Implementation notes: amd64, colossus7, crypto_kem/ntskem1380

Computer: colossus7
Architecture: amd64
CPU ID: AuthenticAMD-00830f10-178bfbff
SUPERCOP version: 20210125
Operation: crypto_kem
Primitive: ntskem1380

Time	Object size	Test size	Implementation	Compiler	Benchmark date	SUPERCOP version
603090	126439 84 16	144710 888 1568	`T:avx2`	`clang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20210311	20210125
623992	99283 84 16	117798 888 1568	`T:avx2`	`clang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20210311	20210125
636322	99283 84 16	117798 888 1568	`T:avx2`	`clang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20210311	20210125
637312	80992 84 16	97536 880 1568	`T:avx2`	`clang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20210311	20210125
685192	75030 84 16	91680 880 1568	`T:sse2`	`clang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20210311	20210125
723082	92365 84 16	110910 888 1568	`T:sse2`	`clang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20210311	20210125
737910	117195 84 16	135518 888 1568	`T:sse2`	`clang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20210311	20210125
746168	92365 84 16	110910 888 1568	`T:sse2`	`clang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20210311	20210125
837653	105905 84 16	125726 888 1568	`T:opt`	`clang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20210311	20210125
935527	87756 84 16	107814 888 1568	`T:opt`	`clang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20210311	20210125
964823	87756 84 16	107814 888 1568	`T:opt`	`clang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20210311	20210125
1030117	69369 84 16	87464 880 1568	`T:opt`	`clang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20210311	20210125
1072733	133262 84 16	153694 888 1568	`T:opt`	`clang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20210311	20210125
8221883	38017 76 16	58694 872 1568	`T:ref`	`clang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20210311	20210125
8363902	34062 76 16	54878 872 1568	`T:ref`	`clang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20210311	20210125
8371508	34062 76 16	54878 872 1568	`T:ref`	`clang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20210311	20210125
8902845	42563 76 16	63342 872 1568	`T:ref`	`clang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20210311	20210125
9294390	22382 76 16	40544 864 1568	`T:ref`	`clang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20210311	20210125

Compiler output

Implementation: T:avx2
Security model: timingleaks
Compiler: clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

bitslice_bma_128.c: bitslice_bma_128.c:92:12: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'bit_reverse' that is compiled without support for 'ssse3'
bitslice_bma_128.c: return _mm_shuffle_epi8(x, _mm_set_epi8(0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15));
bitslice_bma_128.c: ^
bitslice_bma_128.c: 1 error generated.

Number of similar (compiler,implementation) pairs: 2, namely:

Compiler	Implementations
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:avx2 T:sse2

Namespace violations

Implementation: T:avx2
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

bitslice_bma_128.o bitslice_bma T
bitslice_fft_256.o _twist_factors13_80_128 R
bitslice_fft_256.o bitslice_fft13_256 T
bitslice_fft_256.o twiddle_factors R
bitslice_fft_256.o twist_factors D
ff.o bitslice_mul13_128 T
ff.o bitslice_mul13_256 T
ff.o bitslice_mul13_64 T
ff.o ff_add_m T
ff.o ff_create T
ff.o ff_inv_13 T
ff.o ff_mul_13 T
ff.o ff_reduce_13 T
ff.o ff_release T
ff.o ff_sqr_13 T
ff.o vector_ff_inv_13 T
ff.o vector_ff_mul_13 T
ff.o vector_ff_pow16_13 T
ff.o vector_ff_pow4_13 T
ff.o vector_ff_pow8_13 T
ff.o vector_ff_sqr_13 T
ff.o vector_ff_sqr_inv_13 T
ff.o vector_ff_transpose_xor_13 T
keccak.o shake_256 T
m4r.o _gray_codes_lut D
m4r.o _gray_codes_lut2 R
m4r.o _gray_codes_lut3 R
m4r.o _gray_codes_lut4 R
m4r.o _gray_codes_lut5 R
m4r.o _gray_codes_lut6 R
m4r.o _gray_codes_lut7 R
m4r.o _gray_codes_lut8 R
m4r.o _m4ri_gauss_submatrix T
m4r.o _m4ri_make_table_rev T
m4r.o m4r_rref T
matrix_ff2.o alloc_matrix_ff2 T
matrix_ff2.o calloc_matrix_ff2 T
matrix_ff2.o clone_matrix_ff2 T
matrix_ff2.o column_swap_matrix_ff2 T
matrix_ff2.o free_matrix_ff2 T
matrix_ff2.o is_equal_matrix_ff2 T
matrix_ff2.o reduce_row_echelon_matrix_ff2 T
matrix_ff2.o zero_matrix_ff2 T
nts_kem.o compute_syndrome T
nts_kem.o correct_error_and_recover_ke T
nts_kem.o create_matrix_G T
nts_kem.o create_random_goppa_polynomial T
nts_kem.o deserialise_private_key T
nts_kem.o fisher_yates_shuffle T
nts_kem.o is_valid_goppa_polynomial T
nts_kem.o load_input_ciphertext T
nts_kem.o nts_kem_ciphertext_size T
nts_kem.o nts_kem_create T
nts_kem.o nts_kem_decapsulate T
nts_kem.o nts_kem_encapsulate T
nts_kem.o nts_kem_init_from_private_key T
nts_kem.o nts_kem_key_size T
nts_kem.o nts_kem_release T
nts_kem.o pack_buffer T
nts_kem.o random_vector T
nts_kem.o serialise_private_key T
nts_kem.o serialise_public_key T
nts_kem.o unpack_buffer T
polynomial.o clone_poly T
polynomial.o create_random_poly T
polynomial.o evaluate_poly T
polynomial.o formal_derivative_poly T
polynomial.o free_poly T
polynomial.o gcd_poly T
polynomial.o init_poly T
polynomial.o is_equal_poly T
polynomial.o modulo_reduce_poly T
polynomial.o poly_from_roots T
polynomial.o update_poly_degree T
polynomial.o zero_poly T
random.o random_uint16_bounded T
random.o randombit T
utils.o cpucycles T
utils.o cpucycles_persecond T
vector_utils.o vector_ff_or_256 T
vector_utils.o vector_ff_or_64 T
vector_utils.o vector_load_1d_128 T
vector_utils.o vector_load_1d_256 T
vector_utils.o vector_load_1d_64 T
vector_utils.o vector_load_2d_128 T
vector_utils.o vector_load_2d_256 T
vector_utils.o vector_load_2d_64 T
vector_utils.o vector_store_1d_256 T
vector_utils.o vector_store_1d_64 T
vector_utils.o vector_store_2d_256 T
vector_utils.o vector_store_2d_64 T

Number of similar (compiler,implementation) pairs: 4, namely:

Compiler	Implementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:avx2
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:avx2
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:avx2
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:avx2

Namespace violations

Implementation: T:opt
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

bitslice_bma_64.o bitslice_bma T
bitslice_fft_64.o _twist_factors13_80_64 R
bitslice_fft_64.o bitslice_fft13_64 T
bitslice_fft_64.o twiddle_factors R
bitslice_fft_64.o twist_factors D
ff.o bitslice_mul13_64 T
ff.o ff_add_m T
ff.o ff_create T
ff.o ff_inv_13 T
ff.o ff_mul_13 T
ff.o ff_reduce_13 T
ff.o ff_release T
ff.o ff_sqr_13 T
ff.o vector_ff_inv_13 T
ff.o vector_ff_mul_13 T
ff.o vector_ff_pow16_13 T
ff.o vector_ff_pow4_13 T
ff.o vector_ff_pow8_13 T
ff.o vector_ff_sqr_13 T
ff.o vector_ff_sqr_inv_13 T
ff.o vector_ff_transpose_xor_13 T
keccak.o shake_256 T
m4r.o _gray_codes_lut D
m4r.o _gray_codes_lut2 R
m4r.o _gray_codes_lut3 R
m4r.o _gray_codes_lut4 R
m4r.o _gray_codes_lut5 R
m4r.o _gray_codes_lut6 R
m4r.o _gray_codes_lut7 R
m4r.o _gray_codes_lut8 R
m4r.o _m4ri_gauss_submatrix T
m4r.o _m4ri_make_table_rev T
m4r.o m4r_rref T
matrix_ff2.o alloc_matrix_ff2 T
matrix_ff2.o calloc_matrix_ff2 T
matrix_ff2.o clone_matrix_ff2 T
matrix_ff2.o column_swap_matrix_ff2 T
matrix_ff2.o free_matrix_ff2 T
matrix_ff2.o is_equal_matrix_ff2 T
matrix_ff2.o reduce_row_echelon_matrix_ff2 T
matrix_ff2.o zero_matrix_ff2 T
nts_kem.o compute_syndrome T
nts_kem.o correct_error_and_recover_ke T
nts_kem.o create_matrix_G T
nts_kem.o create_random_goppa_polynomial T
nts_kem.o deserialise_private_key T
nts_kem.o fisher_yates_shuffle T
nts_kem.o is_valid_goppa_polynomial T
nts_kem.o load_input_ciphertext T
nts_kem.o nts_kem_ciphertext_size T
nts_kem.o nts_kem_create T
nts_kem.o nts_kem_decapsulate T
nts_kem.o nts_kem_encapsulate T
nts_kem.o nts_kem_init_from_private_key T
nts_kem.o nts_kem_key_size T
nts_kem.o nts_kem_release T
nts_kem.o pack_buffer T
nts_kem.o random_vector T
nts_kem.o serialise_private_key T
nts_kem.o serialise_public_key T
nts_kem.o unpack_buffer T
polynomial.o clone_poly T
polynomial.o create_random_poly T
polynomial.o evaluate_poly T
polynomial.o formal_derivative_poly T
polynomial.o free_poly T
polynomial.o gcd_poly T
polynomial.o init_poly T
polynomial.o is_equal_poly T
polynomial.o modulo_reduce_poly T
polynomial.o poly_from_roots T
polynomial.o update_poly_degree T
polynomial.o zero_poly T
random.o random_uint16_bounded T
random.o randombit T
vector_utils.o vector_ff_or_64 T
vector_utils.o vector_load_1d_64 T
vector_utils.o vector_load_2d_64 T
vector_utils.o vector_store_1d_64 T
vector_utils.o vector_store_2d_64 T

Number of similar (compiler,implementation) pairs: 5, namely:

Compiler	Implementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:opt
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:opt
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:opt
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:opt
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:opt

Namespace violations

Implementation: T:ref
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

additive_fft.o _additive_fft_construct_basis T
additive_fft.o _additive_fft_core T
additive_fft.o _additive_fft_ff_value T
additive_fft.o additive_fft T
additive_fft.o ff_poly_taylor_expansion T
berlekamp_massey.o berlekamp_massey T
ff.o ff_add_m T
ff.o ff_create T
ff.o ff_inv_13 T
ff.o ff_mul_13 T
ff.o ff_reduce_13 T
ff.o ff_release T
ff.o ff_sqr_13 T
keccak.o Keccak T
keccak.o KeccakF1600_StatePermute T
keccak.o LFSR86540 T
keccak.o sha3_256 T
keccak.o sha3_384 T
keccak.o sha3_512 T
keccak.o shake_256 T
m4r.o _gray_codes_lut D
m4r.o _gray_codes_lut2 R
m4r.o _gray_codes_lut3 R
m4r.o _gray_codes_lut4 R
m4r.o _gray_codes_lut5 R
m4r.o _gray_codes_lut6 R
m4r.o _gray_codes_lut7 R
m4r.o _gray_codes_lut8 R
m4r.o _m4ri_gauss_submatrix T
m4r.o _m4ri_make_table_rev T
m4r.o m4r_rref T
matrix_ff2.o alloc_matrix_ff2 T
matrix_ff2.o calloc_matrix_ff2 T
matrix_ff2.o clone_matrix_ff2 T
matrix_ff2.o column_swap_matrix_ff2 T
matrix_ff2.o free_matrix_ff2 T
matrix_ff2.o is_equal_matrix_ff2 T
matrix_ff2.o reduce_row_echelon_matrix_ff2 T
matrix_ff2.o zero_matrix_ff2 T
nts_kem.o compute_syndrome T
nts_kem.o correct_error_and_recover_ke T
nts_kem.o create_matrix_G T
nts_kem.o create_random_goppa_polynomial T
nts_kem.o deserialise_private_key T
nts_kem.o fisher_yates_shuffle T
nts_kem.o is_valid_goppa_polynomial T
nts_kem.o nts_kem_ciphertext_size T
nts_kem.o nts_kem_create T
nts_kem.o nts_kem_decapsulate T
nts_kem.o nts_kem_encapsulate T
nts_kem.o nts_kem_init_from_private_key T
nts_kem.o nts_kem_key_size T
nts_kem.o nts_kem_release T
nts_kem.o pack_buffer T
nts_kem.o random_vector T
nts_kem.o serialise_private_key T
nts_kem.o serialise_public_key T
nts_kem.o unpack_buffer T
polynomial.o clone_poly T
polynomial.o create_random_poly T
polynomial.o evaluate_poly T
polynomial.o formal_derivative_poly T
polynomial.o free_poly T
polynomial.o gcd_poly T
polynomial.o init_poly T
polynomial.o is_equal_poly T
polynomial.o modulo_reduce_poly T
polynomial.o poly_from_roots T
polynomial.o update_poly_degree T
polynomial.o zero_poly T
random.o random_uint16_bounded T
random.o randombit T
stack.o stack_create T
stack.o stack_free T
stack.o stack_pop T
stack.o stack_push T
stack.o stack_size T

Number of similar (compiler,implementation) pairs: 5, namely:

Compiler	Implementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:ref
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:ref
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:ref
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:ref
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:ref

Namespace violations

Implementation: T:sse2
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

bitslice_bma_128.o bitslice_bma T
bitslice_fft_128.o _twist_factors13_80_128 R
bitslice_fft_128.o bitslice_fft13_128 T
bitslice_fft_128.o twiddle_factors R
bitslice_fft_128.o twist_factors D
ff.o bitslice_mul13_128 T
ff.o bitslice_mul13_64 T
ff.o ff_add_m T
ff.o ff_create T
ff.o ff_inv_13 T
ff.o ff_mul_13 T
ff.o ff_reduce_13 T
ff.o ff_release T
ff.o ff_sqr_13 T
ff.o vector_ff_inv_13 T
ff.o vector_ff_mul_13 T
ff.o vector_ff_pow16_13 T
ff.o vector_ff_pow4_13 T
ff.o vector_ff_pow8_13 T
ff.o vector_ff_sqr_13 T
ff.o vector_ff_sqr_inv_13 T
ff.o vector_ff_transpose_xor_13 T
keccak.o shake_256 T
m4r.o _gray_codes_lut D
m4r.o _gray_codes_lut2 R
m4r.o _gray_codes_lut3 R
m4r.o _gray_codes_lut4 R
m4r.o _gray_codes_lut5 R
m4r.o _gray_codes_lut6 R
m4r.o _gray_codes_lut7 R
m4r.o _gray_codes_lut8 R
m4r.o _m4ri_gauss_submatrix T
m4r.o _m4ri_make_table_rev T
m4r.o m4r_rref T
matrix_ff2.o alloc_matrix_ff2 T
matrix_ff2.o calloc_matrix_ff2 T
matrix_ff2.o clone_matrix_ff2 T
matrix_ff2.o column_swap_matrix_ff2 T
matrix_ff2.o free_matrix_ff2 T
matrix_ff2.o is_equal_matrix_ff2 T
matrix_ff2.o reduce_row_echelon_matrix_ff2 T
matrix_ff2.o zero_matrix_ff2 T
nts_kem.o compute_syndrome T
nts_kem.o correct_error_and_recover_ke T
nts_kem.o create_matrix_G T
nts_kem.o create_random_goppa_polynomial T
nts_kem.o deserialise_private_key T
nts_kem.o fisher_yates_shuffle T
nts_kem.o is_valid_goppa_polynomial T
nts_kem.o load_input_ciphertext T
nts_kem.o nts_kem_ciphertext_size T
nts_kem.o nts_kem_create T
nts_kem.o nts_kem_decapsulate T
nts_kem.o nts_kem_encapsulate T
nts_kem.o nts_kem_init_from_private_key T
nts_kem.o nts_kem_key_size T
nts_kem.o nts_kem_release T
nts_kem.o pack_buffer T
nts_kem.o random_vector T
nts_kem.o serialise_private_key T
nts_kem.o serialise_public_key T
nts_kem.o unpack_buffer T
polynomial.o clone_poly T
polynomial.o create_random_poly T
polynomial.o evaluate_poly T
polynomial.o formal_derivative_poly T
polynomial.o free_poly T
polynomial.o gcd_poly T
polynomial.o init_poly T
polynomial.o is_equal_poly T
polynomial.o modulo_reduce_poly T
polynomial.o poly_from_roots T
polynomial.o update_poly_degree T
polynomial.o zero_poly T
random.o random_uint16_bounded T
random.o randombit T
utils.o cpucycles T
utils.o cpucycles_persecond T
vector_utils.o vector_ff_or_128 T
vector_utils.o vector_ff_or_64 T
vector_utils.o vector_load_1d_128 T
vector_utils.o vector_load_1d_64 T
vector_utils.o vector_load_2d_128 T
vector_utils.o vector_load_2d_64 T
vector_utils.o vector_store_1d_128 T
vector_utils.o vector_store_1d_64 T
vector_utils.o vector_store_2d_128 T
vector_utils.o vector_store_2d_64 T

Number of similar (compiler,implementation) pairs: 4, namely:

Compiler	Implementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:sse2
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:sse2
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:sse2
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:sse2