Spring's decryption is in native code, I didn't measure the performance but from your description of the issue I'd say it's probably js-specific problem.