Implementation notes: amd64, gcc123, crypto_encrypt/ntruees743ep1

Computer: gcc123
Architecture: amd64
CPU ID: GenuineIntel-000206d7-bfebfbff
SUPERCOP version: 20220213
Operation: crypto_encrypt
Primitive: ntruees743ep1

Time	Object size	Test size	Implementation	Compiler	Benchmark date	SUPERCOP version
318067	41444 864 64	64320 1748 1864	`T:ref`	`gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20210202	20210114
318945	42962 864 64	66144 1748 1864	`T:ref`	`gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20210202	20210114
323257	55507 864 64	80192 1748 1864	`T:ref`	`gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20210202	20210114
398142	36735 864 64	58616 1740 1832	`T:ref`	`gcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20210202	20210114

Compiler output

Implementation: T:ref
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

ntru_crypto_ntru_poly.c: ntru_crypto_ntru_poly.c:1002:17: error: argument value 65535 is outside the valid range [0, 255] [-Wargument-outside-range]
ntru_crypto_ntru_poly.c: abroad[0] = _mm_shuffle_epi32(ai8h, 0xFFFF);
ntru_crypto_ntru_poly.c: ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ntru_crypto_ntru_poly.c: /usr/lib/llvm-7/lib/clang/7.0.1/include/emmintrin.h:4347:12: note: expanded from macro '_mm_shuffle_epi32'
ntru_crypto_ntru_poly.c: (__m128i)__builtin_ia32_pshufd((__v4si)(__m128i)(a), (int)(imm))
ntru_crypto_ntru_poly.c: ^ ~~~~~~~~~~
ntru_crypto_ntru_poly.c: ntru_crypto_ntru_poly.c:1003:17: error: argument value 43690 is outside the valid range [0, 255] [-Wargument-outside-range]
ntru_crypto_ntru_poly.c: abroad[1] = _mm_shuffle_epi32(ai8h, 0xAAAA);
ntru_crypto_ntru_poly.c: ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ntru_crypto_ntru_poly.c: /usr/lib/llvm-7/lib/clang/7.0.1/include/emmintrin.h:4347:12: note: expanded from macro '_mm_shuffle_epi32'
ntru_crypto_ntru_poly.c: (__m128i)__builtin_ia32_pshufd((__v4si)(__m128i)(a), (int)(imm))
ntru_crypto_ntru_poly.c: ^ ~~~~~~~~~~
ntru_crypto_ntru_poly.c: ntru_crypto_ntru_poly.c:1004:17: error: argument value 21845 is outside the valid range [0, 255] [-Wargument-outside-range]
ntru_crypto_ntru_poly.c: abroad[2] = _mm_shuffle_epi32(ai8h, 0x5555);
ntru_crypto_ntru_poly.c: ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ntru_crypto_ntru_poly.c: /usr/lib/llvm-7/lib/clang/7.0.1/include/emmintrin.h:4347:12: note: expanded from macro '_mm_shuffle_epi32'
ntru_crypto_ntru_poly.c: (__m128i)__builtin_ia32_pshufd((__v4si)(__m128i)(a), (int)(imm))
ntru_crypto_ntru_poly.c: ^ ~~~~~~~~~~
ntru_crypto_ntru_poly.c: ntru_crypto_ntru_poly.c:1007:17: error: argument value 65535 is outside the valid range [0, 255] [-Wargument-outside-range]
ntru_crypto_ntru_poly.c: abroad[4] = _mm_shuffle_epi32(ai8l, 0xFFFF);
ntru_crypto_ntru_poly.c: ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ntru_crypto_ntru_poly.c: /usr/lib/llvm-7/lib/clang/7.0.1/include/emmintrin.h:4347:12: note: expanded from macro '_mm_shuffle_epi32'
ntru_crypto_ntru_poly.c: (__m128i)__builtin_ia32_pshufd((__v4si)(__m128i)(a), (int)(imm))
ntru_crypto_ntru_poly.c: ^ ~~~~~~~~~~
ntru_crypto_ntru_poly.c: ntru_crypto_ntru_poly.c:1008:17: error: argument value 43690 is outside the valid range [0, 255] [-Wargument-outside-range]
ntru_crypto_ntru_poly.c: ...

Number of similar (compiler,implementation) pairs: 4, namely:

Compiler	Implementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:ref
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:ref
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:ref
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:ref

Compiler output

Implementation: T:ref
Security model: timingleaks
Compiler: clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

ntru_crypto_sha1.c: ntru_crypto_sha1.c:85:33: warning: '&' within '^' [-Wbitwise-op-parentheses]
ntru_crypto_sha1.c: E += RL(A, 5) + K00_19 + (B & (C ^ D) ^ D) + data[ 0]; B = RL(B, 30);
ntru_crypto_sha1.c: ~~^~~~~~~~~ ~
ntru_crypto_sha1.c: ntru_crypto_sha1.c:85:33: note: place parentheses around the '&' expression to silence this warning
ntru_crypto_sha1.c: E += RL(A, 5) + K00_19 + (B & (C ^ D) ^ D) + data[ 0]; B = RL(B, 30);
ntru_crypto_sha1.c: ^
ntru_crypto_sha1.c: ( )
ntru_crypto_sha1.c: ntru_crypto_sha1.c:86:33: warning: '&' within '^' [-Wbitwise-op-parentheses]
ntru_crypto_sha1.c: D += RL(E, 5) + K00_19 + (A & (B ^ C) ^ C) + data[ 1]; A = RL(A, 30);
ntru_crypto_sha1.c: ~~^~~~~~~~~ ~
ntru_crypto_sha1.c: ntru_crypto_sha1.c:86:33: note: place parentheses around the '&' expression to silence this warning
ntru_crypto_sha1.c: D += RL(E, 5) + K00_19 + (A & (B ^ C) ^ C) + data[ 1]; A = RL(A, 30);
ntru_crypto_sha1.c: ^
ntru_crypto_sha1.c: ( )
ntru_crypto_sha1.c: ntru_crypto_sha1.c:87:33: warning: '&' within '^' [-Wbitwise-op-parentheses]
ntru_crypto_sha1.c: C += RL(D, 5) + K00_19 + (E & (A ^ B) ^ B) + data[ 2]; E = RL(E, 30);
ntru_crypto_sha1.c: ~~^~~~~~~~~ ~
ntru_crypto_sha1.c: ntru_crypto_sha1.c:87:33: note: place parentheses around the '&' expression to silence this warning
ntru_crypto_sha1.c: C += RL(D, 5) + K00_19 + (E & (A ^ B) ^ B) + data[ 2]; E = RL(E, 30);
ntru_crypto_sha1.c: ^
ntru_crypto_sha1.c: ( )
ntru_crypto_sha1.c: ntru_crypto_sha1.c:88:33: warning: '&' within '^' [-Wbitwise-op-parentheses]
ntru_crypto_sha1.c: B += RL(C, 5) + K00_19 + (D & (E ^ A) ^ A) + data[ 3]; D = RL(D, 30);
ntru_crypto_sha1.c: ~~^~~~~~~~~ ~
ntru_crypto_sha1.c: ntru_crypto_sha1.c:88:33: note: place parentheses around the '&' expression to silence this warning
ntru_crypto_sha1.c: ...

Number of similar (compiler,implementation) pairs: 1, namely:

Compiler	Implementations
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:ref

Namespace violations

Implementation: T:ref
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE

ebats.o copyrightclaims T
ebats.o patentclaims T
ebats.o randombytesfn T
ebats.o shortciphertext T
ebats.o shortplaintext T
ntru_crypto_drbg.o ntru_crypto_drbg_generate T
ntru_crypto_drbg.o ntru_crypto_drbg_instantiate T
ntru_crypto_drbg.o ntru_crypto_drbg_reseed T
ntru_crypto_drbg.o ntru_crypto_drbg_uninstantiate T
ntru_crypto_drbg.o ntru_crypto_external_drbg_instantiate T
ntru_crypto_hash.o ntru_crypto_hash_block_length T
ntru_crypto_hash.o ntru_crypto_hash_digest T
ntru_crypto_hash.o ntru_crypto_hash_digest_length T
ntru_crypto_hash.o ntru_crypto_hash_final T
ntru_crypto_hash.o ntru_crypto_hash_final_zero_pad T
ntru_crypto_hash.o ntru_crypto_hash_init T
ntru_crypto_hash.o ntru_crypto_hash_set_alg T
ntru_crypto_hash.o ntru_crypto_hash_update T
ntru_crypto_hmac.o ntru_crypto_hmac_create_ctx T
ntru_crypto_hmac.o ntru_crypto_hmac_destroy_ctx T
ntru_crypto_hmac.o ntru_crypto_hmac_final T
ntru_crypto_hmac.o ntru_crypto_hmac_get_md_len T
ntru_crypto_hmac.o ntru_crypto_hmac_init T
ntru_crypto_hmac.o ntru_crypto_hmac_set_key T
ntru_crypto_hmac.o ntru_crypto_hmac_update T
ntru_crypto_msbyte_uint32.o ntru_crypto_msbyte_2_uint32 T
ntru_crypto_msbyte_uint32.o ntru_crypto_uint32_2_msbyte T
ntru_crypto_ntru_convert.o ntru_bits_2_trits T
ntru_crypto_ntru_convert.o ntru_coeffs_mod4_2_octets T
ntru_crypto_ntru_convert.o ntru_elements_2_octets T
ntru_crypto_ntru_convert.o ntru_indices_2_packed_trits T
ntru_crypto_ntru_convert.o ntru_indices_2_trits T
ntru_crypto_ntru_convert.o ntru_octet_2_trits T
ntru_crypto_ntru_convert.o ntru_octets_2_elements T
ntru_crypto_ntru_convert.o ntru_packed_trits_2_indices T
ntru_crypto_ntru_convert.o ntru_trits_2_bits T
ntru_crypto_ntru_convert.o ntru_trits_2_octet T
ntru_crypto_ntru_encrypt.o ntru_crypto_ntru_decrypt T
ntru_crypto_ntru_encrypt.o ntru_crypto_ntru_encrypt T
ntru_crypto_ntru_encrypt.o ntru_crypto_ntru_encrypt_keygen T
ntru_crypto_ntru_encrypt.o ntru_crypto_ntru_encrypt_publicKey2SubjectPublicKeyInfo T
ntru_crypto_ntru_encrypt.o ntru_crypto_ntru_encrypt_subjectPublicKeyInfo2PublicKey T
ntru_crypto_ntru_encrypt_key.o ntru_crypto_ntru_encrypt_key_create_privkey_blob T
ntru_crypto_ntru_encrypt_key.o ntru_crypto_ntru_encrypt_key_create_pubkey_blob T
ntru_crypto_ntru_encrypt_key.o ntru_crypto_ntru_encrypt_key_get_blob_params T
ntru_crypto_ntru_encrypt_key.o ntru_crypto_ntru_encrypt_key_parse T
ntru_crypto_ntru_encrypt_key.o ntru_crypto_ntru_encrypt_key_recreate_pubkey_blob T
ntru_crypto_ntru_encrypt_param_sets.o ntru_encrypt_get_param_set_name T
ntru_crypto_ntru_encrypt_param_sets.o ntru_encrypt_get_params_with_DER_id T
ntru_crypto_ntru_encrypt_param_sets.o ntru_encrypt_get_params_with_OID T
ntru_crypto_ntru_encrypt_param_sets.o ntru_encrypt_get_params_with_id T
ntru_crypto_ntru_mgf1.o ntru_mgf1 T
ntru_crypto_ntru_mgf1.o ntru_mgftp1 T
ntru_crypto_ntru_poly.o ntru_gen_poly T
ntru_crypto_ntru_poly.o ntru_poly_check_min_weight T
ntru_crypto_ntru_poly.o ntru_ring_inv T
ntru_crypto_ntru_poly.o ntru_ring_mult_coefficients T
ntru_crypto_ntru_poly.o ntru_ring_mult_indices T
ntru_crypto_ntru_poly.o ntru_ring_mult_indices_sse3 T
ntru_crypto_ntru_poly.o ntru_ring_mult_product_indices T
ntru_crypto_sha1.o ntru_crypto_sha1 T
ntru_crypto_sha1.o ntru_crypto_sha1_digest T
ntru_crypto_sha1.o ntru_crypto_sha1_final T
ntru_crypto_sha1.o ntru_crypto_sha1_final_zero_pad T
ntru_crypto_sha1.o ntru_crypto_sha1_init T
ntru_crypto_sha1.o ntru_crypto_sha1_update T
ntru_crypto_sha2.o ntru_crypto_sha2 T
ntru_crypto_sha256.o ntru_crypto_sha256_digest T
ntru_crypto_sha256.o ntru_crypto_sha256_final T
ntru_crypto_sha256.o ntru_crypto_sha256_final_zero_pad T
ntru_crypto_sha256.o ntru_crypto_sha256_init T
ntru_crypto_sha256.o ntru_crypto_sha256_update T

Number of similar (compiler,implementation) pairs: 4, namely:

Compiler	Implementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:ref
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:ref
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:ref
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:ref