diff --git a/nfq2/crypto/aes-ctr.c b/nfq2/crypto/aes-ctr.c
index 28aa4b9..4c351d4 100644
--- a/nfq2/crypto/aes-ctr.c
+++ b/nfq2/crypto/aes-ctr.c
@@ -3,46 +3,55 @@
 
 #define AES_BLOCKLEN 16
 
+#if defined(__GNUC__) && !defined(__llvm__)
+__attribute__((optimize ("no-strict-aliasing")))
+#endif
 void aes_ctr_xcrypt_buffer(aes_context *ctx, const uint8_t *iv, const uint8_t *in, size_t length, uint8_t *out)
 {
 	uint8_t bi, buffer[AES_BLOCKLEN], ivc[AES_BLOCKLEN];
-	size_t i;
+	size_t i, l16 = length & ~0xF;
 
-	memcpy(ivc,iv,AES_BLOCKLEN);
+	memcpy(ivc, iv, AES_BLOCKLEN);
 
-	for (i = 0, bi = AES_BLOCKLEN; i < length; ++i, ++bi)
+	for (i = 0; i < l16; i += 16)
 	{
-		if (bi == AES_BLOCKLEN) /* we need to regen xor complement in buffer */
-		{
-			memcpy(buffer, ivc, AES_BLOCKLEN);
-			aes_cipher(ctx, buffer, buffer);
+		memcpy(buffer, ivc, AES_BLOCKLEN);
+		aes_cipher(ctx, buffer, buffer);
 
-			/* Increment ivc and handle overflow */
-			for (bi = (AES_BLOCKLEN - 1); bi >= 0; --bi)
+		// Increment ivc and handle overflow
+		for (bi = (AES_BLOCKLEN - 1); bi >= 0; --bi)
+		{
+			// inc will owerflow
+			if (ivc[bi] == 255)
 			{
-				/* inc will owerflow */
-				if (ivc[bi] == 255)
-				{
-					ivc[bi] = 0;
-					continue;
-				}
-				ivc[bi] += 1;
-				break;
+				ivc[bi] = 0;
+				continue;
 			}
-			bi = 0;
+			ivc[bi]++;;
+			break;
 		}
-		out[i] = in[i] ^ buffer[bi];
+		*((uint64_t*)(out + i)) = *((uint64_t*)(in + i)) ^ ((uint64_t*)buffer)[0];
+		*((uint64_t*)(out + i + 8)) = *((uint64_t*)(in + i + 8)) ^ ((uint64_t*)buffer)[1];
+	}
+
+	if (i<length)
+	{
+		memcpy(buffer, ivc, AES_BLOCKLEN);
+		aes_cipher(ctx, buffer, buffer);
+
+		for (bi=0 ; i < length; i++, bi++)
+			out[i] = in[i] ^ buffer[bi];
 	}
 }
 
-int aes_ctr_crypt(const uint8_t *key, const size_t key_len, const uint8_t *iv, const uint8_t *in, size_t length, uint8_t *out)
+int aes_ctr_crypt(const uint8_t *key, unsigned int key_len, const uint8_t *iv, const uint8_t *in, size_t length, uint8_t *out)
 {
-	int ret=0;
+	int ret = 0;
 	aes_context ctx;
 
 	aes_init_keygen_tables();
 
-	if (!(ret=aes_setkey(&ctx, AES_ENCRYPT, key, key_len)))
+	if (!(ret = aes_setkey(&ctx, AES_ENCRYPT, key, key_len)))
 		aes_ctr_xcrypt_buffer(&ctx, iv, in, length, out);
 
 	return ret;
diff --git a/nfq2/crypto/aes-ctr.h b/nfq2/crypto/aes-ctr.h
index 107ca0f..93a1564 100644
--- a/nfq2/crypto/aes-ctr.h
+++ b/nfq2/crypto/aes-ctr.h
@@ -4,4 +4,5 @@
 #include "aes.h"
 
 void aes_ctr_xcrypt_buffer(aes_context *ctx, const uint8_t *iv, const uint8_t *in, size_t length, uint8_t *out);
-int aes_ctr_crypt(const uint8_t *key, const size_t key_len, const uint8_t *iv, const uint8_t *in, size_t length, uint8_t *out);
+int aes_ctr_crypt(const uint8_t *key, unsigned int key_len, const uint8_t *iv, const uint8_t *in, size_t length, uint8_t *out);
+