Comment by pizza

You could do steganography with this. There's work on getting a language model to re-word an innocuous cover-text by using a minimum-entropy, key-derived distortion of the probability distribution that is used to sample words. Then, if you use the same model on the receiver side, and have the key, you can decode the covertext back into the ciphertext. This also works with images, too. https://openreview.net/forum?id=HQ67mj5rJdR