Multi-Party FHE is a cryptographic scheme combining fully homomorphic encryption with threshold decryption. It allows multiple independent parties to jointly generate a public key for encrypted computation while distributing the secret key in shares. Arbitrary computation can be performed on the encrypted data, but the final result can only be decrypted when a predefined threshold of parties collaborates, preventing any single entity from accessing the plaintext output unilaterally.
Glossary
Multi-Party FHE

What is Multi-Party FHE?
Multi-Party Fully Homomorphic Encryption (MP-FHE) extends standard FHE by distributing the decryption capability across multiple parties, requiring a threshold quorum to collaboratively decrypt results.
This architecture is critical for collaborative analytics where no single stakeholder is trusted with the raw output. In a multi-party computation context, MP-FHE enables a non-interactive computation phase—data is encrypted once, computed on by an untrusted server, and only decrypted via a distributed protocol. This contrasts with traditional secure multi-party computation which requires continuous interaction during the computation phase.
Key Features of Multi-Party FHE
Multi-Party Fully Homomorphic Encryption extends standard FHE by distributing the decryption capability across multiple independent parties, ensuring that no single entity can ever access the plaintext result without explicit collaboration from a predefined threshold of participants.
Threshold Decryption
The core mechanism of Multi-Party FHE where the secret key is split into shares held by distinct parties. Decryption requires a minimum threshold (e.g., 3 out of 5) to collaborate. This eliminates the single point of trust inherent in standard FHE, ensuring that a compromised server or rogue administrator cannot unilaterally decrypt sensitive computational results.
Distributed Key Generation
A cryptographic protocol that allows multiple mutually distrusting parties to jointly generate a shared public key without any single party ever constructing or seeing the complete private key. Each party holds only a secret share. This process is critical for establishing the initial trust model, as the full decryption key never exists in a single memory location at any point in the system's lifecycle.
Collective Bootstrapping
In standard FHE, bootstrapping refreshes a ciphertext's noise budget using an encrypted secret key. In the multi-party variant, this process becomes interactive. Parties must collaboratively evaluate the decryption circuit on encrypted shares. This distributed noise management is the most computationally intensive phase, requiring secure communication rounds to homomorphically combine partial decryptions without revealing individual key shares.
Common Reference String
A public set of parameters generated during the setup phase that all parties must use. The CRS includes the lattice parameters, modulus chain, and random public matrices required for the RLWE-based scheme. Its integrity is paramount; a maliciously crafted CRS can break the system's security. In practice, the CRS is often generated via a multi-party ceremony to ensure it is free from trapdoors.
Interactive Decryption Protocol
Unlike single-key FHE where decryption is a local operation, Multi-Party FHE requires a multi-round protocol. Each party takes the final ciphertext, computes a partial decryption using its secret share, and broadcasts this share. A combiner then aggregates these partial decryptions to reconstruct the plaintext. The protocol ensures that individual shares reveal zero information about the secret key or the plaintext.
Static vs. Dynamic Adversary Models
Security guarantees vary based on the adversary model. Static corruption assumes the adversary chooses which parties to compromise before the protocol starts. Adaptive corruption allows the adversary to corrupt parties dynamically during execution based on observed messages. Robust Multi-Party FHE schemes often rely on non-interactive zero-knowledge proofs to ensure that partial decryptions are correct even in the presence of actively malicious participants.
Frequently Asked Questions
Multi-Party Fully Homomorphic Encryption (FHE) extends standard FHE by distributing the decryption key among multiple parties, requiring a threshold of them to collaborate to decrypt the final result. This eliminates the single point of trust inherent in single-key FHE, making it ideal for collaborative analytics and governance-heavy enterprise workflows.
Multi-Party Fully Homomorphic Encryption (MP-FHE) is a cryptographic paradigm that combines threshold decryption with fully homomorphic encryption. In standard FHE, a single entity holds the secret key and can decrypt any ciphertext. In MP-FHE, the secret key is generated in a distributed manner, with secret shares held by multiple independent parties. Computation is performed on the encrypted data exactly as in standard FHE, but decryption requires a pre-defined threshold of parties to collaborate. This ensures that no single party can unilaterally access the plaintext result. The process typically involves a distributed key generation protocol, followed by a distributed decryption protocol where each party computes a partial decryption share. These shares are combined to reveal the final output only if the threshold is met.
Multi-Party FHE vs. Related Technologies
How Multi-Party FHE compares to other privacy-preserving computation paradigms across key architectural and security dimensions.
| Feature | Multi-Party FHE | Standard FHE | Secure MPC | Trusted Execution |
|---|---|---|---|---|
Decryption Key Control | Distributed among N parties; threshold required | Single party holds key | No single key; shares distributed | Hardware-enforced; vendor root of trust |
Computation on Encrypted Data | ||||
Data-in-Use Protection | Cryptographic (lattice-based) | Cryptographic (lattice-based) | Cryptographic (secret sharing) | Hardware isolation (SGX/TDX) |
Collusion Resistance | Up to threshold-1 parties | Not applicable | Up to threshold-1 parties | Not applicable |
Interactive Protocol Required | ||||
Post-Quantum Security | ||||
Computational Overhead | 10,000x - 1,000,000x | 10,000x - 1,000,000x | 10x - 100x | < 5% |
Trust Model | Cryptographic; no trusted third party | Cryptographic; single key holder | Cryptographic; honest majority | Hardware vendor + cloud provider |
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Related Terms
Multi-Party Fully Homomorphic Encryption extends standard FHE by distributing the decryption capability across multiple entities, ensuring that no single party can unilaterally access the final result. The following concepts are critical to understanding its architecture and application.
Common Reference String (CRS)
A public string of random values generated during a trusted setup phase, used by all parties in a Multi-Party FHE protocol to ensure consistency and security during distributed key generation and encryption. The CRS model is essential for achieving IND-CPA security in many threshold cryptosystems. While the setup must be executed honestly, techniques like multi-party computation for setup or updatable CRS schemes mitigate the risk of a single point of failure during initialization.
Distributed Key Generation (DKG)
A cryptographic protocol that allows a set of mutually distrusting parties to jointly generate a public key and corresponding secret key shares without any single party ever knowing the full private key. In the context of Multi-Party FHE, DKG eliminates the need for a trusted dealer. Each party contributes randomness to the key generation process, and the final public key is an aggregation of their contributions, ensuring the decryption capability is truly distributed from inception.
Collaborative Bootstrapping
The process of refreshing the noise budget of a ciphertext in a Multi-Party FHE setting without decrypting it. Since the full secret key is never assembled, parties must engage in a secure multi-party computation protocol to homomorphically evaluate the decryption circuit. This is often the computational bottleneck in Multi-Party FHE, requiring efficient interactive protocols to perform the necessary key-switching and modulus operations in a distributed manner.
Decentralized Encrypted Inference
A deployment architecture where a machine learning model is evaluated on encrypted data, and the resulting encrypted prediction can only be decrypted with the consent of a quorum of stakeholders. For example, a medical diagnosis model might require a hospital board, a patient advocate, and a regulatory body to jointly authorize the decryption of a sensitive result. This enforces circuit privacy and strict access control policies cryptographically.
Proactive Secret Sharing
A security hardening technique where secret key shares held by parties in a Multi-Party FHE scheme are periodically refreshed without changing the underlying public key or secret. This limits the window of vulnerability for an adversary who is slowly compromising nodes. Old shares are invalidated, and new, independent shares are generated through a distributed re-randomization protocol, ensuring long-term security against mobile adversaries.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us