Paper 2024/1492
Multi-Designated Detector Watermarking for Language Models
Abstract
In this paper, we initiate the study of multi-designated detector watermarking (MDDW) for large language models (LLMs). This technique allows model providers to generate watermarked outputs from LLMs with two key properties: (i) only specific, possibly multiple, designated detectors can identify the watermarks, and (ii) there is no perceptible degradation in the output quality for ordinary users. We formalize the security definitions for MDDW and present a framework for constructing MDDW for any LLM using multi-designated verifier signatures (MDVS). Recognizing the significant economic value of LLM outputs, we introduce claimability as an optional security feature for MDDW, enabling model providers to assert ownership of LLM outputs within designated-detector settings. To support claimable MDDW, we propose a generic transformation converting any MDVS to a claimable MDVS. Our implementation of the MDDW scheme highlights its advanced functionalities and flexibility over existing methods, with satisfactory performance metrics.
Metadata
- Available format(s)
-
PDF
- Category
- Applications
- Publication info
- Preprint.
- Keywords
- WatermarkingClaimabilityOff-the-recordMulti-designated verifier signatureLanguage model
- Contact author(s)
-
zhahuang sjtu @ gmail com
gxzeng @ cs hku hk
mux @ pcl ac cn
wangy12 @ pcl ac cn
yuy @ pcl ac cn - History
- 2024-10-01: revised
- 2024-09-24: received
- See all versions
- Short URL
- https://ia.cr/2024/1492
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2024/1492,
author = {Zhengan Huang and Gongxian Zeng and Xin Mu and Yu Wang and Yue Yu},
title = {Multi-Designated Detector Watermarking for Language Models},
howpublished = {Cryptology {ePrint} Archive, Paper 2024/1492},
year = {2024},
url = {https://eprint.iacr.org/2024/1492}
}
