TFHE-rs v1.5 - January 2026
Summary
TFHE-rs v1.5.0 brings new features, performance improvements and several fixes across backends.
See full details below:
CPU
Highlights
The CPU backend now provides friendlier APIs to select parameters. Decompression can now use MultiBit blind rotation for better performance in some cases. The FHE random generation primitive now supports any 64-bit ranges. ZK verification latency has been improved by 42% in the typical case.
New Features
- OPRF now supports generating uniform random values over any 64-bit ranges
- Decompression now supports Multi-Bit blind rotation
- Add MetaParameterFinder for easy parameter selection
- The CompressedXofKeySet can now be generated paired with its ClientKey
- Add the ability to recreate an LweCiphertext from a modswitched LweCiphertext
- Blind rotation using Karatsuba multiplication has been added to more easily check implementations
Improvements
- ZK verify latency has been improved by 42% for 256 bits of encrypted data with a 2048 bits CRS
Fixes
- CompactCiphertextList conformance crash fix
- StaticUnsignedBigInt cast into u128 has been fixed
- Fix edge case for decomposition algorithm
- Fix BorrowMut errors that could happen when using thread local ShortintEngine
- Added missing compressed proof version for the ZK crate
- Tag propagation fix in XofKeySet
- Fix par_encrypt_and_prove was using sequential encryption
- Fix JS API: catch undefined variant using Option<>
GPU
Highlights
In this version, a 2.4x speedup on H100 with classical PBS parameters for MESSAGE_2_CARRY_2 parameters is achieved. The performance of `match_value` is also improved: the latency to search in a list of 256 values with an 8-bit ciphertext is now 10x faster than in the previous version: it went from 1.98 s to 214 ms (with multi-bit parameters, on 8xH100). Several CPU memory leaks and GPU memory leaks were also fixed.
New Features
- Support of the encrypted AES-256
- Implement a GEMM based keyswitch with better throughput and use it in AES
- Add the support for the Re-randomization technique
- Support of custom powers of two ranges for OPRF in the integer API
Improvements
- Add 1_1 classical PBS parameters for specialized version
- Extend specialized version to classical PBS
- Set specific threshold for multi-GPU with classical PBS
- Create the InternalCudaStreams class to improve the management of streams internally in the backend
- Move vector_comparison's functions to the backend to improve performance
- Move cast_to_signed implementation to the Cuda backend
- Move unchecked_index_of_clear to the Cuda backend to improve performance
- Move vector_find's functions to the Cuda backend to improve performance
- Move unchecked_match_value_or to the Cuda backend to improve performance
- Move match_value to the Cuda backend to improve performance
- Remove all _async functions in the integer API
Fixes
- Return to 64 registers in multi-bit pbs
- Fix CPU memory leak in expand and rerand
- Fix GPU memory leak in rerand
- Fix CPU memory leaks in several integer operations
- Fix GPU memory leak in decompression
- Use only thread-block-clusters (TBC) for classical 64 bits pbs on H100 instead of switching to CG
- Add missing sync before free in oprf
- Fix in full propagate: no broadcast is needed because full prop is done on a single GPU always
- Force uint64 when calculating lwe chunksize to avoid overflow
- Fix PBS128 selection for small numbers of LWEs, to use CG for better performance
- Fix decomposition algorithm not matching the theory
- Add upper bound to lwe chunk size calculation
- Fix a bug in are_all_comparison_blocks_true when number of blocks is 0
HPU
Highlights
All shift & rotation operations on the HPU are now using a new DOp firmware which reduced latency by almost 70%.
Improvements
- HPU v2.2 improvements: x2 ALU bandwidth, improved key caches
- Faster Shift & Rotation operations
- HPU now using an interrupt for IOp Ack from Instruction Scheduler to RPU
Fixes
- HPU accumulator memory arbiter fix
Resources
Last updated