I think, the biggest latency hit will be from re-encrypting a symmetric key which encrypts messages, once in a while. This will result in occasional delays of ~0.25 ms (that's how much one operation with elliptic curve crypto takes).
The other bottleneck will be from the block cipher, when you actually encrypt/decrypt messages. Our open source version currently doesn't use AES-NI for that, so limited by performance of unaccelerated AES256 (few hundred k messages per second). This impact can be made negligible when using AES-NI (will come soon).
When using granular encryption, the performance bottleneck will shift to parsing messages (avro, for example), and will be limited by the performance of the parser.
