Implementation notes: amd64, hedera, crypto_encrypt/lotus256

Computer: hedera
Architecture: amd64
CPU ID: GenuineIntel-000306a9-bfebfbff
SUPERCOP version: 20210326
Operation: crypto_encrypt
Primitive: lotus256
TimeObject sizeTest sizeImplementationCompilerBenchmark dateSUPERCOP version
316166451112 0 872376 932 1736T:optclang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2021013020210114
316711151112 0 872376 932 1736T:optclang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2021013020210114
329413857024 0 877896 932 1736T:optclang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2021013020210114
334142360296 0 883280 932 1736T:optclang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2021013020210114
129286698688 0 826342 924 1736T:refclang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2021013020210114
1660402610008 0 827317 940 1768T:optgcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2021013020210114

Test failure

Implementation: T:opt
Security model: timingleaks
Compiler: clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
error 111
crypto_encrypt_open does not match mlen

Number of similar (compiler,implementation) pairs: 3, namely:
CompilerImplementations
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:opt
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE T:opt T:ref

Test failure

Implementation: T:opt
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE
error 111
crypto_encrypt_open does not handle c=t overlap

Number of similar (compiler,implementation) pairs: 9, namely:
CompilerImplementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:opt
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:opt
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ref
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ref
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ref
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ref
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ref
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ref
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ref

Compiler output

Implementation: T:avx2
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
lwe-arithmetics_avx2.c: lwe-arithmetics_avx2.c:173:14: error: always_inline function '_mm256_mullo_epi16' requires target feature 'avx2', but would be inlined into function 'submat_negmul' that is compiled without support for 'avx2'
lwe-arithmetics_avx2.c: b[0] = _mm256_mullo_epi16(b[0], a);
lwe-arithmetics_avx2.c: ^
lwe-arithmetics_avx2.c: lwe-arithmetics_avx2.c:174:14: error: always_inline function '_mm256_mullo_epi16' requires target feature 'avx2', but would be inlined into function 'submat_negmul' that is compiled without support for 'avx2'
lwe-arithmetics_avx2.c: b[1] = _mm256_mullo_epi16(b[1], a);
lwe-arithmetics_avx2.c: ^
lwe-arithmetics_avx2.c: lwe-arithmetics_avx2.c:175:14: error: always_inline function '_mm256_mullo_epi16' requires target feature 'avx2', but would be inlined into function 'submat_negmul' that is compiled without support for 'avx2'
lwe-arithmetics_avx2.c: b[2] = _mm256_mullo_epi16(b[2], a);
lwe-arithmetics_avx2.c: ^
lwe-arithmetics_avx2.c: lwe-arithmetics_avx2.c:176:14: error: always_inline function '_mm256_mullo_epi16' requires target feature 'avx2', but would be inlined into function 'submat_negmul' that is compiled without support for 'avx2'
lwe-arithmetics_avx2.c: b[3] = _mm256_mullo_epi16(b[3], a);
lwe-arithmetics_avx2.c: ^
lwe-arithmetics_avx2.c: lwe-arithmetics_avx2.c:177:14: error: always_inline function '_mm256_sub_epi16' requires target feature 'avx2', but would be inlined into function 'submat_negmul' that is compiled without support for 'avx2'
lwe-arithmetics_avx2.c: c[0] = _mm256_sub_epi16(c[0], b[0]);
lwe-arithmetics_avx2.c: ^
lwe-arithmetics_avx2.c: lwe-arithmetics_avx2.c:178:14: error: always_inline function '_mm256_sub_epi16' requires target feature 'avx2', but would be inlined into function 'submat_negmul' that is compiled without support for 'avx2'
lwe-arithmetics_avx2.c: c[1] = _mm256_sub_epi16(c[1], b[1]);
lwe-arithmetics_avx2.c: ^
lwe-arithmetics_avx2.c: lwe-arithmetics_avx2.c:179:14: error: always_inline function '_mm256_sub_epi16' requires target feature 'avx2', but would be inlined into function 'submat_negmul' that is compiled without support for 'avx2'
lwe-arithmetics_avx2.c: c[2] = _mm256_sub_epi16(c[2], b[2]);
lwe-arithmetics_avx2.c: ^
lwe-arithmetics_avx2.c: lwe-arithmetics_avx2.c:180:14: error: always_inline function '_mm256_sub_epi16' requires target feature 'avx2', but would be inlined into function 'submat_negmul' that is compiled without support for 'avx2'
lwe-arithmetics_avx2.c: c[3] = _mm256_sub_epi16(c[3], b[3]);
lwe-arithmetics_avx2.c: ^
lwe-arithmetics_avx2.c: lwe-arithmetics_avx2.c:185:14: error: always_inline function '_mm256_mullo_epi16' requires target feature 'avx2', but would be inlined into function 'submat_negmul' that is compiled without support for 'avx2'
lwe-arithmetics_avx2.c: ...

Number of similar (compiler,implementation) pairs: 4, namely:
CompilerImplementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:avx2
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:avx2
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:avx2
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:avx2

Compiler output

Implementation: T:avx2
Security model: timingleaks
Compiler: clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
lwe-arithmetics_avx2.c: lwe-arithmetics_avx2.c:158:12: error: always_inline function '_mm256_setzero_si256' requires target feature 'avx', but would be inlined into function 'submat_negmul' that is compiled without support for 'avx'
lwe-arithmetics_avx2.c: c[0] = _mm256_setzero_si256();
lwe-arithmetics_avx2.c: ^
lwe-arithmetics_avx2.c: lwe-arithmetics_avx2.c:159:12: error: always_inline function '_mm256_setzero_si256' requires target feature 'avx', but would be inlined into function 'submat_negmul' that is compiled without support for 'avx'
lwe-arithmetics_avx2.c: c[1] = _mm256_setzero_si256();
lwe-arithmetics_avx2.c: ^
lwe-arithmetics_avx2.c: lwe-arithmetics_avx2.c:160:12: error: always_inline function '_mm256_setzero_si256' requires target feature 'avx', but would be inlined into function 'submat_negmul' that is compiled without support for 'avx'
lwe-arithmetics_avx2.c: c[2] = _mm256_setzero_si256();
lwe-arithmetics_avx2.c: ^
lwe-arithmetics_avx2.c: lwe-arithmetics_avx2.c:161:12: error: always_inline function '_mm256_setzero_si256' requires target feature 'avx', but would be inlined into function 'submat_negmul' that is compiled without support for 'avx'
lwe-arithmetics_avx2.c: c[3] = _mm256_setzero_si256();
lwe-arithmetics_avx2.c: ^
lwe-arithmetics_avx2.c: lwe-arithmetics_avx2.c:162:12: error: always_inline function '_mm256_setzero_si256' requires target feature 'avx', but would be inlined into function 'submat_negmul' that is compiled without support for 'avx'
lwe-arithmetics_avx2.c: c[4] = _mm256_setzero_si256();
lwe-arithmetics_avx2.c: ^
lwe-arithmetics_avx2.c: lwe-arithmetics_avx2.c:163:12: error: always_inline function '_mm256_setzero_si256' requires target feature 'avx', but would be inlined into function 'submat_negmul' that is compiled without support for 'avx'
lwe-arithmetics_avx2.c: c[5] = _mm256_setzero_si256();
lwe-arithmetics_avx2.c: ^
lwe-arithmetics_avx2.c: lwe-arithmetics_avx2.c:164:12: error: always_inline function '_mm256_setzero_si256' requires target feature 'avx', but would be inlined into function 'submat_negmul' that is compiled without support for 'avx'
lwe-arithmetics_avx2.c: c[6] = _mm256_setzero_si256();
lwe-arithmetics_avx2.c: ^
lwe-arithmetics_avx2.c: lwe-arithmetics_avx2.c:165:12: error: always_inline function '_mm256_setzero_si256' requires target feature 'avx', but would be inlined into function 'submat_negmul' that is compiled without support for 'avx'
lwe-arithmetics_avx2.c: c[7] = _mm256_setzero_si256();
lwe-arithmetics_avx2.c: ^
lwe-arithmetics_avx2.c: lwe-arithmetics_avx2.c:168:11: error: always_inline function '_mm256_set1_epi16' requires target feature 'avx', but would be inlined into function 'submat_negmul' that is compiled without support for 'avx'
lwe-arithmetics_avx2.c: ...

Number of similar (compiler,implementation) pairs: 1, namely:
CompilerImplementations
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:avx2

Compiler output

Implementation: T:avx2
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE
lwe-arithmetics_avx2.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/8/include/immintrin.h:43,
lwe-arithmetics_avx2.c: from lwe-arithmetics_avx2.c:10:
lwe-arithmetics_avx2.c: lwe-arithmetics_avx2.c: In function 'submat_negmul':
lwe-arithmetics_avx2.c: /usr/lib/gcc/x86_64-linux-gnu/8/include/avx2intrin.h:808:1: error: inlining failed in call to always_inline '_mm256_sub_epi16': target specific option mismatch
lwe-arithmetics_avx2.c: _mm256_sub_epi16 (__m256i __A, __m256i __B)
lwe-arithmetics_avx2.c: ^~~~~~~~~~~~~~~~
lwe-arithmetics_avx2.c: lwe-arithmetics_avx2.c:192:14: note: called from here
lwe-arithmetics_avx2.c: c[7] = _mm256_sub_epi16(c[7], b[3]);
lwe-arithmetics_avx2.c: ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
lwe-arithmetics_avx2.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/8/include/immintrin.h:43,
lwe-arithmetics_avx2.c: from lwe-arithmetics_avx2.c:10:
lwe-arithmetics_avx2.c: /usr/lib/gcc/x86_64-linux-gnu/8/include/avx2intrin.h:808:1: error: inlining failed in call to always_inline '_mm256_sub_epi16': target specific option mismatch
lwe-arithmetics_avx2.c: _mm256_sub_epi16 (__m256i __A, __m256i __B)
lwe-arithmetics_avx2.c: ^~~~~~~~~~~~~~~~
lwe-arithmetics_avx2.c: lwe-arithmetics_avx2.c:191:14: note: called from here
lwe-arithmetics_avx2.c: c[6] = _mm256_sub_epi16(c[6], b[2]);
lwe-arithmetics_avx2.c: ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
lwe-arithmetics_avx2.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/8/include/immintrin.h:43,
lwe-arithmetics_avx2.c: from lwe-arithmetics_avx2.c:10:
lwe-arithmetics_avx2.c: /usr/lib/gcc/x86_64-linux-gnu/8/include/avx2intrin.h:808:1: error: inlining failed in call to always_inline '_mm256_sub_epi16': target specific option mismatch
lwe-arithmetics_avx2.c: _mm256_sub_epi16 (__m256i __A, __m256i __B)
lwe-arithmetics_avx2.c: ^~~~~~~~~~~~~~~~
lwe-arithmetics_avx2.c: lwe-arithmetics_avx2.c:190:14: note: called from here
lwe-arithmetics_avx2.c: c[5] = _mm256_sub_epi16(c[5], b[1]);
lwe-arithmetics_avx2.c: ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
lwe-arithmetics_avx2.c: ...

Number of similar (compiler,implementation) pairs: 4, namely:
CompilerImplementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:avx2
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:avx2
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE T:avx2
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:avx2

Namespace violations

Implementation: T:opt
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
cpa-pke_opt.o lotus_cpa_pke_dec_packed T
cpa-pke_opt.o lotus_cpa_pke_enc_packed T
cpa-pke_opt.o lotus_cpa_pke_keypair T
crypto.o crypto_symenc_decrypt T
crypto.o crypto_symenc_encrypt T
crypto.o crypto_symenc_keysetup T
crypto.o crypto_symenc_keystream T
crypto.o crypto_symenc_keystream_13block T
crypto.o crypto_symenc_keystream_32block T
encrypt.o util_cmp_const T
lwe-arithmetics_opt.o add_sigma T
lwe-arithmetics_opt.o distribute_2x2_nl T
lwe-arithmetics_opt.o distribute_2x2_nn T
lwe-arithmetics_opt.o merge_2x2_nl T
lwe-arithmetics_opt.o reconstruct T
lwe-arithmetics_opt.o redc T
lwe-arithmetics_opt.o submat_add_nl T
lwe-arithmetics_opt.o submat_add_nn T
lwe-arithmetics_opt.o submat_negmul T
lwe-arithmetics_opt.o submat_negsubmul T
lwe-arithmetics_opt.o submat_sub_nl T
lwe-arithmetics_opt.o submat_sub_nn T
lwe-arithmetics_opt.o submat_submul T
lwe-arithmetics_opt.o submul T
pack.o pack_128dg T
pack.o pack_128elems T
pack.o pack_64elems T
pack.o pack_ct T
pack.o pack_pk T
pack.o pack_sk T
pack.o unpack_128dg T
pack.o unpack_128elems T
pack.o unpack_64elems T
pack.o unpack_ct T
pack.o unpack_pk T
pack.o unpack_sk T
sampler.o _LOTUS_KYDG_SAMPLER_L1_pMat R
sampler.o _LOTUS_KYDG_SAMPLER_L1_weight R
sampler.o _LOTUS_KYDG_SAMPLER_LUT R
sampler.o csprng_sample_bit T
sampler.o csprng_sample_byte T
sampler.o extend_sign_with_random_bit T
sampler.o sample_discrete_gaussian T
sampler.o sample_uniform T
sampler.o sample_unit_discrete_gaussian T
sampler.o sampler_init T
sampler.o sampler_set_seed T
sampler.o scan_bit_and_output T

Number of similar (compiler,implementation) pairs: 5, namely:
CompilerImplementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:opt
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:opt
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:opt
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:opt
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:opt

Namespace violations

Implementation: T:ref
Security model: timingleaks
Compiler: clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
cpa-pke.o lotus_cpa_pke_dec T
cpa-pke.o lotus_cpa_pke_enc T
cpa-pke.o lotus_cpa_pke_keypair T
crypto.o crypto_symenc_decrypt T
crypto.o crypto_symenc_encrypt T
crypto.o crypto_symenc_keysetup T
crypto.o crypto_symenc_keystream T
encrypt.o util_cmp_const T
lwe-arithmetics.o add_sigma T
lwe-arithmetics.o addmul T
lwe-arithmetics.o addmul_concat T
lwe-arithmetics.o reconstruct T
lwe-arithmetics.o redc T
lwe-arithmetics.o submul T
pack.o pack_128dg T
pack.o pack_128elems T
pack.o pack_64elems T
pack.o pack_ct T
pack.o pack_pk T
pack.o pack_sk T
pack.o unpack_128dg T
pack.o unpack_128elems T
pack.o unpack_64elems T
pack.o unpack_ct T
pack.o unpack_pk T
pack.o unpack_sk T
sampler.o _LOTUS_KYDG_SAMPLER_L1_pMat R
sampler.o _LOTUS_KYDG_SAMPLER_L1_weight R
sampler.o _LOTUS_KYDG_SAMPLER_LUT R
sampler.o csprng_sample_bit T
sampler.o csprng_sample_byte T
sampler.o extend_sign_with_random_bit T
sampler.o sample_discrete_gaussian T
sampler.o sample_uniform T
sampler.o sample_unit_discrete_gaussian T
sampler.o sampler_init T
sampler.o sampler_set_seed T
sampler.o scan_bit_and_output T

Number of similar (compiler,implementation) pairs: 1, namely:
CompilerImplementations
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ref