What does it mean to compute on encrypted data?

Computing on encrypted data means performing mathematical operations directly on ciphertext without decrypting it first. The result, when decrypted, is identical to what you would get by computing on the original plaintext. This eliminates the decryption step that creates data exposure in traditional systems. H33 uses BFV fully homomorphic encryption to make this possible at production speeds.

How fast is H33's encrypted computation?

H33 processes each encrypted operation in 38.5 microseconds, sustaining 2.17 million operations per second on a single ARM CPU (Graviton4). No GPU is required. For comparison, Zama requires approximately 800 microseconds on an H100 GPU, and generic FHE libraries take 4-7 milliseconds on cloud servers.

What types of computation can be performed on encrypted data?

H33 supports biometric matching, fraud scoring, search queries, compliance checks, analytics aggregation, inner products, polynomial evaluation, and threshold operations — all on ciphertext. The BFV scheme supports addition, multiplication, and rotation operations on encrypted vectors of up to 4096 slots.

How do I integrate H33 encrypted computation?

H33 offers three integration paths: a script tag for browser-based encryption, an npm package for Node.js applications, and a REST API for any backend. All three paths encrypt data client-side before it reaches H33 infrastructure. Integration typically takes under an hour.

Core Technology

Compute on Encrypted Data

Process sensitive data without ever decrypting it. The decryption step is eliminated entirely. Data enters encrypted, is processed encrypted, and leaves encrypted. The infrastructure never sees plaintext.

Get Free API Key View Documentation

The Paradigm Shift

Never Decrypt

Traditional systems follow a four-step pattern: encrypt data for storage, decrypt it when needed, process the plaintext, then re-encrypt the result. The processing step requires decryption. That decryption creates a window where data exists in plaintext — in memory, in cache, in CPU registers, in log files. That window is where every data breach happens.

H33 eliminates step two. Data is encrypted on the client. It is transmitted encrypted. It is processed while still encrypted. The result is returned encrypted. Only the client holds the decryption key. The server infrastructure — H33 or yours — never has access to plaintext data at any point in the pipeline.

Traditional Systems

1 🔒 Encrypt data at rest

2 🔓 Decrypt for processing

3 ⚙️ Process plaintext

4 🔒 Re-encrypt result

H33

1 🔒 Encrypt on client

2 ⚙️ Process ciphertext

3 🔒 Return encrypted result

✓ No decryption step

This is not a security policy. It is a mathematical guarantee. The FHE scheme makes it computationally infeasible for the server to extract plaintext from ciphertext, even with unlimited access to the processing infrastructure. A compromised server, a malicious admin, a supply-chain attack on the hosting provider — none of these produce plaintext because plaintext never exists on the server.

The Cryptography

How FHE Makes This Possible

H33 uses the BFV (Brakerski/Fan-Vercauteren) fully homomorphic encryption scheme. BFV is a lattice-based cryptosystem where encryption produces polynomial ciphertexts. Mathematical operations on these polynomials — addition, multiplication, rotation — produce results that, when decrypted, correspond exactly to the same operations on the original plaintext.

The key insight: the algebraic structure of the ciphertext preserves the algebraic structure of the computation. Adding two ciphertexts produces a ciphertext that decrypts to the sum of the original plaintexts. Multiplying produces the product. This is not approximation. It is exact.

Parameter	Value	Significance
Polynomial degree (N)	`4096`	4096 SIMD slots per ciphertext
Ciphertext modulus (Q)	`56-bit`	Single modulus, minimal overhead
Plaintext modulus (t)	`65537`	Enables SIMD batching (t = 1 mod 2N)
Security level	`H33-128`	128-bit equivalent, NIST lattice hardness
Batch capacity	`32 users/CT`	4096 slots / 128 dims per user

The security of BFV rests on the Ring Learning with Errors (RLWE) problem — the same lattice-based hardness assumption that underpins NIST's post-quantum standards (FIPS 203, 204). There is no known quantum algorithm that efficiently solves RLWE. The encryption is quantum-resistant by construction, not by add-on.

SIMD batching. Each ciphertext contains 4096 slots. With 128 dimensions per biometric template, one ciphertext holds 32 users. A single FHE operation processes 32 users simultaneously. This is why the per-user cost is 38.5 microseconds despite the batch taking ~1.2 milliseconds.

Capabilities

What You Can Compute

FHE is not limited to simple operations. H33's BFV engine supports the full set of operations required for real-world privacy-preserving workloads:

Biometric matching — encrypted template comparison via inner product. Score computed on ciphertext. Threshold evaluated on ciphertext.
Fraud scoring — transaction risk assessment on encrypted account and behavioral data. Pattern detection without seeing the pattern.
Search queries — keyword and similarity search over encrypted databases. The query is encrypted. The index is encrypted. The result is encrypted.
Compliance checks — policy evaluation on encrypted data. Determine whether a transaction violates a rule without seeing the transaction.
Analytics aggregation — sum, average, count, variance over encrypted datasets. Multi-party aggregation without data pooling.
Polynomial evaluation — arbitrary polynomial functions on encrypted inputs. This covers most ML inference operations.
Threshold operations — encrypted comparison against thresholds. Accept/reject decisions on ciphertext.

The key constraint is multiplicative depth. Each multiplication increases noise in the ciphertext. H33's parameter selection and noise management support the depth required for all the operations above within a single set of parameters. For deeper computations, H33-256 provides additional headroom with a larger parameter set.

Production Numbers

Performance

Benchmarked on Graviton4 (c8g.metal-48xl). 120-second sustained run. Less than 1% variance.

38.5µs

Per operation

2.17M/s

Sustained throughput

1 CPU

ARM, no GPU

<$0.01

Per million ops

How H33 compares to alternatives:

H33 (ARM CPU)

38.5 µs

Zama (H100 GPU)

~800 µs

Generic FHE (cloud)

4–7 ms

Academic FHE

50–500 ms

H33 achieves this through Montgomery-form NTT with Harvey lazy reduction, NTT-domain persistence that eliminates redundant transforms, pre-computed twiddle factors, batch CBD sampling, and NEON-accelerated Galois operations. Every microsecond is accounted for. The engine is written in Rust with zero external FHE dependencies.

One API Call

The Full Stack

FHE alone processes encrypted data. H33 adds proof, attestation, and threat detection in the same call.

🔒

FHE (BFV)

Data processing on ciphertext. Inner products, matching, scoring. Never decrypts.

939 µs / batch

📐

ZK-STARK

Operation correctness proof. Verifiable without accessing the data. Post-quantum secure.

0.059 µs cached

✅

Dilithium

Post-quantum digital signature. Tamper-proof attestation. NIST FIPS 204 compliant.

291 µs / batch

🤖

ML Agents

Harvest detection, side-channel monitoring, and crypto health validation in real time.

2.35 µs total

Every API call returns an encrypted result, a ZK proof that the computation was performed correctly, and a Dilithium-signed attestation that the result has not been tampered with. The proof and signature are independently verifiable by any third party — an auditor, a regulator, a counterparty — without accessing the underlying data.

Get Started

Integration

Three paths. All encrypt client-side. All return encrypted results. Integration typically takes under an hour.

                    HTML
                    Script Tag Integration
                

<!-- Add to your page -->
<script src="https://api.h33.ai/v1/sdk.js"></script>

<script>
  const h33 = new H33({ apiKey: 'your_api_key' });

  // Data is encrypted in the browser
  const result = await h33.verify({
    template: biometricData,
    enrolled: enrolledTemplate
  });

  // result.match: boolean
  // result.proof: ZK-STARK proof
  // result.attestation: Dilithium signature
</script>
                

                    JavaScript
                    npm Package
                

import { H33 } from '@h33/sdk';

const client = new H33({
  apiKey: process.env.H33_API_KEY,
  tier: 'h33-128'
});

// Encrypt locally, process on H33, decrypt locally
const encrypted = await client.encrypt(sensitiveData);
const result = await client.compute(encrypted, operation);
const plainResult = await client.decrypt(result);

// Verify the proof independently
const valid = await client.verifyProof(result.proof);
                

                    cURL
                    REST API
                

# Encrypt client-side, send ciphertext
curl -X POST https://api.h33.ai/v1/compute \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "ciphertext": "BASE64_ENCRYPTED_DATA",
    "operation": "inner_product",
    "enrolled": "BASE64_ENCRYPTED_TEMPLATE",
    "tier": "h33-128"
  }'

# Response includes encrypted result + proof + attestation
# {
#   "result": "BASE64_ENCRYPTED_RESULT",
#   "proof": { "type": "stark", "data": "..." },
#   "attestation": { "type": "dilithium", "sig": "..." },
#   "latency_us": 38.5
# }
                

Process Sensitive Data Without Ever Decrypting It

Not with a policy. Not with a promise. With mathematics. Data encrypted end-to-end. Computation on ciphertext. Proof of correctness. One API call.

Get Free API Key Read the Pillar Guide

1,000 free units/month · No credit card required · Zero plaintext exposure

Verify It Yourself