Sid,
Thanks for the new numbers. The first thing to get sorted out is
avoiding precomputation for every encryption/decryption. For the BC
implementation, if you are encrypting many small texts (with the same
key), you should keep the same GcmBlockCipher object and just call Init
for each iteration (important to change the IV). Ideally you'd pass a
null KeyParameter to indicate key re-use, though the cipher also will
detect that the key hasn't changed, so the penalty might not be too bad.
I've sent a pull request on github for my suggested changes along these
lines.
Another minor improvement is to simply increment the IV (e.g. the last 8
bytes, considered as an Int64) by one for each encryption instead of a
fully random IV each time, but I haven't tried that yet.
This will still leave us to explain the difference with OpenSSL, since
the result for 10MB/Tables64K is unlikely to improve much.
Let me add that I am not reading any complaining into your posts; this
sort of analysis is very welcome.
Regards,
Pete Dettman
