Inferensys

Glossary

Homomorphic Encryption

A cryptographic method enabling computations on ciphertext, generating an encrypted result that, when decrypted, matches the result of operations performed on the plaintext.
Operations room with a large monitor wall for system visibility and control.
PRIVACY-PRESERVING COMPUTATION

What is Homomorphic Encryption?

A cryptographic paradigm enabling computation on ciphertexts, generating an encrypted result that, when decrypted, matches the output of operations performed directly on the plaintext.

Homomorphic encryption is a cryptographic scheme that allows computations to be performed directly on encrypted data without requiring access to a secret decryption key. The mathematical operations on the ciphertext produce an encrypted result that, when decrypted, yields the same output as if the computations had been executed on the original, unencrypted plaintext.

This property enables a fundamental shift in data security architecture, allowing untrusted third parties—such as cloud compute providers—to process sensitive information without ever exposing the underlying data. The three primary classifications are partially homomorphic encryption (PHE), supporting only addition or multiplication; somewhat homomorphic encryption (SHE), supporting limited operations; and fully homomorphic encryption (FHE), supporting arbitrary computation on ciphertexts.

CRYPTOGRAPHIC PRIMITIVES

Core Properties of Homomorphic Encryption

Homomorphic encryption derives its power from a set of distinct mathematical properties that define what operations can be performed on ciphertexts. Understanding these core classifications is essential for selecting the right scheme for a given privacy-preserving computation task.

01

Partially Homomorphic Encryption (PHE)

Supports unlimited operations of a single type—either addition or multiplication, but not both—on ciphertexts. This limitation makes PHE schemes extremely efficient and practical for specific, well-defined use cases.

  • RSA Encryption: The original multiplicative homomorphic scheme. Encrypting two messages and multiplying their ciphertexts yields an encryption of the product of the plaintexts.
  • Paillier Cryptosystem: A widely used additive homomorphic scheme. The sum of two ciphertexts decrypts to the sum of the plaintexts, making it ideal for encrypted vote tallying and private financial aggregation.
  • Use Case: Secure e-voting systems where individual votes are encrypted and the final tally is computed without ever decrypting a single ballot.
1978
RSA Invention Year
1999
Paillier Scheme Published
02

Somewhat Homomorphic Encryption (SHE)

Permits both addition and multiplication on ciphertexts, but only for circuits of limited depth. Each operation introduces a small amount of noise into the ciphertext, and once this noise exceeds a threshold, decryption fails.

  • Noise Budget: The core constraint in SHE. Every homomorphic multiplication roughly squares the noise, causing it to grow exponentially with circuit depth.
  • Bounded Depth: SHE can evaluate low-degree polynomials but cannot handle arbitrary computations requiring deep multiplication chains.
  • Historical Significance: Early SHE schemes like BGN (Boneh-Goh-Nissim, 2005) proved that computing on encrypted data was possible, paving the way for fully homomorphic encryption.
2005
First SHE Scheme (BGN)
04

Leveled Fully Homomorphic Encryption

A practical variant of FHE that can evaluate circuits up to a pre-determined multiplicative depth without bootstrapping. By setting parameters large enough for the target computation, leveled FHE avoids the massive computational overhead of bootstrapping.

  • Parameter Selection: The scheme's parameters are chosen based on the known depth of the circuit to be evaluated. No bootstrapping step is required if the noise budget is sufficient from the start.
  • BGV and BFV Schemes: The Brakerski-Gentry-Vaikuntanathan (BGV) and Brakerski-Fan-Vercauteren (BFV) schemes are the dominant leveled FHE constructions, excelling at integer arithmetic and SIMD-style packed operations.
  • Efficiency Trade-off: Leveled FHE is significantly faster than pure FHE for computations with a known, fixed depth, making it the preferred choice for many practical deployments like private inference on neural networks.
2011
BGV Scheme Introduced
Thousands
SIMD Slots per Ciphertext
05

Circuit Privacy

A property ensuring that the evaluated ciphertext reveals no information about the function that was computed, only the result. Standard homomorphic evaluation leaks the circuit topology; circuit privacy hides it.

  • The Problem: In standard FHE, an evaluator can see the sequence of operations applied. If the function itself is proprietary (e.g., a fraud detection model), this leaks intellectual property.
  • The Solution: Techniques like noise flooding or re-randomization after evaluation ensure the output ciphertext is statistically indistinguishable from a fresh encryption of the result, regardless of the circuit evaluated.
  • Application: Critical for scenarios where a client sends encrypted data to a server holding a proprietary machine learning model. Circuit privacy protects the model's architecture and weights from the client.
06

Multi-Key Homomorphic Encryption

Extends FHE to allow computation on ciphertexts encrypted under different public keys. The result is a ciphertext that can only be decrypted through a collaborative protocol involving all parties whose keys were used.

  • Threshold Decryption: The final ciphertext requires a joint decryption protocol where all key holders participate. No single party can decrypt the result alone.
  • Collaborative Analytics: Enables multiple distrusting organizations to jointly compute on their combined encrypted datasets without revealing individual inputs to each other or to a central third party.
  • MK-FHE Schemes: Constructions like the López-Alt, Tromer, and Vaikuntanathan (LTV) scheme and subsequent improvements enable this functionality, though with significant computational overhead compared to single-key FHE.
SCHEME CLASSIFICATION

Types of Homomorphic Encryption

Comparison of the three primary homomorphic encryption schemes based on supported operations, circuit depth, and performance characteristics.

FeaturePartially Homomorphic (PHE)Somewhat Homomorphic (SHE)Fully Homomorphic (FHE)

Supported Operations

Single operation type (addition or multiplication)

Both addition and multiplication

Both addition and multiplication

Circuit Depth

Unlimited for one operation

Limited depth

Unlimited depth

Arbitrary Computation

Ciphertext Size Overhead

1-2x plaintext

10-100x plaintext

1,000-10,000x plaintext

Computational Overhead

1-10x

100-1,000x

100,000-1,000,000x

Bootstrapping Required

Example Scheme

Paillier, ElGamal, RSA

BGV, BFV (without bootstrapping)

CKKS, TFHE, FHEW

Primary Use Case

Privacy-preserving aggregation, e-voting

Encrypted ML inference with fixed-depth networks

Arbitrary encrypted computation, private cloud processing

HOMOMORPHIC ENCRYPTION

Frequently Asked Questions

Clear, technically precise answers to the most common questions about performing computations on encrypted data without ever decrypting it.

Homomorphic encryption is a cryptographic paradigm that allows computations to be performed directly on ciphertext, generating an encrypted result that, when decrypted, matches the result of operations performed on the plaintext. It works by constructing encryption schemes where the encryption function is a homomorphism with respect to specific algebraic operations—meaning Enc(a) ⊗ Enc(b) = Enc(a ⊕ b) for some operations on ciphertexts and on plaintexts. The underlying mathematics relies on hard lattice problems like Ring Learning With Errors (RLWE), where noise is intentionally added to ciphertexts. Each homomorphic operation increases this noise, and if it exceeds a threshold, decryption fails. Modern schemes use bootstrapping—running the decryption circuit homomorphically—to reset noise levels and enable unlimited computations.

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.