Fully Homomorphic Encryption Is Entering Real-World Evaluation

The Defense Advanced Research Projects Agency created the Data Protection in Virtual Environments (DPRIVE) program to design hardware accelerators and supporting system approaches that could run fully homomorphic encryption workloads within roughly a factor of ten of unencrypted computation time, according to program materials from DARPA. That target sets a concrete engineering benchmark for a technique that, for many years, was largely confined to academic cryptography research.

It anchors homomorphic encryption in a practical question: how close can encrypted computation come to ordinary cloud processing speeds?

At the same time, researchers and vendors are publishing applied evaluations that test fully homomorphic encryption in settings such as healthcare analytics and space-domain collaboration. These reports do not yet represent broad commercial rollouts, but they do show that real workloads can be expressed in homomorphic form and measured for latency, memory use, and operational feasibility.

Together with government-backed hardware work, they mark a shift from theoretical possibility to early operational evaluation.

By late 2025, fully homomorphic encryption looked less like a cryptographic novelty and more like an engineering trade space: measurable workloads, emerging acceleration paths, and concrete bottlenecks. Healthcare evaluations and space-domain risk analysis put real numbers on latency and memory, while programs like DPRIVE signal where public buyers want performance to land. The remaining question is where the overhead, noise constraints, and integration burden are acceptable enough to justify pilots in environments where data exposure is not negotiable.

Homomorphic Encryption Reaches Early Evaluations

DARPA’s DPRIVE program set a goal of bringing FHE within roughly 10× of unencrypted computation time
FHE performs math on ciphertexts so data stays hidden during processing
A January 2025 healthcare preprint evaluates FHE frameworks for diagnostics and quality-control style workloads
DIU’s Hybrid Space Architecture effort includes contracts for privacy-enhancing analytics capabilities, including work reported by Enveil
A January 2025 preprint proposes FHE for satellite collision-risk assessment with confidential orbital data
Constraints include substantial overhead, noise limits, and integration work as of late 2025

What Fully Homomorphic Encryption Does

Fully homomorphic encryption, often abbreviated FHE, is an encryption technique that lets a computer carry out calculations on encrypted data without ever decrypting it. The inputs are ciphertexts, and the outputs are also ciphertexts.

When the owner later decrypts the final result, it matches the answer that would have been produced by running the same calculation on the original plaintext data.

In practical terms, FHE schemes are designed so that addition and multiplication on ciphertexts correspond to addition and multiplication on the underlying plaintexts. If two encrypted values are added, the decrypted result is the sum of the original values; if they are multiplied, the decrypted result is the product.

Modern schemes such as CKKS support approximate arithmetic that can be suitable for machine learning and signal processing tasks, and a low Earth orbit satellite study on encrypted collision-risk analysis discusses adapting CKKS for real-valued calculations in this kind of setting, according to arXiv.

Each homomorphic operation introduces numerical noise into the ciphertext. If the noise grows too large, decryption no longer produces the correct result.

Noise growth and “bootstrapping” techniques to refresh ciphertexts are standard topics in homomorphic-encryption technical discussions, including workshops hosted by institutions such as NIST. Bootstrapping can extend the depth of computation, but it is typically one of the more expensive steps in many FHE pipelines.

Most widely discussed fully homomorphic encryption schemes are lattice based, meaning they rely on problems in high dimensional lattices such as LWE or RLWE, which are among the families of assumptions often considered in post-quantum cryptography discussions.

For adopters, the main point is that FHE aims to keep data protected not only in storage and transit, but also during processing.

Why Encrypted Computation Matters

Traditional encryption protects data at rest and in transit, but it usually requires decryption once a server needs to search, aggregate or run a model on that data. Decryption exposes the plaintext to the computing environment, which may be a public cloud, a third party processor or a system that is hard to monitor fully.

This exposure can create compliance issues under privacy regulations and increases the damage if the processing environment is compromised.

Fully homomorphic encryption addresses this gap by allowing computation directly on encrypted inputs, so the processing system never sees the underlying values. A hospital could, for example, outsource statistical analysis on encrypted patient data, or a bank could compute risk metrics on encrypted transaction histories, while keeping the encryption keys under its own control.

The cloud provider or contractor would only handle ciphertexts and encrypted outputs, reducing what can be learned in the event of a breach.

Government programs underline this motivation. The DPRIVE initiative from DARPA frames FHE as a way to support sensitive computation in environments that may include untrusted networks and shared infrastructure, including commercial settings.

By emphasizing acceleration and system integration, it treats encrypted computation as an engineering problem to be wired into workflows rather than treated as a purely mathematical curiosity.

FHE also fits into broader zero trust strategies that assume no component of a system is fully trustworthy. Zero trust architectures treat every request as potentially hostile and aim to minimize the amount of sensitive information any individual service can access.

Homomorphic encryption supports this goal by ensuring that even if a compute node is compromised, it handles only ciphertext rather than readable personal or operational data.

Hardware Progress Since 2024

Early implementations of fully homomorphic encryption were many orders of magnitude slower than plaintext computation, which limited them to demonstrations on small problems.

The DPRIVE program sought to narrow this gap by funding hardware acceleration and complementary system work, with an explicit target of enabling FHE computation within a factor of ten of unencrypted computations, according to a program description from DARPA. DARPA’s program page notes that DPRIVE is now complete, but its performance framing continues to influence how the field describes practical targets.

Hardware-oriented research groups have responded by designing accelerators that target some of the most expensive operations in standard schemes, such as large polynomial multiplications and number theoretic transforms.

The FHETCH consortium, a collaboration among academic and industry partners, released a draft Polynomial Intermediate Representation in 2025 to standardize an interface between fully homomorphic encryption libraries and acceleration hardware, according to materials on FHETCH. This intermediate representation is intended to improve portability across toolchains without rewriting cryptographic kernels for each new chip.

IBM Research has reported a near-DRAM accelerator called FHENDI that places specialized FHE compute close to memory to reduce data movement. In its publication on IBM Research, the team reports speedups versus CPU and GPU baselines on representative compiled FHE workloads.

These results are still research prototypes, but they provide concrete data on how architectural choices change homomorphic performance.

Taken together, DPRIVE’s performance target, FHETCH’s intermediate representation work, and prototype accelerators like IBM’s FHENDI suggest that fully homomorphic encryption is entering an optimization phase driven by hardware and toolchain design rather than cryptographic novelty.

These efforts do not remove the performance cost of homomorphic computation, but they indicate that specific kernels and structured workloads can be accelerated enough to make constrained pilots more realistic, especially when encryption during processing is a hard requirement rather than a nice-to-have.

Healthcare Evaluations

Healthcare data is both highly sensitive and computationally intensive, which makes it a natural but challenging candidate for fully homomorphic encryption.

A January 2025 pre-print examines FHE frameworks applied to use cases spanning neural-network style healthcare diagnostics and quality-control oriented computation, focusing on performance and resource requirements, according to an evaluation study on arXiv. The work evaluates viability by measuring runtime and overhead when mapping these tasks into an FHE setting.

The study reports that FHE based implementations can, in principle, support privacy-preserving analysis by processing encrypted features and returning encrypted outputs for later decryption by the healthcare provider. However, the encrypted workflows consume substantially more time and memory than their plaintext counterparts.

This overhead appears both in the cryptographic operations themselves and in the need to manage ciphertext sizes and noise throughout the computation.

The authors also note integration challenges when mapping complex healthcare pipelines to the capabilities of current FHE libraries. Neural networks must be adapted to use operations that are friendly to homomorphic evaluation, which can mean modifying or approximating certain functions that are common in plaintext machine learning pipelines.

These changes can affect accuracy, engineering complexity, or both, and they require coordination between domain experts, machine learning engineers and cryptography specialists.

Even with these constraints, the evaluation indicates that privacy-preserving analytics on encrypted health data are technically feasible for some workloads. For adopters, the key question becomes whether the additional latency and infrastructure cost are acceptable in a given clinical, regulatory, or operational setting.

Defense and Government Use

Defense and national security organizations manage sensitive information that often must be shared across agencies, contractors and coalition partners. Fully homomorphic encryption appears in this context as one of several privacy-enhancing technologies intended to support collaboration without full data disclosure.

The DPRIVE program materials from DARPA describe use cases where encrypted computation could help process sensitive data on shared or commercial infrastructure while reducing exposure during processing.

The Defense Innovation Unit’s Hybrid Space Architecture portfolio has also backed privacy-enhancing approaches for mixed government and commercial space systems. Enveil reported in 2025 that it received DIU funding to advance its work in support of Hybrid Space Architecture objectives, according to Enveil.

Enveil describes its offering in terms of privacy-enhancing technologies for secure data use and collaboration. Public materials do not always specify the exact cryptographic mix used in a given deployment, but the contract signal is that encrypted analytics and related PETs are part of the toolkit under consideration for protecting data in complex space and defense-adjacent environments.

Hybrid space architectures combine commercial and government satellites, ground stations and cloud services. In such mixed environments, agencies may want to analyze operational data, signals or telemetry without giving every participant full visibility into raw feeds.

Homomorphic encryption can support this by letting one party run computations on encrypted datasets controlled by another party, with only authorized users able to decrypt the results.

Government interest also matters for standardization and procurement. When programs articulate performance goals and provide funding for accelerators, they shape the roadmap for hardware vendors and software libraries. Over time, this can produce a more mature ecosystem of FHE tools that commercial users can adopt once the technology has been proven.

Industrial and Space Applications

Outside traditional defense settings, industrial operators are starting to explore fully homomorphic encryption for collaboration on sensitive operational data. One prominent example comes from satellite operators that manage dense constellations of low Earth orbit spacecraft.

A January 2025 pre-print proposes using an FHE scheme, specifically CKKS, to compute collision risk jointly on confidential orbital data from multiple operators, according to a technical paper on arXiv.

In that proposal, operators could contribute encrypted orbital parameters to a shared computation. The risk analysis runs on ciphertexts and produces encrypted indicators of potential conjunctions, which can then be decrypted only by parties holding the relevant keys.

This design would allow operators to coordinate on collision avoidance while limiting the disclosure of proprietary trajectories or operational patterns.

The same paper illustrates how approximate homomorphic arithmetic can support algorithms that depend on real-valued calculations rather than just integer logic. By encoding orbital parameters into CKKS ciphertexts, the system can perform approximate floating point operations that the authors analyze for precision and run time tradeoffs.

This shows that FHE can move beyond simple statistical queries to more complex numerical models in industrial contexts.

More broadly, any industry that relies on optimization over sensitive metrics, such as equipment telemetry, pricing signals, or proprietary performance data, could in principle benefit from encrypted analytics.

Fully homomorphic encryption provides one technical path to such arrangements, though current performance constraints still limit the scale and complexity of what is practical.

Constraints and Open Questions

Despite rapid progress, fully homomorphic encryption remains significantly more resource intensive than plaintext computation. Program descriptions often describe best-case targets on the order of an order of magnitude slowdown, while many practical workloads and parameter choices can carry much higher overheads.

Noise management is another central limitation. Each operation on ciphertexts consumes part of a finite noise budget, and bootstrapping to reset that budget can be computationally expensive. This means that only circuits with limited depth, or carefully structured pipelines that minimize costly operations, are currently feasible for many real-world applications.

Interoperability between different libraries and hardware platforms also lags behind the level seen in more mature cryptographic primitives. The Polynomial Intermediate Representation defined by the FHETCH consortium is an attempt to standardize how toolchains represent FHE programs for hardware targets, according to documents from FHETCH.

However, this work is still in early stages, and adopters must often commit to a particular software stack and parameter set that can be hard to change later.

Fully homomorphic encryption is also not immune to implementation risks. Like other cryptographic systems, FHE deployments must consider side-channel leakage via timing, power, or memory-access patterns, and mitigate these risks with careful engineering and system-level protections.

Energy use is another concern, especially for large scale deployments or edge devices. The extra arithmetic required for homomorphic operations can translate into higher power consumption and thermal output compared with plaintext processing on the same hardware.

For some organizations, these operational costs may be acceptable in exchange for stronger privacy guarantees, while others may find that alternative privacy-enhancing approaches better match their constraints.

Outlook for Late 2025 and Beyond

As of late 2025, fully homomorphic encryption sat at a transition point between theory and practice. Hardware accelerators, emerging intermediate representations, and applied evaluations in healthcare and space operations show that real workloads can run in homomorphic form, albeit with notable overhead.

At the same time, performance costs, integration challenges, and implementation risks mean that FHE is not yet a drop-in replacement for conventional cloud computing.

In the near term, the most likely adopters are organizations that face strong legal or strategic incentives to protect data even during processing, such as healthcare providers, financial institutions and defense organizations.

For these groups, the ability to outsource computation to shared infrastructure without exposing raw records can justify investment in specialized hardware and expert teams. General purpose encrypted cloud computing for arbitrary workloads appears further away.

For technical and policy leaders, the key question is where fully homomorphic encryption fits alongside other privacy-enhancing technologies. Secure multiparty computation, trusted execution environments and differential privacy each address different aspects of data protection.

FHE adds the ability to compute on encrypted data while keeping keys under the control of the data owner, and late-2025 level capabilities suggest it is now realistic to pilot in targeted domains where data minimization is non-negotiable.