Technology
Hacker News

Codex starts encrypting prompts, uses ciphertext for inference instead

Source Entity

Hacker News

July 14, 2026
Codex starts encrypting prompts, uses ciphertext for inference instead

<a href="https://news.ycombinator.com/item?id=48905028">Comments</a>

The Dawn of Zero-Trust AI: Analyzing Codex's Shift to Ciphertext Inference

In a landmark move for data privacy in the age of Large Language Models (LLMs), Codex has begun encrypting user prompts and utilizing ciphertext for inference. Traditionally, AI models require data to be decrypted on the server side before the model can process the input and generate a response. This 'plaintext gap' has long been a primary security concern for enterprises and developers who fear that sensitive proprietary code or intellectual property could be exposed to the model provider or leaked through server-side vulnerabilities. By shifting to ciphertext inference, Codex is effectively attempting to close this gap, ensuring that the data remains encrypted not just in transit and at rest, but also during computation.

The Technical Paradigm: Homomorphic Encryption and Secure Enclaves

To achieve inference on ciphertext, Codex is likely leveraging advanced cryptographic techniques such as Fully Homomorphic Encryption (FHE) or Trusted Execution Environments (TEEs). FHE is a revolutionary form of encryption that allows mathematical operations to be performed on encrypted data without needing to decrypt it first; the result of these operations is also encrypted and can only be decrypted by the owner of the private key. In the context of Codex, this means the model can 'reason' over the encrypted prompt and generate an encrypted output without the server ever 'knowing' the actual content of the code or the query. This represents a fundamental shift from traditional TLS encryption, which only protects data while it moves across the network, to a model of 'computation-in-encryption.'

Addressing the Enterprise Trust Deficit

This development is a direct response to the growing tension between the utility of AI coding assistants and the stringent security requirements of the corporate world. For years, many Fortune 500 companies have banned or restricted the use of AI tools like GitHub Copilot or Codex due to the risk of 'data leakage,' where sensitive internal APIs or secret keys might be ingested into the model's training set or viewed by the provider. By implementing ciphertext inference, Codex removes the need for the user to trust the provider's internal security policies. Instead, the security is guaranteed by the laws of mathematics. This move is likely to accelerate the adoption of AI in highly regulated sectors such as finance, healthcare, and defense, where data sovereignty is non-negotiable.

Performance Trade-offs and Computational Overhead

Despite the security benefits, the transition to encrypted inference is not without significant challenges. Historically, Homomorphic Encryption has been computationally expensive, often resulting in latency that is orders of magnitude slower than plaintext processing. The fact that Codex is implementing this suggests either a massive breakthrough in FHE optimization or the use of a hybrid approach involving hardware-level isolation (such as Intel SGX or AWS Nitro Enclaves). If Codex has successfully minimized the latency overhead, it sets a new industry benchmark, proving that high-performance AI can coexist with absolute data privacy. The industry will now be watching closely to see if this affects the 'token-per-second' generation speed or increases the cost of compute.

Broader Implications for the LLM Ecosystem

Codex's move creates a powerful competitive pressure on other AI giants like OpenAI, Google, and Anthropic. As 'Privacy-Preserving Machine Learning' (PPML) becomes a tangible product feature rather than a theoretical research paper, users will begin to demand similar guarantees across all AI interactions. We are likely to see a trend where the 'black box' nature of AI is mitigated by cryptographic proofs. This could lead to a future where AI models are treated as 'blind processors'—entities that provide immense intelligence and utility without ever having access to the actual identity or specific secrets of the data they are processing.

Conclusion: A New Standard for Digital Sovereignty

In summary, the introduction of ciphertext inference in Codex is more than just a feature update; it is a paradigm shift toward digital sovereignty. By decoupling the ability to process information from the ability to read it, Codex is redefining the relationship between the user and the AI provider. While the technical hurdles of latency and compute cost remain, the strategic advantage of offering a 'zero-knowledge' inference engine is immense. This evolution marks the beginning of an era where the fear of data exposure no longer hinders the integration of artificial intelligence into the most sensitive layers of global infrastructure.

Verification Required?

Read the full report from the primary source

Go to Hacker News