pith. sign in

arxiv: 2606.22519 · v1 · pith:XCAYY47Fnew · submitted 2026-06-21 · 💻 cs.CR · cs.LG

Detecting and Understanding Vulnerabilities in Fully Homomorphic Encryption Frameworks

Pith reviewed 2026-06-26 10:07 UTC · model grok-4.3

classification 💻 cs.CR cs.LG
keywords fully homomorphic encryptionmetamorphic testingvulnerability detectionFHE frameworkslogic bugsautomated testingsoftware security
0
0 comments X

The pith

HERTA uses metamorphic relations from FHE semantics to automatically detect 21 unknown bugs across three industry frameworks.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper introduces HERTA as the first automated testing tool for fully homomorphic encryption frameworks. It designs novel metamorphic relations derived from FHE semantics to test the multi-layered pipeline for logic bugs without requiring manual ground truth. These bugs can silently corrupt encrypted computations and create security vulnerabilities in applications such as secure cloud computing, finance, and healthcare. Evaluation on three leading frameworks found 21 previously unknown bugs, some of which developers have already confirmed and fixed. A hazard analysis shows the bugs threaten the integrity and availability of FHE-based services.

Core claim

HERTA leverages metamorphic testing with a set of novel metamorphic relations derived specifically from FHE semantics. These relations stress the most challenging aspects of the multi-layered FHE software stack and enable automated correctness testing without the need for a manual ground truth. Applied to three leading industry frameworks, HERTA discovered 21 previously unknown bugs, several of which have been confirmed and fixed by developers, while the accompanying hazard analysis reveals the critical security impact these bugs pose to the integrity and availability of FHE-based services.

What carries the argument

Novel metamorphic relations (MRs) derived from FHE semantics that check relations across multiple program executions to detect logic bugs without ground truth.

If this is right

  • FHE framework developers can integrate automated testing to catch and repair logic bugs before deployment in privacy-sensitive applications.
  • Silent corruption of encrypted computations can be reduced, lowering risks of financial losses in FHE-enhanced finance and healthcare systems.
  • The approach provides a practical method for verifying correctness in the translation from high-level FHE programs to low-level operations.
  • Hazard analysis of detected bugs can guide prioritization of fixes that affect service integrity and availability.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • The same style of FHE-semantics-driven metamorphic relations might transfer to testing other multi-layered privacy-preserving systems such as secure multi-party computation frameworks.
  • Widespread adoption of HERTA-style tools could change how quickly new FHE frameworks reach production use by exposing hidden implementation errors early.
  • Integration of such testing into continuous development pipelines for FHE libraries would allow ongoing detection as schemes and compilers evolve.

Load-bearing premise

The metamorphic relations derived from FHE semantics are sufficient to stress the most challenging aspects of the multi-layered pipeline and detect logic bugs without requiring manual ground truth.

What would settle it

Applying HERTA to one of the three frameworks and finding that a known logic bug produces no metamorphic relation violations, or that all reported bugs are false positives upon developer review.

Figures

Figures reproduced from arXiv: 2606.22519 by Dongwei Xiao, Shuai Wang, Yiteng Peng, Zhenlan Ji, Zhibo Liu.

Figure 1
Figure 1. Figure 1: Overview of the pipeline in the FHE frameworks. [PITH_FULL_IMAGE:figures/full_fig_p002_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: Simplified motivating examples discovered by HERTA. These cases demonstrate that vulnerabilities permeate the entire [PITH_FULL_IMAGE:figures/full_fig_p004_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: Overview of HERTA’s testing pipeline ➀ FHE-aware Seed Generation. This stage generates a seed program, P, with FHE-specific constructs, such as complex data types and operations requiring significant adaptation. This seed program will be used as the basis for subsequent metamorphic mutations to stress-test the FHE framework. ➁ MR1: Type and Dataflow Mutation. This MR transforms P into a semantically equiva… view at source ↗
Figure 4
Figure 4. Figure 4: Selected abstract grammar for FHE programs. [PITH_FULL_IMAGE:figures/full_fig_p006_4.png] view at source ↗
Figure 5
Figure 5. Figure 5: Representative bug cases found by different MRs. [PITH_FULL_IMAGE:figures/full_fig_p010_5.png] view at source ↗
Figure 6
Figure 6. Figure 6: An example of framework-assisted backdoor attack [PITH_FULL_IMAGE:figures/full_fig_p012_6.png] view at source ↗
read the original abstract

Fully homomorphic encryption (FHE) allows computations to be performed directly on encrypted data without decryption, offering strong privacy guarantees for sensitive data analysis. This capability is important for privacy-sensitive applications like secure cloud computing, finance, and healthcare. The complexity of FHE schemes, however, has hindered their practical adoption. To make FHE accessible to a broader range of developers, a new generation of specialized frameworks has emerged to translate high-level FHE programs into complex FHE operations, introducing a new programming paradigm. However, the inherent complexity of FHE frameworks makes them prone to incorrect implementation logic. Unlike mere crashes, logic bugs in these frameworks can silently corrupt encrypted computation, potentially leading to severe financial losses and security vulnerabilities in FHE-enhanced applications. In this work, we introduce HERTA, the first automated testing tool tailored for FHE frameworks. HERTA leverages metamorphic testing to uncover deep-seated implementation bugs and vulnerabilities across the multi-layered FHE software stack. To that end, we design a set of novel metamorphic relations (MRs) derived specifically from FHE semantics. These MRs stress the most challenging aspects of the pipeline, enabling automated correctness testing without the need for a manual ground truth. Our evaluation of HERTA on 3 leading industry frameworks discovered 21 previously unknown bugs, several of which have already been confirmed and fixed by developers. Furthermore, our hazard analysis reveals the critical security impact these bugs pose to the integrity and availability of FHE-based services.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 2 minor

Summary. The paper introduces HERTA, the first automated testing tool for FHE frameworks that uses metamorphic testing with novel MRs derived from FHE semantics. These MRs are intended to stress the multi-layered pipeline and detect logic bugs without manual ground truth. Evaluation on three leading industry frameworks reports discovery of 21 previously unknown bugs, several confirmed and fixed by developers, plus a hazard analysis of their security impacts on integrity and availability.

Significance. If the MRs are sound, the work has clear significance for improving reliability of FHE frameworks used in privacy-sensitive domains. The external validation via developer confirmations for several bugs provides independent support for the empirical findings and is a strength. Metamorphic testing is a reasonable choice given the difficulty of obtaining ground truth for encrypted computations.

major comments (2)
  1. [§4] §4 (Metamorphic Relations): The central claim that the novel MRs derived from FHE semantics are sufficient to stress the most challenging aspects of the pipeline and detect logic bugs rests on their construction and coverage. The manuscript provides high-level motivation but lacks a concrete enumeration of the MRs, their formal definitions, or an argument showing they are complete enough to expose the reported classes of bugs without systematic false negatives.
  2. [§5] §5 (Evaluation): The report of 21 bugs is load-bearing for the main result, yet the section does not include a false-positive analysis, the total number of test cases executed, or a breakdown of how many bugs were confirmed by developers versus inferred. Without these, it is difficult to assess whether the detections are robust or whether the MRs over- or under-approximate the space of real implementation errors.
minor comments (2)
  1. [Abstract] The abstract states that 'several' bugs were confirmed and fixed; the evaluation section should explicitly state the exact count and which frameworks were affected for reproducibility.
  2. Notation for the MRs and the FHE pipeline layers should be introduced once with a summary table to improve readability across sections.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the constructive feedback and positive assessment of the significance of our work. We address each major comment below.

read point-by-point responses
  1. Referee: [§4] §4 (Metamorphic Relations): The central claim that the novel MRs derived from FHE semantics are sufficient to stress the most challenging aspects of the pipeline and detect logic bugs rests on their construction and coverage. The manuscript provides high-level motivation but lacks a concrete enumeration of the MRs, their formal definitions, or an argument showing they are complete enough to expose the reported classes of bugs without systematic false negatives.

    Authors: We agree that a more detailed presentation would strengthen the paper. In the revised version, we will expand §4 to include a complete enumeration of the MRs in a table, their formal definitions based on FHE semantics, and an explicit argument on coverage of the pipeline and the reported bug classes, including discussion of potential false negatives. revision: yes

  2. Referee: [§5] §5 (Evaluation): The report of 21 bugs is load-bearing for the main result, yet the section does not include a false-positive analysis, the total number of test cases executed, or a breakdown of how many bugs were confirmed by developers versus inferred. Without these, it is difficult to assess whether the detections are robust or whether the MRs over- or under-approximate the space of real implementation errors.

    Authors: We will revise §5 to report the total number of test cases executed and provide a breakdown of the 21 bugs (specifying how many were developer-confirmed versus verified via code inspection). We will also add a subsection on our verification process, which functions as a false-positive analysis and confirms all detections as true positives with no false positives observed. revision: yes

Circularity Check

0 steps flagged

No significant circularity

full rationale

This is an empirical software testing paper that introduces a metamorphic testing tool (HERTA) and evaluates it by running on three FHE frameworks to discover 21 bugs, with some confirmed by developers. No derivation chain, equations, fitted parameters, or uniqueness theorems are present. The metamorphic relations are presented as novel but derived from domain semantics rather than fitted or self-defined in a way that reduces outputs to inputs by construction. Developer confirmations supply independent external validation. The work is self-contained as a standard empirical evaluation and does not invoke any of the enumerated circularity patterns.

Axiom & Free-Parameter Ledger

0 free parameters · 1 axioms · 0 invented entities

The central claim rests on the assumption that FHE-specific metamorphic relations can be designed to cover the hardest parts of the implementation stack without external oracles.

axioms (1)
  • domain assumption Metamorphic relations derived from FHE semantics can detect logic bugs in the multi-layered software stack without manual ground truth.
    Invoked to justify automated correctness testing in the absence of known-correct outputs.

pith-pipeline@v0.9.1-grok · 5809 in / 1161 out tokens · 22401 ms · 2026-06-26T10:07:50.486420+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

61 extracted references · 3 canonical work pages

  1. [1]

    Fully homomorphic encryption using ideal lattices,

    C. Gentry, “Fully homomorphic encryption using ideal lattices,” inSTOC, 2009, pp. 169–178

  2. [2]

    Homomor- phic encryption for arithmetic of approximate numbers,

    J. H. Cheon, A. Kim, M. Kim, and Y . Song, “Homomor- phic encryption for arithmetic of approximate numbers,” inAdvances in Cryptology–ASIACRYPT 2017: 23rd In- ternational Conference on the Theory and Applications of Cryptology and Information Security, Hong Kong, China, December 3-7, 2017, Proceedings, Part I 23. Springer, 2017, pp. 409–437

  3. [3]

    A full rns variant of approximate homomorphic encryp- tion,

    J. H. Cheon, K. Han, A. Kim, M. Kim, and Y . Song, “A full rns variant of approximate homomorphic encryp- tion,” inSelected Areas in Cryptography–SAC 2018: 25th International Conference, Calgary, AB, Canada, August 15–17, 2018, Revised Selected Papers 25. Springer, 2019, pp. 347–368

  4. [4]

    Homomorphic encryption for machine learning in medicine and bioin- formatics,

    A. Wood, K. Najarian, and D. Kahrobaei, “Homomorphic encryption for machine learning in medicine and bioin- formatics,”ACM Computing Surveys (CSUR), vol. 53, no. 4, pp. 1–35, 2020

  5. [5]

    Secure and efficient similarity retrieval in cloud com- puting based on homomorphic encryption,

    N. Wang, W. Zhou, J. Wang, Y . Guo, J. Fu, and J. Liu, “Secure and efficient similarity retrieval in cloud com- puting based on homomorphic encryption,”IEEE Trans- actions on Information Forensics and Security, vol. 19, pp. 2454–2469, 2024

  6. [6]

    Parameter opti- mization and larger precision for (t) fhe,

    L. Bergerat, A. Boudi, Q. Bourgerie, I. Chillotti, D. Ligier, J.-B. Orfila, and S. Tap, “Parameter opti- mization and larger precision for (t) fhe,”Journal of Cryptology, vol. 36, no. 3, p. 28, 2023

  7. [7]

    Helayers: A tile tensors framework for large neural networks on encrypted data,

    E. Aharoni, A. Adir, M. Baruch, N. Drucker, G. Ezov, A. Farkash, L. Greenberg, R. Masalha, G. Moshkowich, D. Muriket al., “Helayers: A tile tensors framework for large neural networks on encrypted data,”Proceedings on Privacy Enhancing Technologies, 2023

  8. [8]

    Heir: A universal compiler for homomorphic encryption,

    A. Ali, J. Choi, B. Gipson, S. Gorantala, J. Kun, W. Legiest, L. Lim, A. Viand, M. Z. Demissie, and H. Zheng, “Heir: A universal compiler for homomorphic encryption,” 2025. [Online]. Available: https://arxiv.org/abs/2508.11095

  9. [9]

    Concrete: TFHE Compiler that converts python programs into FHE equivalent,

    Zama, “Concrete: TFHE Compiler that converts python programs into FHE equivalent,” 2022, https://github.com /zama-ai/concrete

  10. [10]

    Microsoft SEAL (release 4.1),

    “Microsoft SEAL (release 4.1),” https://github.com/Mic rosoft/SEAL, Jan. 2023, microsoft Research, Redmond, W A

  11. [11]

    Openfhe.org - openfhe - open-source fully homomorphic encryption library,

    OpenFHE, “Openfhe.org - openfhe - open-source fully homomorphic encryption library,” https://www.openfhe. org/, 2023

  12. [12]

    Tfhe: fast fully homomorphic encryption over the torus,

    I. Chillotti, N. Gama, M. Georgieva, and M. Izabach `ene, “Tfhe: fast fully homomorphic encryption over the torus,” Journal of Cryptology, vol. 33, no. 1, pp. 34–91, 2020

  13. [13]

    A systematic review of ho- momorphic encryption and its contributions in healthcare industry,

    K. Munjal and R. Bhatia, “A systematic review of ho- momorphic encryption and its contributions in healthcare industry,”Complex & Intelligent Systems, vol. 9, no. 4, pp. 3759–3786, 2023

  14. [14]

    Exclusive: Duality technologies enters trade finance fraud prevention,

    G. T. Review, “Exclusive: Duality technologies enters trade finance fraud prevention,” https://www.gtreview .com/news/fintech/exclusive-duality-technologies-enter s-trade-finance-fraud-prevention/, 2022

  15. [15]

    Metamorphic testing: A new approach for generating next test cases,

    T. Y . Chen, S. C. Cheung, and S. M. Yiu, “Metamorphic testing: a new approach for generating next test cases,” arXiv preprint arXiv:2002.12543, 2020

  16. [16]

    A survey on metamorphic testing,

    S. Segura, G. Fraser, A. B. Sanchez, and A. Ruiz-Cort ´es, “A survey on metamorphic testing,”IEEE Transactions on software engineering, vol. 42, no. 9, pp. 805–824, 2016

  17. [17]

    On data banks and privacy homomorphisms,

    R. L. Rivest, L. Adleman, M. L. Dertouzoset al., “On data banks and privacy homomorphisms,”Foundations of secure computation, vol. 4, no. 11, pp. 169–180, 1978

  18. [18]

    On lattices, learning with errors, random linear codes, and cryptography,

    O. Regev, “On lattices, learning with errors, random linear codes, and cryptography,”Journal of the ACM (JACM), vol. 56, no. 6, pp. 1–40, 2009

  19. [19]

    Somewhat practical fully homomorphic encryption,

    J. Fan and F. Vercauteren, “Somewhat practical fully homomorphic encryption,”Cryptology ePrint Archive, 2012

  20. [20]

    Glyph: Fast and accurately training deep neural networks on en- crypted data,

    Q. Lou, B. Feng, G. Charles Fox, and L. Jiang, “Glyph: Fast and accurately training deep neural networks on en- crypted data,”Advances in neural information processing systems, vol. 33, pp. 9193–9202, 2020

  21. [21]

    Revisiting the functional bootstrap in tfhe,

    A. Guimar ˜aes, E. Borin, and D. F. Aranha, “Revisiting the functional bootstrap in tfhe,”IACR Transactions on Cryptographic Hardware and Embedded Systems, pp. 229–253, 2021

  22. [22]

    Spencnn: orchestrating encoding and sparsity for fast homomorphically encrypted neural network inference,

    R. Ran, X. Luo, W. Wang, T. Liu, G. Quan, X. Xu, C. Ding, and W. Wen, “Spencnn: orchestrating encoding and sparsity for fast homomorphically encrypted neural network inference,” inInternational Conference on Ma- chine Learning. PMLR, 2023, pp. 28 718–28 728

  23. [23]

    TFHE-rs: A Pure Rust Implementation of the TFHE Scheme for Boolean and Integer Arithmetics Over Encrypted Data,

    Zama, “TFHE-rs: A Pure Rust Implementation of the TFHE Scheme for Boolean and Integer Arithmetics Over Encrypted Data,” 2022, https://github.com/zama-ai/tfhe -rs

  24. [24]

    Cryptoracle: A modular framework to characterize fully homomorphic encryption,

    C. Brynds, P. McLeod, L. Caccamise, A. Pal, D. Saiham, S. Rahman, J. S. Miguel, and D. Wu, “Cryptoracle: A modular framework to characterize fully homomorphic encryption,”arXiv preprint arXiv:2510.03565, 2025

  25. [25]

    Testing and understanding deviation behav- iors in fhe-hardened machine learning models,

    Y . Peng, D. Wu, Z. Liu, D. Xiao, Z. Ji, J. Rahmel, and S. Wang, “Testing and understanding deviation behav- iors in fhe-hardened machine learning models,” inIEEE Computer Society, 2025, pp. 644–644

  26. [26]

    Concrete ML: a privacy-preserving machine learning library using fully homomorphic encryption for data scientists,

    Zama, “Concrete ML: a privacy-preserving machine learning library using fully homomorphic encryption for data scientists,” 2022, https://github.com/zama-ai/concre te-ml

  27. [27]

    Logistic regression over en- crypted data from fully homomorphic encryption,

    H. Chen, R. Gilad-Bachrach, K. Han, Z. Huang, A. Jalali, K. Laine, and K. Lauter, “Logistic regression over en- crypted data from fully homomorphic encryption,”BMC medical genomics, vol. 11, no. Suppl 4, p. 81, 2018

  28. [28]

    (lev- eled) fully homomorphic encryption without boot- strapping,

    Z. Brakerski, C. Gentry, and V . Vaikuntanathan, “(lev- eled) fully homomorphic encryption without boot- strapping,”ACM Transactions on Computation Theory (TOCT), vol. 6, no. 3, pp. 1–36, 2014

  29. [29]

    The oracle problem in software testing: A sur- vey,

    E. T. Barr, M. Harman, P. McMinn, M. Shahbaz, and S. Yoo, “The oracle problem in software testing: A sur- vey,”IEEE transactions on software engineering, vol. 41, no. 5, pp. 507–525, 2014

  30. [30]

    Low-complexity deep convolutional neural networks on fully homomorphic encryption us- ing multiplexed parallel convolutions,

    E. Lee, J.-W. Lee, J. Lee, Y .-S. Kim, Y . Kim, J.-S. No, and W. Choi, “Low-complexity deep convolutional neural networks on fully homomorphic encryption us- ing multiplexed parallel convolutions,” inInternational Conference on Machine Learning. PMLR, 2022, pp. 12 403–12 422

  31. [31]

    Towards deep neural network training on encrypted data,

    K. Nandakumar, N. Ratha, S. Pankanti, and S. Halevi, “Towards deep neural network training on encrypted data,” inProceedings of the IEEE/CVF conference on computer vision and pattern recognition workshops, 2019, pp. 0–0

  32. [32]

    Design and implementation of helib: a homomorphic encryption library,

    S. Halevi and V . Shoup, “Design and implementation of helib: a homomorphic encryption library,”Cryptology ePrint Archive, 2020

  33. [33]

    Homomor- phic encryption methods applied to cloud computing: A practical architecture for elastic, verifiable confidential compute,

    R. Yadavalli, J. Solomon, and V . Sharma, “Homomor- phic encryption methods applied to cloud computing: A practical architecture for elastic, verifiable confidential compute,”Cryptology ePrint Archive, 2025

  34. [34]

    Practical and efficient fhe-based mpc,

    N. P. Smart, “Practical and efficient fhe-based mpc,” inIMA International Conference on Cryptography and Coding. Springer, 2023, pp. 263–283

  35. [35]

    A survey of combinatorial test- ing,

    C. Nie and H. Leung, “A survey of combinatorial test- ing,”ACM Computing Surveys (CSUR), vol. 43, no. 2, pp. 1–29, 2011

  36. [36]

    Software fault interactions and implications for software testing,

    D. R. Kuhn, D. R. Wallace, and A. M. Gallo, “Software fault interactions and implications for software testing,” IEEE transactions on software engineering, vol. 30, no. 6, pp. 418–421, 2004

  37. [37]

    Combina- torial software testing,

    R. Kuhn, R. Kacker, Y . Lei, and J. Hunter, “Combina- torial software testing,”Computer, vol. 42, no. 8, pp. 94–96, 2009

  38. [38]

    Research artifacts

    Anonymous, “Research artifacts.” 2026

  39. [39]

    Confirmed bugs in HEIR,

    ——, “Confirmed bugs in HEIR,” 2026

  40. [40]

    Domato: Dom fuzzer,

    G. P. Zero, “Domato: Dom fuzzer,” https://github.com/g oogleprojectzero/domato, 2017

  41. [41]

    Homomorphic encryption as a service,

    G. AI, “Homomorphic encryption as a service,” https://www.graphapp.ai/engineering-glossary/cloud- computing/homomorphic-encryption-as-a-service, 2025

  42. [42]

    Microsoft seal: Build end-to- end encrypted data storage and computation services,

    Microsoft, “Microsoft seal: Build end-to- end encrypted data storage and computation services,” https://www.microsoft.com/en- us/research/project/microsoft-seal/, 2023

  43. [43]

    Enable fully homomorphic encryption with amazon sagemaker endpoints for secure, real-time inferencing,

    AWS, “Enable fully homomorphic encryption with amazon sagemaker endpoints for secure, real-time inferencing,” https://aws.amazon.com/blogs/machine- learning/enable-fully-homomorphic-encryption-with- amazon-sagemaker-endpoints-for-secure-real-time- inferencing/, 2023

  44. [44]

    Interpreter-guided differential jit compiler unit testing,

    G. Polito, S. Ducasse, and P. Tesone, “Interpreter-guided differential jit compiler unit testing,” inProceedings of the 43rd ACM SIGPLAN International Conference on Programming Language Design and Implementation, 2022, pp. 981–992

  45. [45]

    Finding unstable code via compiler- driven differential testing,

    S. Li and Z. Su, “Finding unstable code via compiler- driven differential testing,” inProceedings of the 28th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 3, 2023, pp. 238–251

  46. [46]

    Rustlantis: Randomized differen- tial testing of the rust compiler,

    Q. Wang and R. Jung, “Rustlantis: Randomized differen- tial testing of the rust compiler,”Proceedings of the ACM on Programming Languages, vol. 8, no. OOPSLA2, pp. 1955–1981, 2024

  47. [47]

    Automated testing of crypto software using differential fuzzing,

    J.-P. Aumasson and Y . Romailler, “Automated testing of crypto software using differential fuzzing,”Black Hat USA, vol. 7, p. 2017, 2017

  48. [48]

    Systematic fuzzing and testing of tls libraries,

    J. Somorovsky, “Systematic fuzzing and testing of tls libraries,” inProceedings of the 2016 ACM SIGSAC conference on computer and communications security, 2016, pp. 1492–1504

  49. [49]

    Dy fuzzing: Formal dolev-yao models meet cryptographic protocol fuzz testing,

    M. Ammann, L. Hirschi, and S. Kremer, “Dy fuzzing: Formal dolev-yao models meet cryptographic protocol fuzz testing,” in2024 IEEE Symposium on Security and Privacy (SP), 2024, pp. 1481–1499

  50. [50]

    From theory to code: identifying logical flaws in cryptographic implementations in c/c++,

    S. Rahaman, H. Cai, O. Chowdhury, and D. Yao, “From theory to code: identifying logical flaws in cryptographic implementations in c/c++,”IEEE transactions on de- pendable and secure computing, vol. 19, no. 6, pp. 3790– 3803, 2021

  51. [51]

    Cryptoguard: High precision detection of cryptographic vulnerabilities in massive-sized java projects,

    S. Rahaman, Y . Xiao, S. Afrose, F. Shaon, K. Tian, M. Frantz, M. Kantarcioglu, and D. Yao, “Cryptoguard: High precision detection of cryptographic vulnerabilities in massive-sized java projects,” inProceedings of the 2019 ACM SIGSAC Conference on Computer and Com- munications Security, 2019, pp. 2455–2472

  52. [52]

    Signed cryptographic program verification with typed cryptoline,

    Y .-F. Fu, J. Liu, X. Shi, M.-H. Tsai, B.-Y . Wang, and B.-Y . Yang, “Signed cryptographic program verification with typed cryptoline,” inProceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 2019, pp. 1591–1606

  53. [53]

    Silent bugs matter: a study of compiler- introduced security bugs,

    J. Xu, K. Lu, Z. Du, Z. Ding, L. Li, Q. Wu, M. Payer, and B. Mao, “Silent bugs matter: a study of compiler- introduced security bugs,” inProceedings of the 32nd USENIX Conference on Security Symposium. USENIX Association, 2023, pp. 3655–3672

  54. [54]

    {optfuzz}: Opti- mization path guided fuzzing for{javascript} {jit}com- pilers,

    J. Wang, Y . Kang, C. Wu, Y . Hu, Y . Sun, J. Ren, Y . Lai, M. Xie, C. Zhang, T. Li, and Z. Wang, “{optfuzz}: Opti- mization path guided fuzzing for{javascript} {jit}com- pilers,” in33rd USENIX Security Symposium (USENIX Security 24), 2024, pp. 865–882

  55. [55]

    Fuzzing javascript engines with a graph- based ir,

    H. Xu, Z. Jiang, Y . Wang, S. Fan, S. Xu, P. Xie, S. Fu, and M. Payer, “Fuzzing javascript engines with a graph- based ir,” inProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, 2024, pp. 3734– 3748

  56. [56]

    Dumpling: Fine-grained differential javascript engine fuzzing,

    L. Wachter, J. Gremminger, C. Wressnegger, M. Payer, and F. Toffalini, “Dumpling: Fine-grained differential javascript engine fuzzing,” inProceedings 2025 Network and Distributed System Security Symposium. Internet Society, 2025

  57. [57]

    Fuzzilli: Fuzzing for javascript jit compiler vulnera- bilities,

    S. Groß, S. Koch, L. Bernhard, T. Holz, and M. Johns, “Fuzzilli: Fuzzing for javascript jit compiler vulnera- bilities,” inProceedings 2023 Network and Distributed System Security Symposium. Internet Society, 2023

  58. [58]

    Finding and understanding bugs in c compilers,

    X. Yang, Y . Chen, E. Eide, and J. Regehr, “Finding and understanding bugs in c compilers,” inProceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation, 2011, pp. 283–294

  59. [59]

    Compiler validation via equivalence modulo inputs,

    V . Le, M. Afshari, and Z. Su, “Compiler validation via equivalence modulo inputs,”ACM Sigplan Notices, vol. 49, no. 6, pp. 216–226, 2014

  60. [60]

    Nnsmith: Generating diverse and valid test cases for deep learning compilers,

    J. Liu, J. Lin, F. Ruffy, C. Tan, J. Li, A. Panda, and L. Zhang, “Nnsmith: Generating diverse and valid test cases for deep learning compilers,” inProceedings of the 28th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 2, 2023, pp. 530–543

  61. [61]

    Deep learning library testing: Defini- tion, methods and challenges,

    X. Zhang, W. Jiang, C. Shen, Q. Li, Q. Wang, C. Lin, and X. Guan, “Deep learning library testing: Defini- tion, methods and challenges,”ACM Computing Surveys, vol. 57, no. 7, pp. 1–37, 2025. APPENDIX A. Comparison with a Generic Fuzzing Baseline To further isolate the benefit of HERTA’s FHE-aware design, we compare HERTA with a grammar-based fuzzer, Domat...