Inferensys

Glossary

Homomorphic Encryption

An encryption scheme that permits computation directly on ciphertexts, generating an encrypted result that, when decrypted, matches the outcome of operations performed on the plaintext.
Operations room with a large monitor wall for system visibility and control.
PRIVACY-PRESERVING COMPUTATION

What is Homomorphic Encryption?

Homomorphic encryption is a cryptographic paradigm that enables computation directly on ciphertexts, producing an encrypted result that, when decrypted, matches the outcome of operations performed on the plaintext.

Homomorphic encryption (HE) is a cryptographic scheme that allows arbitrary computations to be performed on encrypted data without requiring decryption first. The resulting output remains encrypted and, when decrypted with the corresponding private key, yields the exact result that would have been obtained had the operations been executed on the original plaintext. This eliminates the vulnerable plaintext exposure window during processing.

HE schemes are categorized by their computational depth: partially homomorphic encryption (PHE) supports only one operation type (addition or multiplication), somewhat homomorphic encryption (SHE) permits limited sequences of both, and fully homomorphic encryption (FHE) enables unbounded arbitrary computation on ciphertexts. FHE relies on lattice-based cryptography and bootstrapping to manage noise accumulation, though it incurs significant computational overhead compared to plaintext operations.

CRYPTOGRAPHIC PRIMITIVES

Key Properties of Homomorphic Encryption

Homomorphic encryption enables computation on ciphertexts, producing encrypted results that decrypt to the correct plaintext output. The following properties define its security model, operational constraints, and practical classifications.

01

Correctness Guarantee

The fundamental property ensuring that decryption of the evaluated ciphertext yields the exact result of applying the intended function to the original plaintexts. Formally: Dec(sk, Eval(pk, f, Enc(pk, m1), ..., Enc(pk, mn))) = f(m1, ..., mn).

  • Exact correctness: Result matches bit-for-bit
  • Approximate correctness: Tolerates small bounded errors (common in CKKS scheme for floating-point)
  • Failure probability must be negligible for cryptographic security
02

Semantic Security (IND-CPA)

Ciphertexts must reveal no information about the underlying plaintext, even to an adversary with chosen-plaintext attack capabilities. This is achieved through probabilistic encryption where each encryption incorporates fresh randomness.

  • Identical plaintexts produce different ciphertexts each time
  • Adversary cannot distinguish encryptions of chosen messages
  • Achieved via noise-based hardness assumptions (LWE, Ring-LWE)
  • Critical for multi-user scenarios where ciphertexts are shared
03

Compactness

The size of the evaluated ciphertext and the decryption runtime must be independent of the complexity of the function f that was computed. Without compactness, the scheme is merely a multi-use garbled circuit.

  • Ciphertext size bounded by a fixed polynomial in the security parameter
  • Decryption time does not grow with circuit depth
  • Distinguishes fully homomorphic encryption (FHE) from somewhat homomorphic schemes
  • Essential for practical outsourcing of arbitrary computation
04

Bootstrapping (Noise Management)

A self-referential technique where the scheme evaluates its own decryption circuit homomorphically to reset accumulated noise. Without bootstrapping, noise grows with each multiplication and eventually corrupts the ciphertext.

  • Gentry's 2009 breakthrough: first viable FHE construction
  • Refreshes ciphertext to enable unlimited depth computation
  • Computationally expensive: often dominates runtime
  • Modern schemes use programmable bootstrapping (TFHE) to simultaneously evaluate lookup tables
05

Classification by Supported Operations

Schemes are categorized by the algebraic structure of functions they can evaluate homomorphically:

  • Partially HE (PHE): Single operation type, unlimited times (e.g., RSA for multiplication, Paillier for addition)
  • Somewhat HE (SHE): Both addition and multiplication, but limited circuit depth
  • Leveled HE: Supports circuits up to a pre-determined multiplicative depth L
  • Fully HE (FHE): Arbitrary computation on ciphertexts via bootstrapping

Practical deployments often use leveled schemes to avoid bootstrapping overhead.

06

Hardness Assumptions

Security rests on the computational intractability of lattice problems that remain hard even against quantum adversaries:

  • Learning With Errors (LWE): Distinguishing noisy linear equations from random
  • Ring-LWE: LWE instantiated over polynomial rings for efficiency
  • NTRU: Shortest vector problem in convolution polynomial rings
  • Approximate-GCD: Used in early integer-based schemes (DGHV)

All major post-quantum FHE schemes rely on lattice assumptions, making them candidates for long-term security.

HOMOMORPHIC ENCRYPTION

Frequently Asked Questions

Clear, technically precise answers to the most common questions about performing computation on encrypted data without decryption.

Homomorphic encryption (HE) is a cryptographic scheme that permits computation directly on ciphertexts, generating an encrypted result that, when decrypted, matches the outcome of operations performed on the plaintext. It works by constructing mathematical structures—typically based on lattice-based cryptography problems like Ring Learning With Errors (RLWE)—that preserve algebraic homomorphisms. When you encrypt plaintext m1 into ciphertext c1 and m2 into c2, a homomorphic operation on c1 and c2 yields a ciphertext that decrypts to m1 + m2. Critically, the entity performing the computation never accesses the plaintext data, the intermediate values, or the final result in decrypted form. Modern schemes introduce a controlled amount of noise into each ciphertext that grows with each operation; when noise exceeds a threshold, decryption fails. Bootstrapping—running the decryption circuit homomorphically—refreshes this noise, enabling Fully Homomorphic Encryption (FHE) with unlimited computation depth.

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.