Homomorphic Encryption: How It Works & The 3 Types (PHE, SHE, FHE)

Homomorphic encryption brings about a whole new paradigm. In this article, I’ll explain homomorphic encryption, including how it works and the different types of homomoprhic encryption.

How traditional encryption works

Traditionally, encryption comes in data-at-rest and data-in-transit. As long as the data remains encrypted, no action can be made on the data until it is unencrypted. And in this traditional approach, typically only the person who “holds” the private key can unencrypt the data, to take action on it.

Unfortunately, decrypting the data makes is not always desired or the goal. For instance, you might want to share datasets to see how much data you have in common with the other party, but without revealing what your data is.  

Now let’s turn to homomorphic encryption and how it can solve this problem.

(Read our data encryption introduction for more details.)

What is homomorphic encryption?

Homomorphic encryption is a new approach that allows you to process and compute directly on encrypted data. That means you do not have to decrypt it to perform basic operations on it.

Types of homomorphic encryption

Homomorphic encryption is still an emerging technology, but it is already categorized into three different types of homomorphic encryption, described below. The fundamental difference between the different types is the frequency of mathematical operations that can be performed on the ciphertext.

Partially Homomorphic Encryption (PHE)

In PHE, ‘partially’ means that only a single mathematical function can be performed on encrypted values. So only one action — either addition or multiplication — can be performed an unlimited number of times on the encrypted data.

Somewhat Homomorphic Encryption (SHE)

‘Somewhat’ is more general than PHE in that it supports homomorphic operations with additions and multiplications. However, only a limited number of operations can be performed on the encrypted data.

Fully Homomorphic Encryption (FHE)

Here, ‘fully’ is the operative word. Where PHE and SHE have limited operations, fully homomorphic encryption has the capability of using both addition and multiplication with no limit on the number of times they’re performed on the encrypted data.

Related reading

What is Splunk?

This posting does not necessarily represent Splunk's position, strategies or opinion.

Martin Townend
Posted by

Martin Townend

Martin Townend is a cloud Solutions Architect for Splunk. He is 6x AWS Certified and Microsoft Azure and Google Cloud Certified, and has a deep understanding of cloud security and the various public clouds. Martin has focused on cloud for over 12 years, helping organizations on their cloud journey and designing secure, scalable environments. His innovation continues within cloud and emerging technologies.