Performance
Post-quantum security without the speed tax — hardware-accelerated, measured, and getting faster.
Encryption that keeps up
Post-quantum protection is applied to every object — yet it is not where the time goes. KerPlace uses hardware-accelerated AES-256-GCM (assembly + vector instructions) for the data and ML-KEM for the keys, so encryption rides along with the I/O rather than gating it.
Measured, not claimed
KerPlace carries a committed benchmark harness: microbenchmarks of the inner loops, end-to-end S3 load tests, and CPU profiling. An optimization is accepted only when it shows a real, reproducible gain — the numbers live in the repository, not on a slide.
Recent gains
The latest release, with encryption on:
- ≈ +25% faster reads — the bulk cipher now runs on a hardware-accelerated implementation.
- up to ≈ 2× faster single-stream writes — by removing a redundant hashing pass that added nothing for encrypted objects.
Both were validated end-to-end before shipping, and both keep the on-disk format unchanged.
Fast and durable, together
Throughput does not come at the cost of safety. Erasure coding and per-shard integrity hashing run inline on the write path, so every object is encrypted and recoverable as it lands — no separate pass, no trade-off.
Scales with your hardware
KerPlace runs on ordinary x86-64 servers and exploits modern CPU cryptography and SIMD where present. Faster disks and CPUs make it faster — there is no external service in the data path to throttle it, and nothing to license per gigabyte.
Full detail, source & scripts in the repository → https://github.com/agalletero/kerplace/blob/main/docs/PERFORMANCE.md