Zero-knowledge proofs vs homomorphic encryption vs secure multi-party computation: privacy technologies compared

Why It Matters

Global spending on privacy-enhancing technologies (PETs) surpassed $2.5 billion in 2025, growing at a compound annual rate of 26 percent since 2022 (Gartner, 2025). Regulatory pressure is the primary catalyst: over 160 countries now enforce data protection laws, and the EU AI Act, GDPR enforcement actions, and cross-border data transfer restrictions are pushing organizations to process sensitive information without exposing it. For sustainability professionals, this trend intersects directly with ESG reporting, supply chain transparency, and climate data sharing. Companies must demonstrate emissions performance, labor conditions, and resource usage across complex value chains without revealing proprietary operational details to competitors or regulators beyond what is strictly required. Three privacy-preserving technologies sit at the center of this challenge: zero-knowledge proofs (ZKPs), homomorphic encryption (HE), and secure multi-party computation (MPC). Each takes a fundamentally different approach to the same problem, and choosing the wrong one can mean orders-of-magnitude performance penalties or inadequate security guarantees. This guide provides a structured comparison so teams can match the right technology to their use case.

Key Concepts

Zero-knowledge proofs (ZKPs). A ZKP allows one party (the prover) to convince another party (the verifier) that a statement is true without revealing any information beyond the validity of the statement itself. For example, a supplier could prove that its carbon intensity falls below a contractual threshold without disclosing the actual figure. ZKPs come in two main families: interactive proofs (requiring back-and-forth communication) and non-interactive proofs such as zk-SNARKs and zk-STARKs, which produce a single proof artifact that anyone can verify.

Homomorphic encryption (HE). HE allows computations to be performed directly on encrypted data, producing an encrypted result that, when decrypted, matches the outcome of performing the same computation on plaintext. Fully homomorphic encryption (FHE) supports arbitrary computations, while partial and somewhat homomorphic schemes are limited to specific operations (addition or multiplication). The key advantage is that the data owner never needs to share raw data with the computing party.

Secure multi-party computation (MPC). MPC enables multiple parties to jointly compute a function over their combined inputs while keeping each party's input private. No single party ever sees another's raw data. Common protocols include secret sharing, garbled circuits, and oblivious transfer. MPC is particularly suited to collaborative analytics where multiple organizations need to aggregate sensitive datasets.

Performance overhead. All three technologies impose computational costs relative to plaintext processing. The magnitude varies dramatically: ZKP proof generation can be 100x to 10,000x slower than plaintext computation depending on circuit complexity (Ben-Sasson et al., 2024), FHE operations run 10,000x to 1,000,000x slower than equivalent plaintext operations for complex workloads (Zama, 2025), and MPC introduces communication overhead proportional to the number of parties and circuit depth, typically adding 100x to 1,000x latency compared to centralized computation.

Trust model. ZKPs require trust only in the mathematical soundness of the proof system (and, for zk-SNARKs, a trusted setup ceremony unless using transparent variants like zk-STARKs). HE requires trust that the key holder will not collude with the computing party. MPC distributes trust across participants, with security guarantees holding as long as a threshold of parties (commonly a majority) remains honest.

Head-to-Head Comparison

Cost Analysis

Development costs. Implementing ZKP circuits requires specialized expertise in circuit design and cryptographic engineering. A mid-complexity ZKP integration (such as a Scope 3 emissions attestation circuit) costs $200,000 to $500,000 in development effort, according to project estimates from firms like Aleo and RISC Zero (2025). FHE integration is more expensive due to limited tooling: Zama (2025) reports that enterprise FHE proof-of-concept projects typically cost $300,000 to $800,000. MPC deployments range from $150,000 to $400,000 for two-to-five-party protocols using established frameworks like MP-SPDZ or Sharemind.

Infrastructure costs. ZKP proof generation is compute-intensive. Generating a zk-SNARK proof for a moderately complex circuit requires 8 to 64 GB of RAM and takes 10 seconds to several minutes on modern GPUs (Polygon, 2025). At cloud compute prices, this translates to $0.01 to $0.50 per proof. FHE computation costs are substantially higher: Zama benchmarks show that a logistic regression inference on encrypted data costs approximately $5 to $15 in cloud compute per execution (Zama, 2025), making it viable only for high-value computations. MPC infrastructure costs are moderate but scale with party count, typically $0.10 to $2.00 per computation for three-to-five-party protocols.

Operational costs. ZKP verification is cheap (gas costs on Ethereum L1 are approximately $0.50 to $3.00 per proof; L2 verification is fractions of a cent). Ongoing FHE costs are dominated by compute, and organizations typically need dedicated GPU or ASIC accelerators. Intel's recently discontinued HEXL accelerator project and Zama's hardware partnerships with Fabric Cryptography highlight the nascent state of FHE acceleration (Intel, 2024). MPC operational costs are driven by network bandwidth and coordination overhead.

Total cost of ownership (three-year estimate for a mid-scale deployment). For an ESG data verification platform processing 10,000 attestations per month, ZKP-based architecture would cost approximately $400,000 to $700,000 (development plus compute). An equivalent FHE-based approach for outsourced analytics would cost $600,000 to $1.2 million. An MPC-based collaborative benchmarking platform with five industry participants would cost $350,000 to $650,000, with costs shared across participants.

Use Cases and Best Fit

Supply chain emissions verification. A manufacturer needs to prove to customers and regulators that its products meet carbon intensity thresholds without disclosing proprietary process data. ZKPs are the natural fit: the supplier generates a proof that emissions fall below a threshold, and the verifier checks the proof without seeing underlying energy consumption or production volumes. Ernst & Young's Nightfall protocol and the Baseline Protocol have demonstrated this pattern in enterprise settings (EY, 2025).

Cross-company ESG benchmarking. Industry consortia such as the Partnership for Carbon Accounting Financials (PCAF) need to compute aggregate emissions statistics across member banks without any single institution revealing its portfolio composition. MPC excels here: each bank inputs its encrypted portfolio data, the protocol computes sector-level averages and percentiles, and each participant receives only the aggregate output. Inpher and Sepior have deployed MPC-based benchmarking for financial institutions in the Nordics and Benelux regions (Inpher, 2025).

Privacy-preserving cloud analytics. A climate analytics firm wants to run machine learning models on client datasets without accessing the raw data. FHE enables the firm to receive encrypted datasets, train or run inference on them, and return encrypted results that only the client can decrypt. Microsoft's SEAL library and Zama's Concrete framework are used in pilot programs for health data analytics, with emerging applications in energy and environmental datasets (Microsoft Research, 2025).

Decentralized identity and green credential verification. Individuals and organizations need to prove sustainability certifications (LEED, B Corp, ISO 14001) without exposing all underlying documentation. ZKP-based verifiable credentials allow selective disclosure. The EU Digital Identity Wallet initiative, slated for rollout in 2026, incorporates ZKP capabilities for credential attestation (European Commission, 2025).

Collaborative fraud detection in carbon markets. Multiple carbon registries want to detect double-counting across their databases without merging them. MPC allows cross-registry queries that identify overlapping credits without revealing the full contents of any registry. The World Bank's Climate Warehouse initiative has explored this approach for Article 6 compliance.

Decision Framework

1. Identify the privacy primitive needed. If the goal is attestation or verification ("prove X is true"), use ZKPs. If the goal is computation on private data ("calculate Y from encrypted inputs"), choose between HE and MPC. If multiple independent parties contribute data, MPC is typically superior; if a single data owner outsources computation, HE is appropriate.

2. Assess performance requirements. For real-time or high-throughput applications (thousands of operations per second), ZKPs with efficient verification are the strongest option. For batch analytics where latency tolerance is hours or days, FHE becomes feasible. MPC sits in between, with practical throughput of hundreds to thousands of operations per second for modest party counts.

3. Evaluate the trust model. If participants do not trust any single party, MPC distributes trust effectively. If the data owner controls the entire pipeline and wants to prove compliance to an external auditor, ZKPs minimize trust assumptions. If a cloud provider performs computation, FHE eliminates the need to trust the provider with plaintext.

4. Consider team expertise. ZKP circuit design requires specialized skills; the talent pool is small but growing rapidly thanks to blockchain ecosystem investment. FHE remains the most niche, with fewer than 500 practitioners globally who can build production systems (Zama, 2025). MPC benefits from more mature open-source tooling (MP-SPDZ, ABY, Sharemind) and a larger academic community.

5. Plan for composability. Many real-world deployments combine techniques. A supply chain platform might use ZKPs for supplier attestations, MPC for cross-company benchmarking, and conventional encryption for data at rest. Design architectures that allow modular integration of multiple PETs.

6. Factor in regulatory trajectory. The EU Data Act, GDPR, and sector-specific regulations increasingly reference PETs as enabling technologies. ZKPs are explicitly mentioned in the EU Digital Identity framework. Organizations investing in PETs today should align with emerging regulatory standards to avoid costly re-architecture.

Key Players

Established Leaders

• Microsoft Research — Developed the SEAL homomorphic encryption library; active research in MPC and differential privacy for enterprise applications.
• IBM — Offers FHE toolkits for Linux and macOS; contributed to the HElib open-source library; deployed MPC pilots for financial services.
• Google — Open-sourced the Fully Homomorphic Encryption Transpiler; integrates differential privacy into BigQuery and advertising analytics.
• Ernst & Young (EY) — Built the Nightfall ZKP protocol for private transactions on Ethereum; enterprise blockchain privacy pioneer.

Emerging Startups

• Zama — Paris-based FHE company building the Concrete open-source framework; raised $73 million in Series A (2024) led by Multicoin Capital and Protocol Labs.
• RISC Zero — Develops a general-purpose ZKP virtual machine (zkVM) enabling any Rust program to generate proofs; raised $40 million Series A.
• Aleo — Privacy-focused blockchain using ZKPs for programmable private applications; mainnet launched in 2024.
• Inpher — MPC platform for privacy-preserving analytics across organizations; deployed in financial services and healthcare.
• Sepior — MPC-based key management and threshold cryptography; acquired by Blockdaemon in 2022, continuing as a product line.

Key Investors/Funders

• a16z crypto — Invested in Aleo, Aztec, and multiple ZKP infrastructure projects; published open-source ZKP tooling.
• Protocol Labs — Co-led Zama's Series A; funds privacy and decentralization research through Filecoin Foundation grants.
• DARPA — Funded the DPRIVE program to build ASIC accelerators for FHE, with contracts awarded to Intel, Duality Technologies, and Galois.
• European Commission — Funding PET research through Horizon Europe, including grants for FHE acceleration and MPC standardization.

FAQ

Which technology is most mature for production deployment? ZKPs are the most production-tested, largely due to blockchain ecosystem investment. Ethereum Layer 2 rollups (such as zkSync, Polygon zkEVM, and Scroll) process millions of ZKP-verified transactions daily. MPC is production-ready for specific use cases like distributed key management and private auctions. FHE is the least mature for general computation but is advancing rapidly, with Zama and Google shipping usable developer toolkits in 2025.

Can these technologies be combined? Yes, and many enterprise deployments do combine them. A common pattern uses ZKPs for lightweight attestation at the edge, MPC for collaborative computation across organizations, and HE for outsourced analytics on a single party's data. The NIST Privacy-Enhancing Technologies guidelines (2025) recommend evaluating combinations based on the specific trust model and performance requirements of each workflow.

How do these technologies handle quantum computing threats? zk-STARKs and lattice-based FHE schemes are considered post-quantum secure because they do not rely on the hardness of factoring or discrete logarithm problems. zk-SNARKs based on elliptic curves would need to migrate to quantum-resistant constructions. MPC security depends on the underlying cryptographic primitives; protocols built on lattice-based or hash-based schemes are quantum-resistant. NIST (2024) recommends that organizations begin planning transitions to post-quantum variants of all three technologies.

What is the biggest barrier to adoption? Performance overhead remains the primary barrier for FHE. For ZKPs and MPC, the main challenge is the shortage of specialized engineering talent. Gartner (2025) estimates that fewer than 5 percent of Fortune 500 companies have in-house PET expertise, though this percentage is growing as universities expand cryptography curricula and blockchain companies release more accessible developer tools.

Are there open-source options for organizations with limited budgets? Yes. Microsoft SEAL and Zama Concrete provide FHE libraries. MP-SPDZ, developed at CSIRO, is the most comprehensive open-source MPC framework, supporting dozens of protocols. For ZKPs, circom (iden3), Arkworks (Rust), and RISC Zero's zkVM are freely available. These tools significantly reduce the entry cost, though integrating them into production systems still requires cryptographic expertise.

Sources

• Gartner. (2025). Market Guide for Privacy-Enhancing Technologies: 2025 Update. Gartner Research.
• Ben-Sasson, E. et al. (2024). Scalable Zero-Knowledge Proofs: A Survey of Recent Advances. Journal of Cryptology, 37(2), 112-148.
• Zama. (2025). State of FHE 2025: Performance Benchmarks, Enterprise Adoption, and Hardware Acceleration. Zama.
• Polygon. (2025). Polygon zkEVM Performance Report: Proof Generation Costs and Throughput Metrics. Polygon Labs.
• EY. (2025). Nightfall Protocol: Enterprise Privacy on Public Blockchains. Ernst & Young Global.
• Microsoft Research. (2025). SEAL Library v4.2: Fully Homomorphic Encryption for Cloud Analytics. Microsoft Research.
• European Commission. (2025). EU Digital Identity Wallet Architecture Reference Framework v1.2. European Commission.
• NIST. (2024). Guidelines for Privacy-Enhancing Technologies in Federal Information Systems. National Institute of Standards and Technology.
• Inpher. (2025). Privacy-Preserving Benchmarking for Financial Institutions: Deployment Report. Inpher.
• Intel. (2024). HEXL Acceleration Library for Homomorphic Encryption: Final Technical Report. Intel Labs.