Current spec says that we use AES, but that is a big too high-level IMO.
In particular, when using AES-NI intrinsics, there are a few distinct intrinsics that can be used.
Here is what encoding looked like in our old experiments:
Plus we need to load/store the data in some cases:
So how many rounds of AES we need to do and why? AES-128 may not be the most optimal here.
Note that we don’t have to stick to regular AES-128/192/256 10/12/14 rounds, we can technically do any number of rounds internally.