FHE Libraries: Established Cryptographic Building Blocks
In our last post, we placed Fully Homomorphic Encryption (FHE) alongside other Privacy-Enhancing Technologies (PETs). A dedicated processor is essential for scalable FHE, but it’s only one part of the puzzle.
This is where libraries and compilers come in. Think of them as the toolkits and translators of the FHE world. Libraries give developers ready-made cryptographic building blocks, sparing them from reinventing the math from scratch. Compilers (or in FHE’s case, often transpilers) help transform ordinary code into programs that can run securely on encrypted data. Together, they bridge the gap between cutting-edge theory and usable, real-world applications.
Researchers, organizations, and developers working with FHE face important decisions. The libraries and compilers they choose will influence everything from ease of development to performance and scalability. Each option has its own characteristics, so understanding the landscape is essential before starting. In the following post, we’ll cover FHE libraries part of this landscape.
FHE Libraries
Libraries are used by FHE developers as they provide established cryptographic building blocks for privacy-preserving data analysis implementations. Some of these libraries have been developed and shared by big tech companies like Microsoft and IBM, who offered the SEAL and HElib libraries, respectively. Current important libraries include OpenFHE, HEAAN, Lattigo and TFHE. Below is a quick review for each library, and a TL;DR summary table.
OpenFHE
Background & Developers: OpenFHE is a relatively new library (initial release in July 2022) that represents a unified, next-generation FHE project. It is the direct successor to the PALISADE library (see below) and was created by a consortium of FHE experts from multiple organizations, and is primarily led by Duality Technologies.
The design of OpenFHE intentionally incorporates the best ideas from prior libraries – it draws on the modular design of PALISADE and integrates selected concepts from HElib, HEAAN, and FHEW libraries. OpenFHE is maintained as a community-driven open-source project (affiliated with NumFocus) under a 2-clause BSD license.
Supported Schemes: A major strength of OpenFHE is its comprehensive scheme support. It implements all the major FHE schemes in a single library: BGV and BFV, CKKS, TFHE and FHEW.
Features & Innovations: OpenFHE’s design emphasizes extensibility, performance, and usability. Unlike its predecessors, OpenFHE was designed with bootstrapping in mind for all schemes from the very beginning. It provides built-in bootstrapping procedures so that users can optionally achieve fully homomorphic operation with BGV/BFV/CKKS, not just leveled computation.
Another key feature is its Hardware Abstraction Layer (HAL), which allows plugging in different hardware accelerators (GPUs, FPGAs, ASICs) to speed up FHE operations. This modular HAL enabled OpenFHE to be used in DARPA-funded hardware acceleration efforts and makes it future-proof as FHE moves toward specialized chips.
OpenFHE also supports multiple API modes: a high-level, user-friendly mode where the library automatically manages complex tasks like modulus switching and key rotation, and a lower-level “compiler-friendly” mode for integration with compilers or domain-specific languages that schedule those operations explicitly.
Use Cases: OpenFHE has become a widely used library for new FHE applications. Notably, Google selected OpenFHE as the backend for its FHE Transpiler – a tool that compiles high-level programs into FHE circuit operations.
In summary, OpenFHE’s distinguishing features are its unification of schemes, community-driven development, and forward-looking design that accommodates bootstrapping and hardware acceleration – making it a robust foundation for the next wave of FHE applications.
While OpenFHE unifies multiple approaches, other libraries specialize in specific schemes, for example HEAAN for arithmetic for approximate numbers.
HEAAN
Background & Developers: HEAAN stands for Homomorphic Encryption for Arithmetic of Approximate Numbers. This open-source library was developed by the Cryptography Lab at Seoul National University (SNU) under Prof. Jung Hee Cheon, et al., the inventors of the CKKS scheme. The first version of HEAAN was released on GitHub in May 2016, shortly after the publication of the CKKS paper (AsiaCrypt 2017). Today, HEAAN is maintained and further developed by CryptoLab, Inc., a Korean startup founded by Cheon, which has continued to improve the library’s performance and features.
Supported Schemes: HEAAN’s core (and original) focus is the CKKS scheme. It natively implements CKKS with all its major capabilities (encoding/decoding of vectors of real numbers, homomorphic addition, multiplication, rescaling, etc.). Over time, the developers also incorporated a bootstrapping procedure for CKKS into HEAAN, meaning the library can refresh CKKS ciphertexts and allow an unlimited number of operations on encrypted data. (important for long or iterative computations). Recent versions from CryptoLab have added support for BFV as well.
Notable Features: HEAAN’s distinguishing feature is its expertise in approximate arithmetic. Because it was developed by the scheme’s creators, it often serves as a testbed for state-of-the-art CKKS techniques (e.g. improved encoding methods, error management, and bootstrapping algorithms). The library achieves high performance and precision in numerical homomorphic computations.
Importantly, HEAAN also natively supports GPU acceleration, with architecture-aware optimizations that can speed up core polynomial multiplications by more than 100× compared to single-threaded CPU execution.
HEAAN’s bootstrapping implementation was among the first for approximate arithmetic and continues to be optimized. The library also provides flexible APIs for adjusting parameters to balance precision, security, and performance for a given application.
Deployments & Applications: HEAAN has seen uptake in both research and industry, especially for data science applications. A notable real-world integration is IBM’s HElayers software (an SDK for homomorphic encryption in AI workflows), which incorporated CryptoLab’s HEAAN library. Another example is Samsung Electronics, which partnered with CryptoLab to develop a SmartSSD prototype that can perform homomorphic encryption operations (using HEAAN) directly on an SSD storage device.
In summary, HEAAN’s advantage lies in fast approximate computations: it is a go-to library for CKKS, offering world-class speed for encrypted linear algebra and has proven its mettle in commercial collaborations for privacy-preserving AI.
Another modern library, Lattigo, takes a different approach by focusing on Go-based implementations and multiparty FHE.
Lattigo
Background and developers: Lattigo is an open-source fully homomorphic encryption (FHE) library written in GO, initially developed in 2019 at EPFL’s Laboratory for Data Security and since 2021 maintained by Tune Insight. It implements full-RNS Ring-Learning-With-Errors-based homomorphic-encryption primitives and Multiparty-Homomorphic-Encryption-based secure protocols. It supports BFV, BGV and CKKS schemes and their multiparty versions. Notably, it offers a bootstrapping-capable CKKS, enabling iterative encrypted computations.
Its pure GO implementation makes it easy to integrate into concurrent microservices, supports cross-platform builds (including WebAssembly for browsers), and still delivers performance comparable to leading C++ libraries.
Lattigo is regarded as a state-of-the-art tool in the FHE community, broadly adopted for academic research due to its convenience, and acknowledged by industry and standards bodies, including the HomomorphicEncryption.org, with C++ bindings available through AWS Labs.
Lattigo remains under active development (current major version 6) with frequent updates. It is backed by Tune Insight’s in-house team and guided by an expert advisory committee, ensuring continuous progress in multiparty homomorphic encryption while maintaining strong performance and usability.
TFHE
Background: TFHE stands for Torus Fully Homomorphic Encryption, and it is another library for Boolean circuit FHE that can be seen as the successor to FHEW. Developed by Ilaria Chillotti, Nicolas Gama, Mariya Georgieva, and Malika Izabachène (often referred to as the CGGI scheme, 2016), TFHE introduced a dramatically faster bootstrapping method.
The scheme was published in 2016 in a paper entitled “Faster Fully Homomorphic Encryption: Bootstrapping in less than 0.1 Seconds”. The first open-source release of the TFHE library was in 2017, and it has been updated with improved parameters (latest version 1.1 as of 2020). Unlike FHEW which used traditional polynomial rings, TFHE operates on the torus (real numbers modulo 1) representation of numbers, which enables certain optimizations in the bootstrapping procedure.
Scheme & Performance: The TFHE library implements a ring-variant of the GSW cryptosystem with numerous optimizations for speed. Its hallmark achievement is ultra-fast gate bootstrapping: the library can evaluate a net-list of binary gates homomorphically at a rate of about 50 gates per second per core and has no restriction on the number of gates or on their composition. Essentially, TFHE improved the bootstrapping noise management to drastically reduce the time, and introduced an efficient technique for “gate-by-gate” bootstrapping on the fly. The supported functionality includes all binary gates and a fast encrypted multiplexer (MUX) operation as a primitive, which can be used to construct more complex circuits or programmable logic tables.
Features & Usage: The original TFHE library is written in C/C++ and released under Apache 2.0 license, making it easy to integrate in other projects. A notable aspect is that TFHE outputs are themselves libraries or services; for example, Zama built its “Concrete” library as a high-level framework on top of the TFHE scheme, which provides user friendly APIs for machine learning on encrypted data. Additionally, Google’s initial FHE transpiler releases (prior to OpenFHE integration) leveraged TFHE for Boolean circuits, given its speed.
More recently, the scheme has been reimplemented in Rust as TFHE-rs by Zama, offering the same underlying CGGI cryptosystem with added advantages of memory safety, modern APIs, and active long-term maintenance. TFHE-rs serves as the backend for Zama’s Concrete and Concrete-ML libraries, making the TFHE approach production-ready and easier to integrate into real-world applications.
TFHE’s distinguishing feature is its sheer speed for binary homomorphic operations. It made fully homomorphic evaluation of general-purpose logical circuits practical, bringing bootstrapping down to tens of milliseconds. With the Rust-based TFHE-rs now actively developed and deployed in modern frameworks, the TFHE family continues to be a cornerstone for Boolean FHE applications.
The following libraries have carried important influence in the development of the FHE ecosystem:
Microsoft SEAL
Microsoft SEAL (Simple Encrypted Arithmetic Library) was released by Microsoft Research in 2015 as an easy-to-use open-source FHE library. Developed by the Cryptography and Privacy Research group at Microsoft, SEAL was designed to make FHE accessible to software engineers without deep cryptography expertise. It is written in C++ with no external dependencies and provided under the MIT license. The last update for SEAL was version 3.7.3 on March 2021.
HElib
HElib was originally developed at IBM Research, making it one of the earliest functional FHE libraries (first released around 2013–2014). It emerged after Craig Gentry’s seminal 2009 FHE work, as an implementation of the BGV scheme. IBM’s goal with HElib was to explore and optimize lattice-based FHE in practice, and it was then maintained as a community project. It supported BGV, was the first library to support bootstrapping for BGV, and then added CKKS. The last update for HElib was version 2.3.0 on July 2023.
FHEW
FHEW was introduced by cryptographers Leo Ducas and Daniele Micciancio around 2014–2015. The name “FHEW” comes from their paper “FHE bootstrapping in less than a second“. FHEW’s contribution was foundational proving that gate-by-gate bootstrapping was feasible, which dramatically improved the speed of bootstrapping. FHEW was a proof-of-concept and was not heavily optimized beyond the authors’ initial efforts. The last major update to FHEW code was around 2017.
PALISADE
PALISADE is an open-source FHE library that preceded OpenFHE, developed by a team led by researchers from Raytheon BBN Technologies and NJIT, with contributions other organizations. Its development began under the DARPA PROCEED program (circa 2014) with the goal of creating a modular, open-source FHE toolkit for multiple schemes. PALISADE had its first public release in 2017, and as of 2025, PALISADE is still available but effectively succeeded by OpenFHE .
TL;DR Table
| Library | Schemes Supported | Language | Last Update | Notable Features |
| OpenFHE | BGV, BFV, CKKS, FHEW, TFHE | C++ | Active (2025, v1.x series) | Unified support for all major schemes; built-in bootstrapping; Hardware Abstraction Layer (HAL) for GPU/FPGA/ASIC acceleration; |
| HEAAN | CKKS, BFV | C++ | Active (2025, maintained by CryptoLab) | Native CKKS reference library; native GPU acceleration; first to implement CKKS bootstrapping; |
| Lattigo | BFV, BGV, CKKS | GO | Active (2025, v6) | Pure Go implementation; multiparty FHE protocols; easy integration in microservices; |
| TFHE/ TFHE-rs |
Boolean circuits (binary gates, via CGGI scheme) | Original: C/C++ Modern: Rust (TFHE-R) |
TFHE – v1.1 (2020) THFE-rs – Active (2025 by ZAMA) |
TFHE pioneered ultra-fast bootstrapping; THFE-rs (RUST) offers memory safety, modern APIs and regular updates by ZAMA |
Onwards to Compilers and Transpilers
If libraries are the toolkits of FHE, compilers and transpilers are the translators, in our next post, we’ll explore how they transform ordinary code into secure computations.