JEP 164: Leverage CPU Instructions for AES Cryptography

OwnerVladimir Kozlov
StatusClosed / Delivered
Discussionhotspot dash compiler dash dev at openjdk dot java dot net
Reviewed byMikael Vidstedt
Endorsed byMikael Vidstedt
Created2012/08/22 20:00
Updated2017/06/15 18:21


Improve the out-of-box AES Crypto performance by using x86 AES instructions when available, and by avoiding unnecessary re-expansion of the AES key.


AES encryption is common in applications and such applications expect good performance. We should make it easy to get that good performance out of the box for processors that support AES instructions in hardware.


The intent of this change is to improve the out-of-the-box performance of applications that use AES cryptography. The hotspot compiler change (7184394) and the security library change (7185471) are actually completely independent except for the fact that they are both related to AES performance.

The hotspot compiler AES instruction generation happens automatically if the x86 processor supports such instructions (there is a flag to turn this off if desired). These instructions can be generated on either 64-bit or 32-bit x86 systems. Other CPU types are not affected.

The library change helps applications which use the same key but re-initialize the Cipher object, switching between encrypting and decrypting. Avoiding re-expansion of the key (7185471) changes only private variables within the com.sun.crypto.provider.AESCrypt class. No other classes are affected.


This change can be tested by standard benchmarks and application server test suites, either on systems that support x86 AES instructions or on systems that do not support x86 AES instructions to ensure there are no unintended side effects.