Most of the cryptographic operations are offloaded to native code (firmware code in C that is compiled to machine level code) and hardware of the secure environment. Even so, some cryptographic operations are lengthy (particularly RSA key generation, which can take more than a minute) and should be avoided in main usage flows where possible. If necessary, keys can be cached in trusted application memory, or encrypted and passed to the host using platform-binding keys. See Intel® DAL Environment Performance
for more details.