My use case includes encrypting large amounts of sensitive data in petabyte order using AES with GCM in Java, and I will need high bandwidth to complete this task in a reasonable amount of time.
As previously said and answered , AES / GCM is still badly crippled in the latest JDK 8 (~ 17 MB / s on my hardware). I am pleased to know that JEP 246 to add significant hardware acceleration for GCM made it on the roadmap for Java 9, however the general availability for the next major version of Java has been pushed for a year more than a year when I write this.
So far, the fastest implementation I have found is the Bouncy Castle provider, with no hardware acceleration and bandwidth of about 170 MB / s . I know that my equipment supports acceleration by running tests of my own GnuTLS libraries (gnutls-cli --benchmark-ciphers) and OpenSSL (openssl speed -evp aes-128-gcm), and to synchronize AES / GCM in 2 GB / s mode . Unfortunately, I cannot find the current Java shell around any of them. The closest I encountered is Apache JuiCE , built on OpenSSL, but it was abandoned more than 8 years ago.
Does anyone come across a JCE provider that supports hardware acceleration for AES / GCM, which I could use in the short term, commercial or open source?
source
share