SecureRAG: End-to-End Secure Retrieval-Augmented Generation

Amina Bassit; Vishnu Boddeti

SecureRAG: End-to-End Secure Retrieval-Augmented Generation

Amina Bassit, Vishnu Boddeti

Published: 12 Oct 2025, Last Modified: 13 Oct 2025GenAI4Health 2025 PosterEveryoneRevisionsBibTeXCC BY 4.0

Keywords: fully homomorphic encryption, retrieval-augmented generation, large language models, attribute-based encryption

TL;DR: RAG is widely used but faces privacy risks in sensitive domains; we provide an end-to-end secure RAG framework with strict access control, mitigating existing attacks.

Abstract: Retrieval-augmented generation (RAG) enhances large language models (LLMs) with external knowledge from databases but introduces privacy risks when handling sensitive information. Existing defenses fall short: differential privacy degrades accuracy and remains vulnerable to embedding inversion attacks, while fully homomorphic encryption (FHE) ensures security but lacks access control. We present SecureRAG, an end-to-end secure RAG framework that enforces strict access control while mitigating prompt injection data extraction and embedding inversion attacks. It achieves this by decoupling retrieval into secure search and secure document fetching, using FHE for encrypted search and attribute-based encryption (ABE) for fine-grained access control. SecureRAG supports dynamic database updates, adaptive access policies, and integrates seamlessly with FHE-friendly LLMs, adding only 0.05s of overhead. By providing a fully encrypted, privacy-preserving retrieval framework, SecureRAG enables the secure deployment of domain-specific chatbots in sensitive applications.

Submission Number: 4

Loading