We have developed an application to encrypt/decrypt a request/response from/to server. We were doing performance testing of encryption/decryption application where we have observed that encryption/decryption process is taking time, while many threads are doing it at the same time. To identify an issue, we have logged every methods that are part of encryption/decryption process. From logger we have found that Key Fetching process is taking 70-80% of time from overall time of process.

1. We have used AES algorithm for encryption/decryption
2. AES key is stored in key store with unique id.
3. Before encryption/decryption process, we fetch AES key stored against unique id from key store & perform encryption/decryption.
4. Performance is getting worse when key store size is getting increased.

On further analysis, we have found that Key store is internally using HashTable. Is this giving performance issue?

When Key store size is 2002 --- TPS is 85 Key store size is 14007 -- TPS is 38

Please help.

Note: This answer bases on assumptions as you do not provide any details on the used keystore format (JKS, BKS, JCEKS, ...).

I assume that every time you need the key, you load the Java keystore from file (JKS format).

The key store is protected by a password and even if you don't use it (empty password) the password string is used to generate the encryption key that protects the Java keystore.

Your main problem is that the key derivation process from the password incorporates an anti-brute-force algorithm which performs 1000 or more iterations of SHA1 on the password. This consumes a lot of time which is the intended result as it exists for slowing down brute-force attacks.

Edit: It seems like the JKS format not only performs this operation when loading but also when loading a key.

Conclusion: Don't load the Java Keystore or the key every time. It is not designed to be loaded more than once in a minute.

I was facing this issue... and I have answered this on bellow post.

Issue related to execution speed varies with different operation system platform.

Jvm loads key store in memory. And its having hashtable collection as internal storage.

Hashtable is synchronized.

Whenever you perform get operation from key store, than it will return it from in-memory key store not from physical keystore. You can confirm it by using ("top" - %wa section) command in linux base OS.

Key store is using hashtable and it is the root cause behind performance decriment.

I have solved this issue by loading all keys from keystore into ConcurrentHashMap while initializing the project. and later on, All the read operation will be performed from MAP instead of keystore. And make sure that all write operation will be perform on both keystore and MAP.

Java Keystore.getKey() slow while Key store size Increase

Hope this will help..