What is homomorphic encryption?
It is not possible to process encrypted data without decrypting it first with the secret key. While this protects the confidentiality of the data, it can also be viewed as a limitation. For example, a company that outsources the storage of encrypted data in an untrusted cloud environment is currently deterred from also outsourcing computation in that environment. To process the data, the company would have to decrypt the data first, either by sharing the secret key with the untrusted cloud system and increasing the risk of confidentiality breach, or by copying the data to a trusted environment (typically on-premises) prior to decrypting and processing it, thereby increasing the time, complexity, and cost, as well as the risk of exposure when the data is no longer encrypted. Even when using E2EE, the data is protected in transit and storage but still needs to be decrypted to be processed, potentially exposing it to prying eyes at that moment.
Homomorphic encryption (HE) overcomes this issue, opening a whole new range of possibilities. It is a cryptographic method allowing certain computations to be performed on encrypted data without the need to decrypt it first, and without requiring access to the secret key. The result of such computations remains in encrypted form and can at a later point be revealed by the owner of the secret key (Homomorphic Encryption Standardization).
Encryption can be partially homomorphic (PHE), somewhat homomorphic (SHE) or fully homomorphic (FHE), with some variations in between. The difference between these types of HE is in the extent to which additions and multiplications, which are at the core of computer processing, can be executed over the encrypted data. PHE enables only a single type of operation on the ciphertext, addition or multiplication, but for an unlimited number of times. SHE enables both addition and multiplication operations, but only for a limited number of times. Importantly, the available operations are predetermined by the way the data is encrypted, which means that if PHE or SHE is implemented to perform one set of operations on a dataset, it is not possible to request other operations from the same dataset. Lastly, FHE aims to enable any operations to be applied to encrypted data in unconstrained combinations. This means that with FHE, programs can run directly on encrypted data, eliminating risk of data leakage during or after computation, as the final output is only decrypted when it returns to the user's device.
What could FHE be used for?
In principle, FHE has a wide variety of potential applications. For example, both storage and computation of sensitive data could take place in an untrusted environment, typically a cloud platform, significantly reducing the risk of data breach, as malicious actors attacking the cloud provider’s system would be as blind as the provider itself with respect to the homomorphically encrypted data and processing outputs. Furthermore, with FHE, the cloud platform’s location would no longer be a relevant criterion for choosing a cloud provider because the risk of governments or other actors leveraging cloud providers under their jurisdiction for monitoring purposes would be significantly reduced, at least as long as no additional obligations are imposed on cloud providers such as the custody of FHE keys.
2025 marks a turning point in the adoption of homomorphic encryption technology, with several real-world use cases transitioning from research to production. Contact us to explore what homomorphic encryption is, and why you should care, the specific use cases making headlines in 2025, the technical intricacies, available toolkits, and how you can get started today.