LoREnc protects foundation model weights from extraction by injecting noise into the FM that cancels out in the LoRA adapter — the fine-tuned output stays intact while FM weights remain obfuscated.<br>Accepted at ICIP 2026.</p>\n","updatedAt":"2026-05-23T01:20:44.695Z","author":{"_id":"5f30cb567e583543386213f5","avatarUrl":"https://cdn-avatars.huggingface.co/v1/production/uploads/5f30cb567e583543386213f5/JNm0YjRB23hiVvR_vcHub.jpeg","fullname":"Beomjin Ahn","name":"beomjin-ahn","type":"user","isPro":false,"isHf":false,"isHfAdmin":false,"isMod":false,"isUserFollowing":false}},"numEdits":1,"identifiedLanguage":{"language":"en","probability":0.8537040948867798},"editors":["beomjin-ahn"],"editorAvatarUrls":["https://cdn-avatars.huggingface.co/v1/production/uploads/5f30cb567e583543386213f5/JNm0YjRB23hiVvR_vcHub.jpeg"],"reactions":[],"isReport":false}},{"id":"6a11065d9e442908e25c1ee4","author":{"_id":"63d3e0e8ff1384ce6c5dd17d","avatarUrl":"https://cdn-avatars.huggingface.co/v1/production/uploads/1674830754237-63d3e0e8ff1384ce6c5dd17d.jpeg","fullname":"Librarian Bot (Bot)","name":"librarian-bot","type":"user","isPro":false,"isHf":false,"isHfAdmin":false,"isMod":false,"followerCount":358,"isUserFollowing":false},"createdAt":"2026-05-23T01:43:57.000Z","type":"comment","data":{"edited":false,"hidden":false,"latest":{"raw":"This is an automated message from the [Librarian Bot](https://huggingface.co/librarian-bots). I found the following papers similar to this paper. \n\nThe following papers were recommended by the Semantic Scholar API \n\n* [FedSpy-LLM: Towards Scalable and Generalizable Data Reconstruction Attacks from Gradients on LLMs](https://huggingface.co/papers/2604.06297) (2026)\n* [Toward Efficient Membership Inference Attacks against Federated Large Language Models: A Projection Residual Approach](https://huggingface.co/papers/2604.21197) (2026)\n* [SafeLM: Unified Privacy-Aware Optimization for Trustworthy Federated Large Language Models](https://huggingface.co/papers/2604.16606) (2026)\n* [DurableUn: Quantization-Induced Recovery Attacks in Machine Unlearning](https://huggingface.co/papers/2605.02196) (2026)\n* [FedDetox: Robust Federated SLM Alignment via On-Device Data Sanitization](https://huggingface.co/papers/2604.06833) (2026)\n* [Towards Privacy-Preserving Large Language Model: Text-free Inference Through Alignment and Adaptation](https://huggingface.co/papers/2604.06831) (2026)\n* [Breaking Euston: Recovering Private Inputs from Secure Inference by Exploiting Subspace Leakage](https://huggingface.co/papers/2604.17238) (2026)\n\n\n Please give a thumbs up to this comment if you found it helpful!\n\n If you want recommendations for any Paper on Hugging Face checkout [this](https://huggingface.co/spaces/librarian-bots/recommend_similar_papers) Space\n\n You can directly ask Librarian Bot for paper recommendations by tagging it in a comment: `@librarian-bot recommend`","html":"<p>This is an automated message from the <a href=\"https://huggingface.co/librarian-bots\">Librarian Bot</a>. I found the following papers similar to this paper. </p>\n<p>The following papers were recommended by the Semantic Scholar API </p>\n<ul>\n<li><a href=\"https://huggingface.co/papers/2604.06297\">FedSpy-LLM: Towards Scalable and Generalizable Data Reconstruction Attacks from Gradients on LLMs</a> (2026)</li>\n<li><a href=\"https://huggingface.co/papers/2604.21197\">Toward Efficient Membership Inference Attacks against Federated Large Language Models: A Projection Residual Approach</a> (2026)</li>\n<li><a href=\"https://huggingface.co/papers/2604.16606\">SafeLM: Unified Privacy-Aware Optimization for Trustworthy Federated Large Language Models</a> (2026)</li>\n<li><a href=\"https://huggingface.co/papers/2605.02196\">DurableUn: Quantization-Induced Recovery Attacks in Machine Unlearning</a> (2026)</li>\n<li><a href=\"https://huggingface.co/papers/2604.06833\">FedDetox: Robust Federated SLM Alignment via On-Device Data Sanitization</a> (2026)</li>\n<li><a href=\"https://huggingface.co/papers/2604.06831\">Towards Privacy-Preserving Large Language Model: Text-free Inference Through Alignment and Adaptation</a> (2026)</li>\n<li><a href=\"https://huggingface.co/papers/2604.17238\">Breaking Euston: Recovering Private Inputs from Secure Inference by Exploiting Subspace Leakage</a> (2026)</li>\n</ul>\n<p> Please give a thumbs up to this comment if you found it helpful!</p>\n<p> If you want recommendations for any Paper on Hugging Face checkout <a href=\"https://huggingface.co/spaces/librarian-bots/recommend_similar_papers\">this</a> Space</p>\n<p> You can directly ask Librarian Bot for paper recommendations by tagging it in a comment: <code><span class=\"SVELTE_PARTIAL_HYDRATER contents\" data-target=\"UserMention\" data-props=\"{&quot;user&quot;:&quot;librarian-bot&quot;}\"><span class=\"inline-block\"><span class=\"contents\"><a href=\"/librarian-bot\">@<span class=\"underline\">librarian-bot</span></a></span> </span></span> recommend</code></p>\n","updatedAt":"2026-05-23T01:43:57.567Z","author":{"_id":"63d3e0e8ff1384ce6c5dd17d","avatarUrl":"https://cdn-avatars.huggingface.co/v1/production/uploads/1674830754237-63d3e0e8ff1384ce6c5dd17d.jpeg","fullname":"Librarian Bot (Bot)","name":"librarian-bot","type":"user","isPro":false,"isHf":false,"isHfAdmin":false,"isMod":false,"followerCount":358,"isUserFollowing":false}},"numEdits":0,"identifiedLanguage":{"language":"en","probability":0.7366310358047485},"editors":["librarian-bot"],"editorAvatarUrls":["https://cdn-avatars.huggingface.co/v1/production/uploads/1674830754237-63d3e0e8ff1384ce6c5dd17d.jpeg"],"reactions":[{"reaction":"👍","users":["beomjin-ahn"],"count":1}],"isReport":false}}],"primaryEmailConfirmed":false,"paper":{"id":"2605.13163","authors":[{"_id":"6a1051ffa53a61ce2e422fc0","user":{"_id":"5f30cb567e583543386213f5","avatarUrl":"https://cdn-avatars.huggingface.co/v1/production/uploads/5f30cb567e583543386213f5/JNm0YjRB23hiVvR_vcHub.jpeg","isPro":false,"fullname":"Beomjin Ahn","user":"beomjin-ahn","type":"user","name":"beomjin-ahn"},"name":"Beomjin Ahn","status":"claimed_verified","statusLastChangedAt":"2026-05-22T15:59:09.885Z","hidden":false},{"_id":"6a1051ffa53a61ce2e422fc1","name":"Jungmin Kwon","hidden":false},{"_id":"6a1051ffa53a61ce2e422fc2","name":"Chanyong Jung","hidden":false},{"_id":"6a1051ffa53a61ce2e422fc3","name":"Jaewook Chung","hidden":false}],"publishedAt":"2026-05-13T00:00:00.000Z","submittedOnDailyAt":"2026-05-22T00:00:00.000Z","title":"LoREnc: Low-Rank Encryption for Securing Foundation Models and LoRA Adapters","submittedOnDailyBy":{"_id":"5f30cb567e583543386213f5","avatarUrl":"https://cdn-avatars.huggingface.co/v1/production/uploads/5f30cb567e583543386213f5/JNm0YjRB23hiVvR_vcHub.jpeg","isPro":false,"fullname":"Beomjin Ahn","user":"beomjin-ahn","type":"user","name":"beomjin-ahn"},"summary":"Foundation models and low-rank adapters enable efficient on-device generative AI but raise risks such as intellectual property leakage and model recovery attacks. Existing defenses are often impractical because they require retraining or access to the original dataset. We propose LoREnc, a training-free framework that secures both FMs and adapters via spectral truncation and compensation. LoREnc suppresses dominant low-rank components of FM weights, compensates for the missing information in authorized adapters, and further applies orthogonal reparameterization to obscure structural fingerprints of the protected adapter. Unauthorized users produce structurally collapsed outputs, while authorized users recover exact performance. Experiments demonstrate that LoREnc provides strong protection against model recovery with under 1% computational overhead.","upvotes":6,"discussionId":"6a105200a53a61ce2e422fc4","ai_summary":"LoREnc secures foundation models and low-rank adapters through spectral truncation and compensation techniques that prevent unauthorized model recovery while maintaining performance for authorized users.","ai_keywords":["foundation models","low-rank adapters","spectral truncation","compensation","orthogonal reparameterization","model recovery attacks","computational overhead"],"organization":{"_id":"686df54910a52f2c2cf03c06","name":"SamsungResearch","fullname":"Samsung Research","avatar":"https://cdn-avatars.huggingface.co/v1/production/uploads/60ffc3e62403168abcae811d/lBrkzrpjrJ8k-3CGLKRLr.jpeg"}},"canReadDatabase":false,"canManagePapers":false,"canSubmit":false,"hasHfLevelAccess":false,"upvoted":false,"upvoters":[{"_id":"5f30cb567e583543386213f5","avatarUrl":"https://cdn-avatars.huggingface.co/v1/production/uploads/5f30cb567e583543386213f5/JNm0YjRB23hiVvR_vcHub.jpeg","isPro":false,"fullname":"Beomjin Ahn","user":"beomjin-ahn","type":"user"},{"_id":"6a1103b2acc263608060551a","avatarUrl":"/avatars/62e61588e5cf63a36ec9b622feab94a1.svg","isPro":false,"fullname":"Wan Chang","user":"Kinsup","type":"user"},{"_id":"6a1108b3d1d6b695025a569d","avatarUrl":"/avatars/1a17a2d2df2e0a06c8d06e5b622692f0.svg","isPro":false,"fullname":"Nijika Ken","user":"kenhome","type":"user"},{"_id":"630a3bc2a58e1be42eba802d","avatarUrl":"/avatars/19252672f4c5bfa5f92c5378f1cc6ea4.svg","isPro":false,"fullname":"Jungmin Kwon","user":"jungmin-kwon","type":"user"},{"_id":"6a11199b106d74fadc5de82d","avatarUrl":"/avatars/c175000131f6caa02fc70fc005a0099a.svg","isPro":false,"fullname":"Wonho Shin","user":"sexybeaver","type":"user"},{"_id":"69ccfe9c534c90289464f896","avatarUrl":"/avatars/991d249cbec681ee3b4c4000f67dbf41.svg","isPro":false,"fullname":"渡辺 翔太","user":"auroraclark5","type":"user"}],"acceptLanguages":["en"],"dailyPaperRank":0,"organization":{"_id":"686df54910a52f2c2cf03c06","name":"SamsungResearch","fullname":"Samsung Research","avatar":"https://cdn-avatars.huggingface.co/v1/production/uploads/60ffc3e62403168abcae811d/lBrkzrpjrJ8k-3CGLKRLr.jpeg"},"markdownContentUrl":"https://huggingface.co/buckets/huggingchat/papers-content/resolve/2605/2605.13163.md"}">

Get this paper in your agent:

Don't have the latest CLI?

Cite arxiv.org/abs/2605.13163 in a model README.md to link it from this page.

Cite arxiv.org/abs/2605.13163 in a dataset README.md to link it from this page.

Cite arxiv.org/abs/2605.13163 in a Space README.md to link it from this page.

Add this paper to a collection to link it from this page.