Data Leaks
What Is a Data Leak in GenAI?β
A data leak in GenAI refers to any situation where sensitive, private, or regulated data is unintentionally exposed to the LLM β either in its input, training context, or output.
This includes:
- IP addresses
- API keys and secrets
- JWTs and tokens
- Credentials and user-provided secrets
- Personally Identifiable Information (PII)
Once data enters the model, it becomes difficult to control where it goes β it may appear in outputs, logs, embeddings, or future completions.
π³οΈ Common Sources of Data Leaksβ
| Source | Example |
|---|---|
| User Input | βMy token is sk-test-xyz123β |
| RAG Content | Documents with IPs, internal domains, or credentials |
| System Messages | Logs, stack traces, or responses passed to the model |
| Prompt Engineering | Hidden memory containing past user secrets |
β οΈ Why Itβs Riskyβ
- Models do not differentiate between public and private data
- Masking or redaction after the fact is not reliable
- Leaked data may violate GDPR, HIPAA, SOC 2, or company policy
- A single exposure may compromise system integrity or user trust
π‘οΈ How DTX Guard Prevents Data Leaksβ
DTX Guard uses Homomorphic Masking (Hasking) to transparently replace sensitive information before the prompt reaches the LLM.
This technique ensures:
- The LLM never sees raw data
- Inputs remain logically consistent
- Outputs are reassembled post-inference
𧱠Homomorphic Masking (DLP)β
DTX Guard uses homomorphic masking to protect sensitive data without breaking LLM understanding.
Instead of removing or redacting data, it replaces sensitive values (like IPs, keys, tokens) with consistent and meaningful substitutes β enabling the LLM to infer, compare, and reason as if the original values were present.
π Note: The replacements are not generic placeholders like
"{{MASK_1}}". Instead, they are realistic, consistent equivalents (e.g., other internal IP addresses or structurally correct keys) β so that the model behaves naturally.
Key Propertiesβ
| Feature | Description |
|---|---|
| Consistent Substitution | Same sensitive input β same masked output across prompts |
| LLM-Compatible | Masked data retains structural patterns (e.g., IPs look like IPs) |
| Reversible | Each transformation is tied to a context_id so original values can be restored post-response |
𧬠Example Flowβ
| Step | Description |
|---|---|
| 1 | Input: "Login to 10.0.0.1 with admin:secret123" |
| 2 | Masked: "Login to 10.10.30.40 with user:zxcv0987" |
| 3 | LLM Response: "Access 10.10.30.40 failed with user:zxcv0987" |
| 4 | Final Output: "Access 10.0.0.1 failed with admin:secret123" |
This ensures the model sees valid but safe data β and your system regains control before any output is shown to the user.
π§ͺ API Exampleβ
Step 1: Mask the Dataβ
POST /v2/hask
{
"text": "Server IP is 172.31.25.5, token is sk-prod-abc123"
}
Response:
{
"output": "Server IP is 10.240.0.1, token is sk-prod-zzx998",
"context_id": "ctx-8ff2a91b"
}
Step 2: Unmask After Model Responseβ
POST /v2/dehask
{
"text": "Connected to 10.240.0.1 using sk-prod-zzx998",
"context_id": "ctx-8ff2a91b"
}
Response:
{
"output": "Connected to 172.31.25.5 using sk-prod-abc123"
}
π Python SDK Exampleβ
from dtx_prompt_guard_client.dlp import DLPClient, HaskInput, DehaskInput
dlp = DLPClient(base_url="http://localhost:8000")
# Step 1: Mask sensitive input
text = "API call to 192.168.1.10 with token: abc123"
masked = dlp.hask(HaskInput(text=text))
print("Masked:", masked.output)
# Step 2: Use masked.output in LLM prompt...
# Step 3: Unmask response
response_text = f"Response from {masked.output}"
dehasked = dlp.dehask(DehaskInput(
text=response_text,
context_id=masked.context_id
))
print("Final Output:", dehasked.output)
β When to Use Thisβ
| Use Case | Reason |
|---|---|
| Public-facing LLM UIs | Prevent users from unintentionally exposing secrets |
| Support tools / security analysis | Handle sensitive logs, credentials, IPs securely |
| RAG + internal documents | Automatically sanitize input content |
| Compliant Environments (HIPAA) | Data never leaves your boundary unmasked |