This research reveals critical security vulnerabilities in multi-user LLM serving systems through timing side channels in shared caches.

• Identified novel timing side channels that can leak confidential information
• Demonstrated practical attack methods against popular LLM serving frameworks
• Proposed defense mechanisms to mitigate these privacy risks
• Highlighted the security-performance tradeoff in LLM system design

These findings are crucial for organizations deploying LLMs in multi-tenant environments, as they reveal how optimization techniques focused solely on performance can inadvertently compromise data privacy and security.

The Early Bird Catches the Leak: Unveiling Timing Side Channels in LLM Serving Systems