Inferensys

Glossary

Homomorphic Encryption (HE)

A cryptographic scheme enabling computation directly on encrypted data, producing an encrypted result that, when decrypted, matches the output of operations performed on the original plaintext.
Data scientist building training data pipeline on laptop, data preprocessing visible, technical workspace.
PRIVACY-PRESERVING COMPUTATION

What is Homomorphic Encryption (HE)?

Homomorphic Encryption is a cryptographic scheme that enables computation directly on encrypted data, producing an encrypted result that, when decrypted, matches the output of operations performed on the original plaintext.

Homomorphic Encryption (HE) is a cryptographic primitive that allows a third party to perform arbitrary mathematical operations on ciphertexts without access to the decryption key. The resulting encrypted output, once decrypted by the data owner, yields the exact same result as if the computation had been executed on the raw, unencrypted data. This property fundamentally separates the utility of data from its exposure.

In the context of federated learning for healthcare, HE serves as a critical privacy-enhancing technology that complements secure aggregation. While secure aggregation protects individual model updates during transmission, HE allows a central server to perform the weighted averaging of encrypted gradients directly in the ciphertext space. This ensures that even the aggregated global model update remains opaque to the coordinating server, providing a robust defense against gradient leakage and honest-but-curious infrastructure.

CRYPTOGRAPHIC PRIMITIVES

Key Properties of Homomorphic Encryption

Homomorphic Encryption (HE) is defined by a set of mathematical properties that determine its security, performance, and applicability to privacy-preserving computation. Understanding these core attributes is essential for selecting the right scheme for federated learning workloads.

01

Partially Homomorphic Encryption (PHE)

A class of HE schemes that supports unlimited operations of a single type—either addition or multiplication, but not both—on ciphertexts.

  • RSA: Unpadded RSA is multiplicatively homomorphic.
  • Paillier: Supports additive homomorphism; widely used in secure aggregation for federated learning.
  • ElGamal: Multiplicatively homomorphic; forms the basis for many voting protocols.

PHE is computationally lightweight and practical for production systems that only need to compute sums or products over encrypted data.

< 1 ms
Typical Operation Latency
02

Somewhat Homomorphic Encryption (SHE)

A scheme that supports both addition and multiplication but only for circuits of limited multiplicative depth. Each multiplication increases the noise embedded in the ciphertext.

  • The noise budget is consumed with each operation.
  • Once the noise exceeds a threshold, decryption fails.
  • SHE is the precursor to Fully Homomorphic Encryption (FHE).

SHE is useful for evaluating shallow arithmetic circuits, such as computing averages or low-degree polynomial functions over encrypted data.

03

Fully Homomorphic Encryption (FHE)

The holy grail of encrypted computation: FHE supports arbitrary computation (unlimited additions and multiplications) on ciphertexts. This is enabled by a critical procedure called bootstrapping.

  • Bootstrapping: Homomorphically evaluating the decryption circuit itself to reset the noise level, enabling unbounded depth.
  • Gentry's Blueprint: Craig Gentry's 2009 lattice-based construction proved FHE was theoretically possible.
  • Modern Schemes: CKKS, BGV, BFV, and TFHE are the dominant fourth-generation schemes.

FHE enables a hospital to run a proprietary diagnostic AI model on encrypted patient data without ever decrypting it.

4-6
Orders of Magnitude Overhead vs. Plaintext
04

Leveled Fully Homomorphic Encryption

A practical variant of FHE that can evaluate circuits up to a pre-determined multiplicative depth without bootstrapping. The parameters are chosen at setup to accommodate a specific computation.

  • Eliminates the massive computational cost of bootstrapping.
  • The scheme parameters grow with the circuit depth.
  • If the depth is exceeded, decryption fails.

Leveled FHE is the standard for production deployments where the algorithm's complexity is known in advance, such as evaluating a fixed neural network architecture.

05

Lattice-Based Security Foundation

All modern practical HE schemes derive their security from hard problems on mathematical lattices, specifically the Ring Learning With Errors (RLWE) problem.

  • RLWE: Distinguishing noisy linear equations over polynomial rings is computationally infeasible, even for quantum computers.
  • Post-Quantum Secure: Lattice-based cryptography is a leading candidate for NIST's post-quantum standardization.
  • Worst-Case to Average-Case Reduction: Breaking RLWE is provably as hard as solving the shortest vector problem in ideal lattices.

This foundation ensures that HE-encrypted medical data remains secure against both classical and future quantum adversaries.

06

Noise Management and Growth

HE ciphertexts contain a small amount of random noise that ensures security. Each homomorphic operation—especially multiplication—causes this noise to grow.

  • Additive Noise Growth: Slow and linear; many additions are cheap.
  • Multiplicative Noise Growth: Exponential; the primary constraint on circuit depth.
  • Noise Budget: A finite resource that must be tracked; exceeding it corrupts the plaintext.

Techniques like modulus switching and scale-invariant schemes manage noise without bootstrapping, optimizing performance for federated learning aggregation.

HOMOMORPHIC ENCRYPTION CLARIFIED

Frequently Asked Questions

Clear, technically precise answers to the most common questions about performing computation on encrypted data in healthcare and beyond.

Homomorphic Encryption (HE) is a cryptographic scheme that enables computation directly on encrypted data, producing an encrypted result that, when decrypted, matches the output of operations performed on the original plaintext. It works by mapping plaintext data into a ciphertext space where mathematical operations correspond to operations in the plaintext space. Partially Homomorphic Encryption (PHE) supports only one operation type (addition or multiplication), while Fully Homomorphic Encryption (FHE) supports arbitrary computations. The core mechanism relies on lattice-based cryptography, where noise is added to plaintext during encryption; each operation increases this noise, and if it exceeds a threshold, decryption fails. Modern schemes like CKKS and BGV use techniques such as bootstrapping and modulus switching to manage noise and enable deep computations.

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.