Biometric authentication -- using face, fingerprint, or voice to verify identity -- is increasingly common. But biometric data is uniquely sensitive: you can't change your fingerprints if they're compromised. Fully Homomorphic Encryption (FHE) solves this by enabling biometric matching on encrypted data, ensuring that raw templates never leave the user's device in plaintext form. See how FHE enables computation on encrypted data across industries.
The Biometric Privacy Problem
Traditional biometric systems have serious privacy concerns:
- Template storage: Raw templates stored on servers can be stolen
- Matching exposure: Templates must be decrypted for comparison
- Irreversibility: Unlike passwords, compromised biometrics can't be changed
- Linkability: Same biometrics across services enable tracking
High-profile breaches (OPM, Biostar 2) have exposed millions of biometric records, underscoring these risks. The 2015 OPM breach alone leaked 5.6 million fingerprint records belonging to federal employees. Once those templates are in the open, no password reset can undo the damage. Every system that enrolled those same fingers is permanently compromised.
Biometric data is the only credential class that is both irrevocable and universal. A leaked password affects one account. A leaked fingerprint affects every system that fingerprint will ever touch, for the rest of the user's life. FHE eliminates this category of risk entirely by ensuring the server never possesses the plaintext template.
FHE Biometric Architecture
FHE fundamentally changes biometric authentication:
FHE Biometric Flow
1. User's template is encrypted on their device
2. Encrypted template sent to server
3. Server performs matching on encrypted data
4. Only match/no-match result is revealed
The server never sees the actual biometric.
This architecture inverts the trust model. In a traditional system, the server is a custodian of sensitive data and must be trusted not to leak it. With FHE, the server is a blind computation engine. It performs arithmetic on ciphertexts and returns an encrypted result. Even a fully compromised server yields nothing to an attacker -- the encrypted templates are computationally indistinguishable from random noise without the user's secret key.
How It Works Technically
Biometric matching typically involves computing similarity between templates (often Euclidean distance or cosine similarity). With FHE, these operations are performed directly on encrypted vectors. H33 uses the BFV (Brakerski/Fan-Vercauteren) scheme with a polynomial degree of N=4096 and a single 56-bit modulus, providing 128-bit security while keeping ciphertext sizes manageable. The plaintext modulus t=65537 satisfies the CRT batching condition t ≡ 1 (mod 2N), which enables SIMD-style packing of multiple user templates into a single ciphertext.
// H33 FHE biometric matching (simplified BFV pipeline)
// Templates are 128-dimensional embedding vectors
// Enrollment: encrypt template on user device
let enrolled_ct = bfv.encrypt(&template_vector); // ~150µs
// Server stores only the ciphertext — never plaintext
// Verification: encrypt fresh capture, send to server
let verify_ct = bfv.encrypt(&capture_vector); // ~150µs
// Server computes encrypted squared Euclidean distance
// diff[i] = E(enrolled_i) - E(verify_i)
// distance = sum( diff[i] * diff[i] ) — all in ciphertext space
let distance_ct = fhe_inner_product(&diff_ct, &diff_ct);
// Decrypt only the scalar distance (not the templates)
let distance = bfv.decrypt(&distance_ct);
let is_match = distance < threshold;The critical optimization is the NTT-domain fused inner product. Rather than performing an inverse NTT after every polynomial multiplication, H33 accumulates all 128 dimension-wise products in NTT form and performs a single INTT at the end. This reduces the transform count from 256 to 2 per verification, cutting the FHE batch latency to approximately 1,109 microseconds for 32 users simultaneously.
SIMD Batching: 32 Users per Ciphertext
BFV with N=4096 provides 4,096 plaintext slots. Each biometric template occupies 128 dimensions, so a single ciphertext can pack 4,096 / 128 = 32 user templates side by side. This is not a theoretical number -- it is the production batch size on H33's Graviton4 deployment. All 32 verifications execute in a single set of FHE operations, amortizing the cost of NTT transforms, key-switching, and memory bandwidth across the entire batch.
| Metric | Value | Notes |
|---|---|---|
| Polynomial degree (N) | 4,096 | BFV ring dimension |
| Plaintext modulus (t) | 65,537 | Satisfies t ≡ 1 (mod 2N) |
| Ciphertext modulus (Q) | 56-bit single | One modulus, no RNS chain |
| Security level | 128-bit | Post-quantum (lattice hardness) |
| Users per ciphertext | 32 | 128 dims per template |
| FHE batch latency | ~1,109 µs | 32 users, Graviton4 |
| Per-auth latency (full stack) | ~42 µs | FHE + ZKP + Dilithium attestation |
| Sustained throughput | 2,172,518 auth/sec | 96 workers, c8g.metal-48xl |
Template storage drops proportionally. A raw 128-dimensional float64 template is approximately 32 MB when stored with FHE overhead individually. Batched into SIMD ciphertexts, each user's share is roughly 256 KB -- a 128x reduction that makes encrypted biometric databases practical at scale.
Performance at H33
We've optimized FHE biometric matching for real-time use:
- FHE encryption: 150µs for template encryption
- Encrypted matching: 260µs for distance computation
- Full verification: 1.36ms end-to-end (Turbo mode)
- Accuracy: 99.7% match rate, comparable to plaintext systems
This performance makes FHE biometrics practical for real-time authentication. The full production pipeline -- FHE batch, ZKP cache lookup, and Dilithium attestation signature -- completes in approximately 1,356 microseconds per 32-user batch. That translates to ~42 microseconds per individual authentication, sustained at 2,172,518 authentications per second on a single AWS Graviton4 instance (c8g.metal-48xl, 96 workers). Every stage is post-quantum secure: BFV relies on lattice hardness, the ZKP uses SHA3-256, and attestation uses ML-DSA (Dilithium) signatures.
Security Benefits
FHE biometrics provide multiple security layers:
- Server breach protection: Stolen encrypted templates are useless without keys
- Insider threat mitigation: Administrators can't access raw biometrics
- Regulatory compliance: Data minimization -- servers only process what they need
- User control: Users hold decryption keys for their biometrics
Because H33's attestation layer signs every batch result with a Dilithium (ML-DSA) post-quantum signature, the authentication verdict itself is tamper-proof. An attacker who compromises the server cannot forge a "match" result without the signing key -- and that key is protected by a lattice-based scheme resistant to both classical and quantum adversaries.
Biometric Types Supported
FHE works with various biometric modalities:
- Face recognition: FHE-encrypted facial embeddings
- Fingerprint: Encrypted minutiae matching
- Voice: Encrypted voice print comparison
- Iris: Encrypted iris code matching
Each modality has different template sizes and matching algorithms, but FHE accommodates all. The key constraint is that the matching function must be expressible as polynomial arithmetic over integers -- which inner products, Euclidean distance, and cosine similarity all are. H33's BFV implementation handles these natively without bootstrapping, since the multiplicative depth required (one multiplication for the squared-difference step) stays well within the single-level noise budget.
Implementation Considerations
When implementing FHE biometrics:
- Template format: Standardize on numerical vectors (embeddings work well)
- Key management: Users should control their FHE keys
- Fallback: Plan for key loss scenarios
- Performance tuning: Optimize FHE parameters for your specific templates
Parameter selection is critical. Choosing N too large (e.g., 8192 or 16384) increases security margins but doubles or quadruples NTT transform time. H33's choice of N=4096 with a single 56-bit modulus hits the sweet spot: 128-bit lattice security, no multi-modulus RNS overhead, and NTTs that complete in microseconds on modern hardware. The Montgomery-form NTT with Harvey lazy reduction eliminates all division from the hot path, keeping each butterfly operation to a multiply-and-conditional-subtract.
Combining with Other Technologies
FHE biometrics work well with complementary technologies:
- Zero-knowledge proofs: Prove match without revealing distance
- Blockchain: Immutable audit trail without exposing data
- Secure enclaves: Additional protection for key operations
H33's Full Stack Auth combines all these for comprehensive protection. The ZKP layer uses an in-process DashMap cache for STARK proof lookups at 0.085 microseconds per query, adding negligible overhead to the FHE pipeline. Batch attestation then signs the entire 32-user result with a single Dilithium sign-and-verify cycle (~244 microseconds), rather than signing each authentication individually -- a 31x reduction in signature cost.
Real-World Applications
FHE biometrics are being adopted across sectors:
- Mobile banking with privacy-preserving face verification
- Healthcare patient identification without central biometric databases
- Border control systems that verify without storing traveler biometrics
- Enterprise access control with privacy-first authentication
FHE biometric authentication represents the future of identity verification -- providing strong security while respecting user privacy. The technology is production-ready today, processing over 1.5 million authentications per second with full post-quantum security at every layer of the stack.
Ready to Go Quantum-Secure?
Start protecting your users with post-quantum authentication today. 1,000 free auths, no credit card required.
Get Free API Key →