

Published: 2024

IEEE Transactions on Dependable and Secure Computing

Efficient private comparison queries over encrypted databases using fully homomorphic encryption with finite fields

B. H. M. Tan, H. T. Lee, H. Wang, S. Ren, K. M. M. Aung

Published: 2021

Proc. IEEE Conference on Data Engineering (ICDE’19)

Insecurity and hardness of nearest neighbor queries over encrypted data

R. Li, A. X. Liu, Y. Liu, H. Xu, H. Yuan

Published: 2019

IEEE Transactions on Information Forensics and Security

Msecknn: Maliciously secure outsourced knn classification under multiple distance metrics

Z. Li, H. Wang, W. Zhang, Y. Su, W. Susilo

Published: 2025

IEEE Transactions on Cloud Computing

Secure knn for distributed cloud environment using fully homomorphic encryption

Y. Fukuchi, S. Hashimoto, K. Sakai, S. Fukumoto, M.-T. Sun, W.-S. Ku

Published: 2025

Advances in Cryptology–EUROCRYPT 2021, Part I 40. Springer

High-precision bootstrapping of rns-ckks homomorphic encryption using optimal minimax polynomial approximation and inverse sine function

J.-W. Lee, E. Lee, Y. Lee, Y.-S. Kim, J.-S. No

Published: 2021

Advances in Cryptology – EUROCRYPT 2024

Bootstrapping bits with ´ ckks

S. Bae, J. H. Cheon, A. Kim, D. Stehle

Published: 2024

CoRR

Lost in the Middle: How Language Models Use Long Contexts

Nelson F. Liu, Kevin Lin, John Hewitt, Ashwin Paranjape, Michele Bevilacqua, Fabio Petroni, Percy Liang

Published: 2023

In defense of rag in the era of long-context language models

T. Yu, A. Xu, R. Akkiraju

Published: 2024

arxiv

被引用数 1

Retrieval-Augmented Generation for Knowledge-Intensive NLP Tasks

Patrick Lewis, Ethan Perez, Aleksandra Piktus, Fabio Petroni, Vladimir Karpukhin, Naman Goyal, Heinrich Küttler, Mike Lewis, Wen-tau Yih, Tim Rocktäschel, Sebastian Riedel, Douwe Kiela

Published: 2020.5.23

Large pre-trained language models have been shown to store factual knowledge in their parameters, and achieve state-of-the-art results when fine-tuned on downstream NLP tasks. However, their ability to access and precisely manipulate knowledge is still limited, and hence on knowledge-intensive tasks, their performance lags behind task-specific architectures. Additionally, providing provenance for their decisions and updating their world knowledge remain open research problems. Pre-trained models with a differentiable access mechanism to explicit non-parametric memory can overcome this issue, but have so far been only investigated for extractive downstream tasks. We explore a general-purpose fine-tuning recipe for retrieval-augmented generation (RAG) -- models which combine pre-trained parametric and non-parametric memory for language generation. We introduce RAG models where the parametric memory is a pre-trained seq2seq model and the non-parametric memory is a dense vector index of Wikipedia, accessed with a pre-trained neural retriever. We compare two RAG formulations, one which conditions on the same retrieved passages across the whole generated sequence, the other can use different passages per token. We fine-tune and evaluate our models on a wide range of knowledge-intensive NLP tasks and set the state-of-the-art on three open domain QA tasks, outperforming parametric seq2seq models and task-specific retrieve-and-extract architectures. For language generation tasks, we find that RAG models generate more specific, diverse and factual language than a state-of-the-art parametric-only seq2seq baseline.

情報抽出手法 RAG 知識抽出手法

Proceedings of the 2023 Conference on Empirical Methods in Natural Language Processing

Active retrieval augmented generation

Zhengbao Jiang, Frank F Xu, Luyu Gao, Zhiqing Sun, Qian Liu, Jane Dwivedi-Yu, Yiming Yang, Jamie Callan, Graham Neubig

Published: 2023

Privacy implications of retrieval-based language models

Y. Huang, S. Gupta, Z. Zhong, K. Li, D. Chen

Published: 2023

arXiv preprint

The good and the bad: Exploring privacy issues in retrieval-augmented generation (rag)

S. Zeng, J. Zhang, P. He, Y. Xing, Y. Liu, H. Xu, J. Ren, S. Wang, D. Yin, Y. Chang

Published: 2024

ICASSP 2025-2025 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP)

Press: Defending privacy in retrieval-augmented generation via embedding space shifting

J. He, C. Liu, G. Hou, W. Jiang, J. Li

Published: 2025

arXiv preprint

Frag: Toward federated vector database management for collaborative and secure retrieval-augmented generation

D. Zhao

Published: 2024

D-rag: A privacy-preserving framework for decentralized rag using blockchain

T. E Andersen, A. M. Avalos, G. G Dagher, M. Long

Published: 2025

arxiv

被引用数 1

Computing Research Repository (CoRR)

Privacy-Aware RAG: Secure and Isolated Knowledge Retrieval

Pengcheng Zhou, Yinglun Feng, Zhongliang Yang

Published: 2025.3.17

The widespread adoption of Retrieval-Augmented Generation (RAG) systems in real-world applications has heightened concerns about the confidentiality and integrity of their proprietary knowledge bases. These knowledge bases, which play a critical role in enhancing the generative capabilities of Large Language Models (LLMs), are increasingly vulnerable to breaches that could compromise sensitive information. To address these challenges, this paper proposes an advanced encryption methodology designed to protect RAG systems from unauthorized access and data leakage. Our approach encrypts both textual content and its corresponding embeddings prior to storage, ensuring that all data remains securely encrypted. This mechanism restricts access to authorized entities with the appropriate decryption keys, thereby significantly reducing the risk of unintended data exposure. Furthermore, we demonstrate that our encryption strategy preserves the performance and functionality of RAG pipelines, ensuring compatibility across diverse domains and applications. To validate the robustness of our method, we provide comprehensive security proofs that highlight its resilience against potential threats and vulnerabilities. These proofs also reveal limitations in existing approaches, which often lack robustness, adaptability, or reliance on open-source models. Our findings suggest that integrating advanced encryption techniques into the design and deployment of RAG systems can effectively enhance privacy safeguards. This research contributes to the ongoing discourse on improving security measures for AI-driven services and advocates for stricter data protection standards within RAG architectures.

RAG 暗号学 RAGへのポイズニング攻撃

ACM Transactions on Multimedia Computing, Communications, and Applications (TOMM)

A format-compatible searchable encryption scheme for jpeg images using bag-of-words

Z. Xia, Q. Ji, Q. Gu, C. Yuan, F. Xiao

Published: 2022

Proc. ISOC Network and Distributed System Security Symposium (NDSS’14)

Practical dynamic searchable encryption with small leakage

E. Stefanov, C. Papamanthou, E. Shi

Published: 2014

Proc. Privacy Enhancing Technologies

Efficient dynamic searchable encryption with forward privacy

M. Etemad, A. Kupcu, C. Papamanthou, D. Evans

Published: 2018

IEEE Transactions on Information Forensics and Security

Dynamic searchable symmetric encryption with strong security and robustness

H. Dou, Z. Dan, P. Xu, W. Wang, S. Xu, T. Chen, H. Jin

Published: 2024

IEEE Internet of Things Journal

Enabling efficient privacy-preserving spatio-temporal location-based services for smart cities

Z. Li, J. Ma, Y. Miao, X. Wang, J. Li, C. Xu

Published: 2023

IEEE Transactions on Knowledge and Data Engineering

Efficient location-based skyline queries with secure r-tree over encrypted data

Z. Wang, X. Ding, J. Lu, L. Zhang, P. Zhou, K.-K. R. Choo, H. Jin

Published: 2023

Advances in Neural Information Processing Systems (NeurIPS’23)

Soar: Improved indexing for approximate nearest neighbor search

P. Sun, D. Simcha, D. Dopson, R. Guo, S. Kumar

Published: 2023

2025 34th International Conference on Parallel Architectures and Compilation Techniques (PACT)

Bit-level semantics: Scalable rag retrieval with neurosymbolic hyperdimensional computing

H. Lee, S. Jang, J. Gwak, J. Park, Y. Kim

Published: 2025

Proceedings of the 55th Annual Meeting of the Association for Computational Linguistics (Volume 1: Long Papers)

Triviaqa: A large scale distantly supervised challenge dataset for reading comprehension

Joshi, M., Choi, E., Weld, D.S., Zettlemoyer, L.

Published: 2017

31st USENIX Security Symposium (USENIX Security 22)

IHOP: Improved statistical query recovery against searchable symmetric encryption through quadratic optimization

S. Oya, F. Kerschbaum

Published: 2022

30th USENIX Security Symposium (USENIX Security 21)

A highly accurate query-recovery attack against searchable encryption using non-indexed documents

M. Damie, F. Hahn, A. Peter

Published: 2021

IEEE Symposium on Security and Privacy (S&P)

The state of the uniform: Attacks on encrypted databases beyond the uniform query distribution

E. M. Kornaropoulos, C. Papamanthou, R. Tamassia

Published: 2021

Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS)

Generic attacks on secure outsourced databases

G. Kellaris, G. Kollios, K. Nissim, A. O’Neill

Published: 2016