Homomorphic encryption is a cryptographic scheme that allows computations to be performed directly on encrypted data without requiring access to a secret decryption key. The mathematical operations on the ciphertext produce an encrypted result that, when decrypted, yields the same output as if the computations had been executed on the original, unencrypted plaintext.
Glossary
Homomorphic Encryption

What is Homomorphic Encryption?
A cryptographic paradigm enabling computation on ciphertexts, generating an encrypted result that, when decrypted, matches the output of operations performed directly on the plaintext.
This property enables a fundamental shift in data security architecture, allowing untrusted third parties—such as cloud compute providers—to process sensitive information without ever exposing the underlying data. The three primary classifications are partially homomorphic encryption (PHE), supporting only addition or multiplication; somewhat homomorphic encryption (SHE), supporting limited operations; and fully homomorphic encryption (FHE), supporting arbitrary computation on ciphertexts.
Core Properties of Homomorphic Encryption
Homomorphic encryption derives its power from a set of distinct mathematical properties that define what operations can be performed on ciphertexts. Understanding these core classifications is essential for selecting the right scheme for a given privacy-preserving computation task.
Partially Homomorphic Encryption (PHE)
Supports unlimited operations of a single type—either addition or multiplication, but not both—on ciphertexts. This limitation makes PHE schemes extremely efficient and practical for specific, well-defined use cases.
- RSA Encryption: The original multiplicative homomorphic scheme. Encrypting two messages and multiplying their ciphertexts yields an encryption of the product of the plaintexts.
- Paillier Cryptosystem: A widely used additive homomorphic scheme. The sum of two ciphertexts decrypts to the sum of the plaintexts, making it ideal for encrypted vote tallying and private financial aggregation.
- Use Case: Secure e-voting systems where individual votes are encrypted and the final tally is computed without ever decrypting a single ballot.
Somewhat Homomorphic Encryption (SHE)
Permits both addition and multiplication on ciphertexts, but only for circuits of limited depth. Each operation introduces a small amount of noise into the ciphertext, and once this noise exceeds a threshold, decryption fails.
- Noise Budget: The core constraint in SHE. Every homomorphic multiplication roughly squares the noise, causing it to grow exponentially with circuit depth.
- Bounded Depth: SHE can evaluate low-degree polynomials but cannot handle arbitrary computations requiring deep multiplication chains.
- Historical Significance: Early SHE schemes like BGN (Boneh-Goh-Nissim, 2005) proved that computing on encrypted data was possible, paving the way for fully homomorphic encryption.
Leveled Fully Homomorphic Encryption
A practical variant of FHE that can evaluate circuits up to a pre-determined multiplicative depth without bootstrapping. By setting parameters large enough for the target computation, leveled FHE avoids the massive computational overhead of bootstrapping.
- Parameter Selection: The scheme's parameters are chosen based on the known depth of the circuit to be evaluated. No bootstrapping step is required if the noise budget is sufficient from the start.
- BGV and BFV Schemes: The Brakerski-Gentry-Vaikuntanathan (BGV) and Brakerski-Fan-Vercauteren (BFV) schemes are the dominant leveled FHE constructions, excelling at integer arithmetic and SIMD-style packed operations.
- Efficiency Trade-off: Leveled FHE is significantly faster than pure FHE for computations with a known, fixed depth, making it the preferred choice for many practical deployments like private inference on neural networks.
Circuit Privacy
A property ensuring that the evaluated ciphertext reveals no information about the function that was computed, only the result. Standard homomorphic evaluation leaks the circuit topology; circuit privacy hides it.
- The Problem: In standard FHE, an evaluator can see the sequence of operations applied. If the function itself is proprietary (e.g., a fraud detection model), this leaks intellectual property.
- The Solution: Techniques like noise flooding or re-randomization after evaluation ensure the output ciphertext is statistically indistinguishable from a fresh encryption of the result, regardless of the circuit evaluated.
- Application: Critical for scenarios where a client sends encrypted data to a server holding a proprietary machine learning model. Circuit privacy protects the model's architecture and weights from the client.
Multi-Key Homomorphic Encryption
Extends FHE to allow computation on ciphertexts encrypted under different public keys. The result is a ciphertext that can only be decrypted through a collaborative protocol involving all parties whose keys were used.
- Threshold Decryption: The final ciphertext requires a joint decryption protocol where all key holders participate. No single party can decrypt the result alone.
- Collaborative Analytics: Enables multiple distrusting organizations to jointly compute on their combined encrypted datasets without revealing individual inputs to each other or to a central third party.
- MK-FHE Schemes: Constructions like the López-Alt, Tromer, and Vaikuntanathan (LTV) scheme and subsequent improvements enable this functionality, though with significant computational overhead compared to single-key FHE.
Types of Homomorphic Encryption
Comparison of the three primary homomorphic encryption schemes based on supported operations, circuit depth, and performance characteristics.
| Feature | Partially Homomorphic (PHE) | Somewhat Homomorphic (SHE) | Fully Homomorphic (FHE) |
|---|---|---|---|
Supported Operations | Single operation type (addition or multiplication) | Both addition and multiplication | Both addition and multiplication |
Circuit Depth | Unlimited for one operation | Limited depth | Unlimited depth |
Arbitrary Computation | |||
Ciphertext Size Overhead | 1-2x plaintext | 10-100x plaintext | 1,000-10,000x plaintext |
Computational Overhead | 1-10x | 100-1,000x | 100,000-1,000,000x |
Bootstrapping Required | |||
Example Scheme | Paillier, ElGamal, RSA | BGV, BFV (without bootstrapping) | CKKS, TFHE, FHEW |
Primary Use Case | Privacy-preserving aggregation, e-voting | Encrypted ML inference with fixed-depth networks | Arbitrary encrypted computation, private cloud processing |
Frequently Asked Questions
Clear, technically precise answers to the most common questions about performing computations on encrypted data without ever decrypting it.
Homomorphic encryption is a cryptographic paradigm that allows computations to be performed directly on ciphertext, generating an encrypted result that, when decrypted, matches the result of operations performed on the plaintext. It works by constructing encryption schemes where the encryption function is a homomorphism with respect to specific algebraic operations—meaning Enc(a) ⊗ Enc(b) = Enc(a ⊕ b) for some operations ⊗ on ciphertexts and ⊕ on plaintexts. The underlying mathematics relies on hard lattice problems like Ring Learning With Errors (RLWE), where noise is intentionally added to ciphertexts. Each homomorphic operation increases this noise, and if it exceeds a threshold, decryption fails. Modern schemes use bootstrapping—running the decryption circuit homomorphically—to reset noise levels and enable unlimited computations.
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Related Terms
Homomorphic encryption is a powerful capability that relies on and is related to several other foundational cryptographic concepts. These terms define the ecosystem of privacy-preserving computation.
Fully Homomorphic Encryption (FHE)
The most powerful form of homomorphic encryption, supporting arbitrary computation on ciphertexts. FHE schemes can evaluate both addition and multiplication operations an unlimited number of times, enabling any computable function to be executed on encrypted data. This is achieved through a technique called bootstrapping, which refreshes the ciphertext noise to prevent it from growing too large. Current FHE implementations face significant performance overhead, often being millions of times slower than plaintext computation.
Partially Homomorphic Encryption (PHE)
A type of homomorphic encryption that supports only one type of operation—either addition or multiplication—but can perform it an unlimited number of times.
- Additive PHE: The Paillier cryptosystem allows encrypted values to be summed, useful for electronic voting and private tallying.
- Multiplicative PHE: The ElGamal and unpadded RSA schemes allow encrypted values to be multiplied.
PHE is computationally efficient and practical for specific, narrow use cases like encrypted aggregation.
Somewhat Homomorphic Encryption (SHE)
A scheme that supports both addition and multiplication but only for a limited number of operations. Each homomorphic operation increases the noise within the ciphertext. Once the noise exceeds a threshold, decryption becomes impossible. SHE is a stepping stone to FHE and can be practical for applications with shallow circuit depths, such as evaluating simple statistical models on encrypted data without the full cost of bootstrapping.
Lattice-Based Cryptography
The mathematical foundation underlying most modern homomorphic encryption schemes. Lattice-based cryptography relies on the hardness of problems like Learning With Errors (LWE) and its ring variant Ring-LWE. These problems involve solving linear equations perturbed by small random noise. Lattice-based constructions are a leading candidate for post-quantum cryptography, meaning they are believed to be secure against attacks from large-scale quantum computers, unlike RSA and elliptic curve cryptography.
Secure Multi-Party Computation (SMPC)
A complementary privacy-preserving technology where multiple parties jointly compute a function over their private inputs without revealing those inputs to each other. While homomorphic encryption computes on data encrypted under a single key, SMPC distributes trust among participants.
- Secret sharing splits data into meaningless shares.
- Garbled circuits enable two-party boolean computation.
SMPC and homomorphic encryption are often combined in hybrid protocols to optimize for performance and trust assumptions.
Trusted Execution Environment (TEE)
A hardware-based approach to confidential computing that creates an isolated enclave within a CPU where code and data are protected from the host operating system. Unlike homomorphic encryption, which is a purely mathematical approach, TEEs like Intel SGX and AMD SEV decrypt data inside the secure hardware boundary for processing. This offers near-native performance but requires trust in the hardware manufacturer and is vulnerable to side-channel attacks.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us