2

I wonder if anyone knows if BouncyCastle's AES engines support hardware acceleration, e.g., make use of AES-NI. My understanding is that some "native code" need to be invoked in order to be accelerated, but I couldn't find any.

Are BC's AES engines completely software implementations? If so, that's not so good given that many modern MCUs/CPUs provide AES modules - correct? A similar question was asked about 5 years ago, but the situation was somewhat different as hardware acceleration was not prevalent.

Community
  • 1
  • 1
Kar
  • 6,063
  • 7
  • 53
  • 82
  • There are instructions in the CPU that are special made for AES. One of them, for example, does a single round of AES. As this round function is all in hardware, it is very fast. As for Bouncy Castle's library, I don't know. I imagine the only way to access those instructions is to write the assembly by hand. It seems unlikely a compiler would recognize AES when it sees it and shift it to those special CPU instructions in the compiled code. On the other hand, maybe there is a special function in C++ that expressly compiles to those instructions. But if BC did any of this, I don't know – WDS Sep 18 '15 at 20:34
  • 2
    Bouncycastle is pure Java, and thus will not take advantage of AES hardware. Actually, a good Java JIT compiler could in principle figure this out, but in reality no Java compiler will ever be that smart. – President James K. Polk Sep 18 '15 at 22:19
  • According to http://bouncy-castle.1462172.n4.nabble.com/AES-NI-support-td3305120.html it is not supported yet. – pd40 Sep 20 '15 at 11:56

1 Answers1

1

According to Bouncy Castle it is not supported and will not be supported: https://github.com/bcgit/bc-java/issues/221

Michael
  • 10,063
  • 18
  • 65
  • 104