This work addresses privacy leakage risks in millimeter-wave radar sensing by proposing the first end-to-end fully homomorphic encryption (FHE) framework that encrypts raw range profiles on lightweight edge devices and enables direct ciphertext-based signal processing and machine learning inference on untrusted cloud servers. The core contribution comprises seven composable, data-agnostic FHE kernels that support flexible pipeline construction and provide formal security guarantees for input privacy and execution trace consistency. Experimental results demonstrate a mean absolute error below 10⁻³ bpm for heart and respiratory rate monitoring, gesture recognition accuracy of 84.5% (compared to 84.7% in plaintext), with cloud-side processing latencies of 103 seconds for a 10-second vital-sign window and 37 seconds for a 3-second gesture window.

We present mmFHE, the first system that enables fully homomorphic encryption (FHE) for end-to-end mmWave radar sensing. mmFHE encrypts raw range profiles on a lightweight edge device and executes the entire mmWave signal-processing and ML inference pipeline homomorphically on an untrusted cloud that operates exclusively on ciphertexts. At the core of mmFHE is a library of seven composable, data-oblivious FHE kernels that replace standard DSP routines with fixed arithmetic circuits. These kernels can be flexibly composed into different application-specific pipelines. We demonstrate this approach on two representative tasks: vital-sign monitoring and gesture recognition. We formally prove two cryptographic guarantees for any pipeline assembled from this library: input privacy, the cloud learns nothing about the sensor data; and data obliviousness, the execution trace is identical on the cloud regardless of the data being processed. These guarantees effectively neutralize various supervised and unsupervised privacy attacks on raw data, including re-identification and data-dependent privacy leakage. Evaluation on three public radar datasets (270 vital-sign recordings, 600 gesture trials) shows that encryption introduces negligible error: HR/RR MAE <10^-3 bpm versus plaintext, and 84.5% gesture accuracy (vs. 84.7% plaintext) with end-to-end cloud GPU latency of 103s for a 10s vital-sign window and 37s for a 3s gesture window. These results show that privacy-preserving end-to-end mmWave sensing is feasible on commodity hardware today.