What encryption methods exist in Web2 and Web3?
People encounter data protection both at home and at work. The encryption process runs automatically and so quickly that most never notice it. For a few seconds a padlock appears in a browser’s address bar, or online-banking security prompts pop up.
Most forms of encryption are designed to meet everyday needs—keeping personal data safe across devices. The most popular approaches:
- AES (Advanced Encryption Standard). Uses a single key for encryption and decryption. Employed to protect data on smartphones, computers, cloud services, banking systems, VPNs and Wi‑Fi (WPA2/WPA3);
- RSA (Rivest, Shamir, Adleman). An asymmetric algorithm that uses a key pair—a public key to encrypt data and a private key to decrypt it. Used in electronic signatures, email services, web browsers and the HTTPS protocol to establish secure connections via SSL/TLS;
- TLS (Transport Layer Security). Protects connections between client and server much like the above but combines symmetric and asymmetric methods: RSA for key exchange, AES for data encryption;
- End-to-End Encryption (E2EE). The end-to-end method used in WhatsApp, Signal and Telegram. It protects data from eavesdropping on the servers it traverses, and is also used by some email services and video-conferencing tools;
- SHA (Secure Hash Algorithm). A family of cryptographic hash functions for creating digital signatures and ensuring data integrity. Bitcoin uses SHA‑256, which transforms input into a unique fixed-length string (a hash) for authenticity checks;
- ECC (Elliptic Curve Cryptography). Used to encrypt data on mobile devices, in secure internet connections and in cryptocurrencies. It relies on elliptic-curve maths to create small yet robust keys. An ECDSA implementation was chosen by Сатоши Накамото when bitcoin was created in 2008. In 2021 the Taproot upgrade added more advanced Schnorr signatures. They raised security and enabled simpler multisignature schemes, but fell short on anonymity—senders and recipients of coins remain under the gaze of analytics firms.
What is fully homomorphic encryption (FHE)?
Blockchain’s strengths are decentralisation and transparency; its big weakness is thin anonymity. Developers behind Monero, Zcash and the bitcoin mixer Tornado Cash have faced regulatory pressure for trying to enhance user privacy.
In recent years ZKP technology has gained traction, eliminating the need to hand data to a third party. Startups zkSync, Polygon zkEVM, Scroll and StarkWare not only tackle blockchain scalability but also help obscure a user’s identity.
Another way to boost anonymity and data safety is homomorphic encryption. First proposed in 1978 by the authors of RSA, it allows mathematical operations on data without decrypting it.
Several flavours of homomorphic encryption exist, differing by the operations they support and their computational power:
- partially homomorphic encryption (PHE). Allows only one mathematical operation on ciphertexts—addition or multiplication. RSA and ElGamal support only multiplication; the Paillier cryptosystem supports addition;
- somewhat homomorphic encryption (SWHE). Supports only a limited number of additions and multiplications before the ciphertext becomes too “noisy”, threatening distorted results. SWHE underpinned the first FHE constructions;
- fully homomorphic encryption (FHE). The most powerful form, supporting an arbitrary number of additions and multiplications on encrypted data.
For example, Alice wants to send Bob a Christmas recipe along with the groceries. She uses a third party, hiring a courier named John. She encrypts the family recipe, leaving only the shopping list visible. Alice uses a private key, and the algorithm performs multiplications and additions, adding “noise”. John does the shopping and delivers the goods along with the recipe to Bob. Knowing the key, Bob decrypts the data with the FHE algorithm—by applying the inverse mathematical operations.
FHE hides what is transmitted or processed. That is its key distinction from ZKP, which focuses on the anonymity of the party who holds the data and performs the operation—the user’s identity.
In 2020 Ethereum co-founder Vitalik Buterin published a paper on applying FHE to blockchains.
“Fully homomorphic encryption has long been considered one of the holy grails of cryptography. Its potential is impressive: it is a type of encryption that allows a third party to perform computations on encrypted data and obtain an encrypted result, which can be passed back to someone who has the key to decrypt the original data, while the third party cannot decrypt either the data or the result”, Buterin wrote.
How has fully homomorphic encryption evolved?
In 1982 Shafi Goldwasser and Silvio Micali proposed an encryption system homomorphic with respect to multiplication that could encrypt a single bit. An improved system with similar principles was presented in 1999 by Pascal Paillier.
The RSA and ElGamal schemes were early PHE examples and supported only one operation—insufficient for complex tasks. In 2005 the Boneh–Goh–Nissim (BGN) cryptosystem became the first to allow an unlimited number of additions and a single multiplication.
In 2009 Craig Gentry, a Stanford graduate student and IBM intern, proposed an FHE scheme. It can be used to preserve data confidentiality during any kind of processing in untrusted environments—cloud or distributed computing.
Gentry’s FHE scheme is based on lattices and introduces “noise” that grows with each operation. He addressed this via bootstrapping—partial decryption followed by re-encryption. This innovative construction was computationally exorbitant and hampered early prototypes.
In 2011 cryptographers proposed a simpler FHE approach based on the Learning With Errors (LWE) problem and its ring version, Ring‑LWE. The Brakerski–Fan–Vercauteren (B/FV) approach effectively controlled noise growth. Through modulus switching it increased the number of operations that could be performed before refresh. These advances improved efficiency in specific use cases.
How is FHE used in Web3?
FHE has potential in cloud computing, finance, media, medicine and elsewhere where data confidentiality matters. Combined with ZKP solutions or used on its own, it can raise user privacy in DeFi, DePIN, and AI with a blockchain focus.
Applications of FHE in Web3:
- multi‑party computation (MPC). Protocols split computation into parts executed by different nodes. With FHE mechanics, each part can remain encrypted, adding confidentiality to inputs;
- data protection. Storing information in encrypted form alongside smart contracts grants access only to legitimate users;
- cloud computing. FHE lets you send encrypted data to cloud services for processing without revealing it to the provider. For example, share encrypted financial information with an accountant and receive a private report back;
- protection against maximal extractable value (MEV). MEV bots seek high‑value transactions and insert their own before they are processed, pocketing profits. If transactions cannot be analysed thanks to FHE, frontrunning can be eliminated;
- privacy for Web3 participants. Lets DeFi users, restaking validators and DePIN infrastructure providers encrypt their information;
- machine learning on encrypted data. With FHE, encrypted data can be entrusted to AI. That is useful in medicine, where patient records must be protected yet can train models for diagnosis;
- voting. With FHE, ballots can be encrypted, preserving privacy and preventing manipulation of political elections or DAO votes.
Which companies are implementing FHE?
After Gentry’s 2009 scheme, tech giants began to experiment. For firms such as IBM and Google, being first to protect cloud customers’ data mattered.
Over the first decade, many leading players shipped their own offerings. They focused on key management and cloud computation with FHE protection. IBM released the HElib development library, followed by IBM Guardium Data Encryption—a suite of data‑security services with advanced technologies, including FHE variants.
At the end of 2022 Google open‑sourced two FHE‑based tools. Its privacy‑enhancing technologies (PET) include Magritte, an AI video‑blurring service that saves editors time, and FHE Transpiler for developers. The former helps obscure unwanted content; the latter is relevant to work on encrypted data in finance, government and healthcare.
How are startups advancing FHE in Web3?
After Vitalik Buterin’s essay on the merits of FHE, developers began to bring the technology to the Ethereum network. Early projects such as Zama appeared in 2020.
The French firm introduced a fully homomorphic, EVM‑compatible solution—fhEVM. It performs computations on encrypted data, adding privacy features to smart contracts and dapps.
The Zama team believes it can help forge a new, unified internet‑connection standard, HTTPZ—data permanently encrypted not only in transit but also while being computed on. In March 2024 the crypto company closed a Series A round of $73m. It was led by Multicoin Capital, Protocol Labs and Filecoin.
Fhenix focuses on FHE for the Ethereum blockchain, building on Zama’s fhEVM. In partnership with EigenLayer and Celestia it is creating a coprocessor stack to cut the computational costs of FHE.
Another strand of Fhenix’s work is the first FHE layer‑two (L2) solution. The optimistic rollup for Ethereum is built on Arbitrum Stack. In June 2024 the team announced the Helium testnet and a $15m Series A.
Inco Network is a modular, fhEVM‑compatible network designed as a privacy stack for Web3 developers. The team offers combined solutions using FHE, MPC and TEE and promotes confidentiality‑as‑a‑service (CaaS).
On 28 October 2024, USDC co‑issuer Circle, in partnership with Inco Network, unveiled a solution called the Confidential ERC‑20 Framework to mask transactions. It allows existing tokens in EVM‑compatible networks to be wrapped into a confidential form with FHE support.
The launch of the third phase of the Paillier testnet is slated for Q4 2024, with mainnet expected in the first half of 2025.
According to CryptoRank, in February 2024 the company raised about $4.5m in a seed round led by 1kx, Circle and P2 Ventures (Polygon Ventures).
Mind Network is a restaking layer that uses FHE in AI networks and Proof‑of‑Stake (PoS). It can preserve validator anonymity during voting and reward distribution. Mind Network also plans to use FHE for confidential cross‑chain transactions based on CCIP from Chainlink.
What are FHE’s drawbacks?
FHE is a promising and potentially in‑demand technology with many applications, but it also has weaknesses:
- cost of use. Encrypting and decrypting data with FHE is more computationally expensive than with other methods;
- implementation complexity. At an early stage of development, FHE schemes are not yet standardised, making them hard for developers to use in dapps;
- data volume. FHE generates large payloads, filling block space and potentially slowing networks and raising fees.