The properties that are encrypted need to be accessible from the server side as the encryption mechanism relies on a location that is not web accessible from a client for security purposes. There is minimal performance overhead for encrypting and decrypting a property. However, it should be noted that the underlying implementation of the Java keystore relies on a singleton pattern and access to the keystore is synchronized.