I think "as slow as possible" is good for the initial key exchange, or for storing keys at rest. The point is to make offline key recovery (by guessing) more difficult. But once you have a good key, the ciphertext is already completely scrambled. Slowing down won't make that part any harder.