This research reveals critical weaknesses in current LLM watermarking techniques, demonstrating how these security measures can be circumvented without modifying the generated text.

• Identifies fundamental flaws in distortion-free watermarking techniques
• Shows how watermarks can be spoofed or removed by adversaries with access to model APIs
• Demonstrates successful attacks against previously considered robust watermarking schemes
• Suggests improvements to create more resilient watermarking techniques

Why it matters: As AI-generated content becomes ubiquitous, reliable watermarking is essential for content attribution and misinformation prevention. These findings expose security vulnerabilities that must be addressed before widespread deployment.

Toward Breaking Watermarks in Distortion-free Large Language Models