Implementation notes: amd64, hertz, crypto_aead/aes128cpfbv1

Computer: hertz
Microarchitecture: amd64; Zen 4 (a60f12)
Architecture: amd64
CPU ID: AuthenticAMD-00a60f12-178bfbff
SUPERCOP version: 20240107
Operation: crypto_aead
Primitive: aes128cpfbv1

Time	Object size	Test size	Implementation	Compiler	Benchmark date	SUPERCOP version
38308	4071 0 0	27909 804 1160	`T:ref`	`gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20231219	20231217
47893	2854 0 0	24693 804 1096	`T:ref`	`gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20231219	20231217
58242	2012 0 0	26203 844 1096	`T:ref`	`clang-17_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231219	20231217
58558	2012 0 0	26075 844 1096	`T:ref`	`clang-17_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231219	20231217
63460	1646 0 0	22964 836 1096	`T:ref`	`clang-17_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231219	20231217
74028	1837 0 0	21248 780 1064	`T:ref`	`gcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20231219	20231217
82171	16080 0 0	35344 780 1064	`T:gladman`	`gcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20231219	20231217
85733	17994 0 0	41755 844 1096	`T:gladman`	`clang-17_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231219	20231217
87634	17994 0 0	41627 844 1096	`T:gladman`	`clang-17_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231219	20231217
88143	16489 0 0	37340 836 1096	`T:gladman`	`clang-17_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231219	20231217
97105	18409 0 0	42205 804 1160	`T:gladman`	`gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20231219	20231217
97264	17965 0 0	39757 804 1096	`T:gladman`	`gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20231219	20231217
102067	19909 0 0	43781 804 1160	`T:aesref`	`gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20231219	20231217
102928	17045 0 0	38893 804 1096	`T:aesref`	`gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20231219	20231217
104560	17416 0 0	41243 844 1096	`T:aesref`	`clang-17_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231219	20231217
104757	16720 0 0	40419 844 1096	`T:aesref`	`clang-17_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231219	20231217
115886	16548 0 0	37484 836 1096	`T:aesref`	`clang-17_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231219	20231217
120161	15838 0 0	35208 780 1064	`T:aesref`	`gcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20231219	20231217

Test failure

Implementation: T:aesni
Security model: timingleaks
Compiler: clang-17 -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

error 111
crypto_aead_decrypt does not match m

Number of similar (compiler,implementation) pairs: 3, namely:

Compiler	Implementations
clang-17 -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:aesni
clang-17 -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:aesni
clang-17 -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:aesni

Test failure

Implementation: T:aesni
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE

error 111
crypto_aead_decrypt returns nonzero

Number of similar (compiler,implementation) pairs: 2, namely:

Compiler	Implementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:aesni
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:aesni

Compiler output

Implementation: T:aesni
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE

try.c: /usr/bin/ld: libcrypto_aead_aes128cpfbv1.a(encrypt.o): in function `crypto_aead_aes128cpfbv1_aesni_timingleaks_encrypt':
try.c: encrypt.c:(.text+0x...): undefined reference to `safe_store_partial'
try.c: /usr/bin/ld: libcrypto_aead_aes128cpfbv1.a(cpfbkey.o): in function `AES_128_Key_Expansion_and_encryption':
try.c: cpfbkey.c:(.text+0x...): undefined reference to `key_expansion_128'
try.c: /usr/bin/ld: cpfbkey.c:(.text+0x...): undefined reference to `key_expansion_128'
try.c: /usr/bin/ld: cpfbkey.c:(.text+0x...): undefined reference to `key_expansion_128'
try.c: /usr/bin/ld: cpfbkey.c:(.text+0x...): undefined reference to `key_expansion_128'
try.c: /usr/bin/ld: cpfbkey.c:(.text+0x...): undefined reference to `key_expansion_128'
try.c: /usr/bin/ld: libcrypto_aead_aes128cpfbv1.a(cpfbkey.o):cpfbkey.c:(.text+0x...): more undefined references to `key_expansion_128' follow
try.c: /usr/bin/ld: libcrypto_aead_aes128cpfbv1.a(cpfbkey.o): in function `AES_256_Key_Expansion':
try.c: cpfbkey.c:(.text+0x...): undefined reference to `KEY_256_ASSIST_1'
try.c: /usr/bin/ld: cpfbkey.c:(.text+0x...): undefined reference to `KEY_256_ASSIST_2'
try.c: /usr/bin/ld: cpfbkey.c:(.text+0x...): undefined reference to `KEY_256_ASSIST_1'
try.c: /usr/bin/ld: cpfbkey.c:(.text+0x...): undefined reference to `KEY_256_ASSIST_2'
try.c: /usr/bin/ld: cpfbkey.c:(.text+0x...): undefined reference to `KEY_256_ASSIST_1'
try.c: /usr/bin/ld: cpfbkey.c:(.text+0x...): undefined reference to `KEY_256_ASSIST_2'
try.c: /usr/bin/ld: cpfbkey.c:(.text+0x...): undefined reference to `KEY_256_ASSIST_1'
try.c: /usr/bin/ld: cpfbkey.c:(.text+0x...): undefined reference to `KEY_256_ASSIST_2'
try.c: /usr/bin/ld: cpfbkey.c:(.text+0x...): undefined reference to `KEY_256_ASSIST_1'
try.c: /usr/bin/ld: cpfbkey.c:(.text+0x...): undefined reference to `KEY_256_ASSIST_2'
try.c: /usr/bin/ld: cpfbkey.c:(.text+0x...): undefined reference to `KEY_256_ASSIST_1'
try.c: /usr/bin/ld: cpfbkey.c:(.text+0x...): undefined reference to `KEY_256_ASSIST_2'
try.c: /usr/bin/ld: cpfbkey.c:(.text+0x...): undefined reference to `KEY_256_ASSIST_1'
try.c: /usr/bin/ld: libcrypto_aead_aes128cpfbv1.a(cpfbkey.o): in function `AES_256_Key_Expansion_2':
try.c: cpfbkey.c:(.text+0x...): undefined reference to `KEY_256_ASSIST_1'
try.c: ...

Number of similar (compiler,implementation) pairs: 1, namely:

Compiler	Implementations
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:aesni

Compiler output

Implementation: T:evp
Security model: timingleaks
Compiler: clang-17 -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

encrypt.c: encrypt.c:170:89: error: array has incomplete element type 'EVP_CIPHER_CTX' (aka 'struct evp_cipher_ctx_st')
encrypt.c: 170 | static void gen_kappa(unsigned char* nonce, unsigned char* kappa, EVP_CIPHER_CTX ctx_key[1]){
encrypt.c: | ^
encrypt.c: /usr/include/openssl/types.h:102:16: note: forward declaration of 'struct evp_cipher_ctx_st'
encrypt.c: 102 | typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX;
encrypt.c: | ^
encrypt.c: encrypt.c:188:25: error: array has incomplete element type 'EVP_CIPHER_CTX' (aka 'struct evp_cipher_ctx_st')
encrypt.c: 188 | EVP_CIPHER_CTX ctx_k[1];
encrypt.c: | ^
encrypt.c: /usr/include/openssl/types.h:102:16: note: forward declaration of 'struct evp_cipher_ctx_st'
encrypt.c: 102 | typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX;
encrypt.c: | ^
encrypt.c: encrypt.c:189:31: error: array has incomplete element type 'EVP_CIPHER_CTX' (aka 'struct evp_cipher_ctx_st')
encrypt.c: 189 | EVP_CIPHER_CTX ctx_kappa_0[1];
encrypt.c: | ^
encrypt.c: /usr/include/openssl/types.h:102:16: note: forward declaration of 'struct evp_cipher_ctx_st'
encrypt.c: 102 | typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX;
encrypt.c: | ^
encrypt.c: encrypt.c:190:31: error: array has incomplete element type 'EVP_CIPHER_CTX' (aka 'struct evp_cipher_ctx_st')
encrypt.c: 190 | EVP_CIPHER_CTX ctx_kappa_m[1];
encrypt.c: | ^
encrypt.c: /usr/include/openssl/types.h:102:16: note: forward declaration of 'struct evp_cipher_ctx_st'
encrypt.c: 102 | typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX;
encrypt.c: | ^
encrypt.c: encrypt.c:330:25: error: array has incomplete element type 'EVP_CIPHER_CTX' (aka 'struct evp_cipher_ctx_st')
encrypt.c: ...

Number of similar (compiler,implementation) pairs: 3, namely:

Compiler	Implementations
clang-17 -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:evp
clang-17 -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:evp
clang-17 -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:evp

Compiler output

Implementation: T:evp
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE

encrypt.c: encrypt.c:170:82: error: array type has incomplete element type 'EVP_CIPHER_CTX' {aka 'struct evp_cipher_ctx_st'}
encrypt.c: 170 | static void gen_kappa(unsigned char* nonce, unsigned char* kappa, EVP_CIPHER_CTX ctx_key[1]){
encrypt.c: | ^~~~~~~
encrypt.c: encrypt.c: In function 'crypto_aead_aes128cpfbv1_evp_timingleaks_encrypt':
encrypt.c: encrypt.c:188:20: error: array type has incomplete element type 'EVP_CIPHER_CTX' {aka 'struct evp_cipher_ctx_st'}
encrypt.c: 188 | EVP_CIPHER_CTX ctx_k[1];
encrypt.c: | ^~~~~
encrypt.c: encrypt.c:189:20: error: array type has incomplete element type 'EVP_CIPHER_CTX' {aka 'struct evp_cipher_ctx_st'}
encrypt.c: 189 | EVP_CIPHER_CTX ctx_kappa_0[1];
encrypt.c: | ^~~~~~~~~~~
encrypt.c: encrypt.c:190:20: error: array type has incomplete element type 'EVP_CIPHER_CTX' {aka 'struct evp_cipher_ctx_st'}
encrypt.c: 190 | EVP_CIPHER_CTX ctx_kappa_m[1];
encrypt.c: | ^~~~~~~~~~~
encrypt.c: encrypt.c:204:31: error: type of formal parameter 3 is incomplete
encrypt.c: 204 | gen_kappa(nonce, kappa_0, ctx_k);
encrypt.c: | ^~~~~
encrypt.c: encrypt.c:265:35: error: type of formal parameter 3 is incomplete
encrypt.c: 265 | gen_kappa(nonce, kappa_m, ctx_k);
encrypt.c: | ^~~~~
encrypt.c: encrypt.c: In function 'crypto_aead_aes128cpfbv1_evp_timingleaks_decrypt':
encrypt.c: encrypt.c:330:20: error: array type has incomplete element type 'EVP_CIPHER_CTX' {aka 'struct evp_cipher_ctx_st'}
encrypt.c: 330 | EVP_CIPHER_CTX ctx_k[1];
encrypt.c: | ^~~~~
encrypt.c: encrypt.c:331:20: error: array type has incomplete element type 'EVP_CIPHER_CTX' {aka 'struct evp_cipher_ctx_st'}
encrypt.c: 331 | EVP_CIPHER_CTX ctx_kappa_0[1];
encrypt.c: ...

Number of similar (compiler,implementation) pairs: 3, namely:

Compiler	Implementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:evp
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:evp
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:evp