JDK-8000367 : Avoid key expansion when AES cipher is re-init w/ the same key
  • Type: Backport
  • Backport of: JDK-7185471
  • Component: security-libs
  • Sub-Component: javax.crypto
  • Affected Version: 8
  • Priority: P4
  • Status: Closed
  • Resolution: Fixed
  • Submitted: 2012-10-03
  • Updated: 2012-11-13
  • Resolved: 2012-10-05
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
7u10 b12Fixed 8Fixed
Consider an application which holds on to a Cipher object for AES and keeps the same key but calls Cipher.init to change the Cipher between encryption and decryption.  The current code in AESCrypt.java recomputes the expanded key (which is an expensive operation) with each call to init.

One possible optimization is to save the key and, if it has not changed, skip recomputation on subsequent calls to Cipher.init. It'd also benefit the performance if the key expansion which currently is done in the method setSubKey() is moved to the same time when the keys are recomputed.