ArXiv Preprint – Jailbreaking Black Box Large Language Models in Twenty Queries

In this episode we discuss Jailbreaking Black Box Large Language Models in Twenty Queries
by Patrick Chao, Alexander Robey, Edgar Dobriban, Hamed Hassani, George J. Pappas, Eric Wong. The paper introduces an algorithm called Prompt Automatic Iterative Refinement (PAIR) that generates “jailbreaks” for large language models (LLMs) using only black-box access. PAIR leverages an attacker LLM to automatically create vulnerabilities for a targeted LLM without human intervention. The algorithm requires fewer than twenty queries to create a jailbreak and achieves competitive success rates on different LLMs, including GPT-3.5/4. The research aims to identify weaknesses in LLMs to enhance their safety and prevent potential misuse.