3

I'm using AES-GCM with the BouncyCastle provider in Java and it works fine. The NIST documentation seems to suggest that GCM is an algorithm that allows parallelization -- however, on looking at the Java API I fail to understand how parallelizing can be made possible(all the internal counters, IV etc are private fields).

How can I go about parallelizing the AES-GCM encryption/decryption code without accessing these private fields? Is the Java BC API limited in this regard?

Eran
  • 387,369
  • 54
  • 702
  • 768
  • 2
    Yes. Most general-purpose cryptography libraries do not let you parallelize encryption at this level and instead opt for an init/update/final interface which leaves little flexibility. If BouncyCastle doesn't explicitly support this, you are probably not going to be able to shoehorn it in. – Thomas Apr 29 '13 at 06:18
  • 2
    Our site doesn't really deal much with specific cryptographic libraries, so you might be better off asking this on stackoverflow. If you would like me to move it, let me know. – mikeazo Apr 29 '13 at 11:30
  • 2
    @Thomas: For GCM, that kind of shoehorning _might_ just be possible, depending on the exact API provided by the library. In particular, it's _almost_ possible to break a message into pieces, encrypt each piece with GCM mode and assemble the results into a valid GCM encryption of the whole message; there are just a few pesky little interface details, like the restrictive IV processing, that can get in the way. Still, even if possible, it's not easy and definitely counts as using the interface in a way it was not meant to be used. – Ilmari Karonen Apr 29 '13 at 19:31
  • I'm going to move this to Stackoverflow with the hopes that you get some answers. – mikeazo Apr 30 '13 at 11:45

0 Answers0