Implementation notes: amd64, hydra8, crypto_aead/romulusn

Computer: hydra8
Microarchitecture: amd64; IB+AES (306a9)
Architecture: amd64
CPU ID: GenuineIntel-000306a9-bfebfbff
SUPERCOP version: 20221122
Operation: crypto_aead
Primitive: romulusn

Time	Object size	Test size	Implementation	Compiler	Benchmark date	SUPERCOP version
189695	13581 0 0	30521 804 1072	`aadomn/x86`	`gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221005	20221005
190512	10970 0 0	25640 796 1072	`aadomn/x86`	`gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221005	20221005
193488	10486 0 0	24012 780 1040	`aadomn/x86`	`gcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221005	20221005
195576	10951 0 0	25552 796 1072	`aadomn/x86`	`gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221005	20221005
195859	11836 0 0	29059 820 1040	`aadomn/x86`	`clang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20221005	20221005
195929	12060 0 0	30803 820 1040	`aadomn/x86`	`clang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20221005	20221005
196406	11836 0 0	29059 820 1040	`aadomn/x86`	`clang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20221005	20221005
197409	9947 0 0	23361 812 1008	`aadomn/x86`	`clang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20221005	20221005
352822	10927 592 0	29747 1420 1040	`T:opt32t`	`clang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20221005	20221005
354306	10911 592 0	28211 1420 1040	`T:opt32t`	`clang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20221005	20221005
355374	9078 608 0	23856 1412 1072	`T:opt32t`	`gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221005	20221005
355673	10911 592 0	28211 1420 1040	`T:opt32t`	`clang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20221005	20221005
356731	10684 592 0	27139 1420 1008	`T:opt32t`	`clang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20221005	20221005
365164	13552 608 0	30537 1420 1072	`T:opt32t`	`gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221005	20221005
367947	7721 592 0	21209 1412 1008	`T:opt32t`	`clang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20221005	20221005
372990	8701 608 0	23376 1412 1072	`T:opt32t`	`gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221005	20221005
377657	8012 608 0	21604 1396 1040	`T:opt32t`	`gcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221005	20221005
800490	29074 640 0	47371 1468 1040	`T:fixslice_opt32`	`clang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20221005	20221005
802188	29077 640 0	47435 1468 1040	`aadomn/opt32`	`clang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20220527	20220506
809656	28947 640 0	44931 1468 1008	`T:fixslice_opt32`	`clang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20221005	20221005
821469	28996 640 0	45011 1468 1008	`aadomn/opt32`	`clang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20220527	20220506
839571	28610 640 0	45387 1468 1040	`T:fixslice_opt32`	`clang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20221005	20221005
843646	28610 640 0	45387 1468 1040	`T:fixslice_opt32`	`clang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20221005	20221005
843985	28325 640 0	45163 1468 1040	`aadomn/opt32`	`clang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20220527	20220506
849896	28325 640 0	45163 1468 1040	`aadomn/opt32`	`clang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20220527	20220506
995541	18226 640 0	31737 1460 1008	`aadomn/opt32`	`clang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20220527	20220506
997282	18891 640 0	32345 1460 1008	`T:fixslice_opt32`	`clang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20221005	20221005
1155663	20249 640 0	35161 1452 1072	`aadomn/opt32`	`gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20220527	20220506
1158482	21615 640 0	36544 1460 1072	`T:fixslice_opt32`	`gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221005	20221005
1176544	20835 640 0	35680 1460 1072	`T:fixslice_opt32`	`gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221005	20221005
1181864	19472 640 0	34313 1452 1072	`aadomn/opt32`	`gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20220527	20220506
1197582	18746 640 0	32388 1428 1040	`aadomn/opt32`	`gcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20220527	20220506
1202342	20129 640 0	33787 1436 1040	`T:fixslice_opt32`	`gcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221005	20221005
1308041	33124 640 0	50225 1452 1072	`aadomn/opt32`	`gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20220527	20220506
1308122	34208 640 0	51256 1460 1072	`T:fixslice_opt32`	`gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221005	20221005
2021790	27633 12 0	44721 816 1072	`T:ref`	`gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221005	20221005
2221336	13602 12 0	32291 832 1040	`T:ref`	`clang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20221005	20221005
2226034	14192 12 0	30643 832 1008	`T:ref`	`clang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20221005	20221005
2387765	13226 12 0	30395 832 1040	`T:ref`	`clang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20221005	20221005
2388880	13226 12 0	30395 832 1040	`T:ref`	`clang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20221005	20221005
5368777	5095 12 0	18617 824 1008	`T:ref`	`clang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20221005	20221005
6188914	5140 12 0	19856 808 1072	`T:ref`	`gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221005	20221005
6239196	5657 12 0	20464 808 1072	`T:ref`	`gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221005	20221005
6878124	4369 12 0	18004 792 1040	`T:ref`	`gcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221005	20221005

Compiler output

Implementation: aadomn/x86
Security model: constbranchindex
Compiler: clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

skinny128.c: skinny128.c:115:5: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'skinny128_384_plus' that is compiled without support for 'ssse3'
skinny128.c: DOUBLE_ROUND(rtk_23);
skinny128.c: ^
skinny128.c: skinny128.c:78:5: note: expanded from macro 'DOUBLE_ROUND'
skinny128.c: SBOX_ARK_EVEN(rtk_23); \
skinny128.c: ^
skinny128.c: skinny128.c:23:13: note: expanded from macro 'SBOX_ARK_EVEN'
skinny128.c: state = _mm_shuffle_epi8(s1, state); /* apply inner S-box S1 */ \
skinny128.c: ^
skinny128.c: skinny128.c:115:5: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'skinny128_384_plus' that is compiled without support for 'ssse3'
skinny128.c: skinny128.c:78:5: note: expanded from macro 'DOUBLE_ROUND'
skinny128.c: SBOX_ARK_EVEN(rtk_23); \
skinny128.c: ^
skinny128.c: skinny128.c:24:13: note: expanded from macro 'SBOX_ARK_EVEN'
skinny128.c: tmp0 = _mm_shuffle_epi8(s0, tmp0); /* apply inner S-box S0 */ \
skinny128.c: ^
skinny128.c: skinny128.c:115:5: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'skinny128_384_plus' that is compiled without support for 'ssse3'
skinny128.c: skinny128.c:78:5: note: expanded from macro 'DOUBLE_ROUND'
skinny128.c: SBOX_ARK_EVEN(rtk_23); \
skinny128.c: ^
skinny128.c: skinny128.c:32:13: note: expanded from macro 'SBOX_ARK_EVEN'
skinny128.c: tmp0 = _mm_shuffle_epi8(s3, tmp0); /* apply inner S-box S3 */ \
skinny128.c: ^
skinny128.c: skinny128.c:115:5: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'skinny128_384_plus' that is compiled without support for 'ssse3'
skinny128.c: skinny128.c:78:5: note: expanded from macro 'DOUBLE_ROUND'
skinny128.c: ...

Number of similar (compiler,implementation) pairs: 1, namely:

Compiler	Implementations
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	aadomn/x86

Namespace violations

Implementation: aadomn/opt32
Security model: constbranchindex
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

romulus_n.o romulusn_generate_tag T
romulus_n.o romulusn_init T
romulus_n.o romulusn_process_ad T
romulus_n.o romulusn_process_msg T
romulus_n.o romulusn_verify_tag T
romulus_n.o zeroize T
skinny128.o mixcolumns_0 T
skinny128.o mixcolumns_1 T
skinny128.o mixcolumns_2 T
skinny128.o mixcolumns_3 T
skinny128.o skinny128_384_plus T
tk_schedule.o lfsr2_bs T
tk_schedule.o lfsr3_bs T
tk_schedule.o packing T
tk_schedule.o permute_tk T
tk_schedule.o permute_tk_10 T
tk_schedule.o permute_tk_12 T
tk_schedule.o permute_tk_14 T
tk_schedule.o permute_tk_2 T
tk_schedule.o permute_tk_4 T
tk_schedule.o permute_tk_6 T
tk_schedule.o permute_tk_8 T
tk_schedule.o precompute_lfsr_tk2 T
tk_schedule.o precompute_lfsr_tk3 T
tk_schedule.o rconst_32_bs D
tk_schedule.o tk_schedule_1 T
tk_schedule.o tk_schedule_123 T
tk_schedule.o tk_schedule_13 T
tk_schedule.o tk_schedule_23 T
tk_schedule.o unpacking T

Number of similar (compiler,implementation) pairs: 9, namely:

Compiler	Implementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	aadomn/opt32
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	aadomn/opt32
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	aadomn/opt32
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	aadomn/opt32
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	aadomn/opt32
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE	aadomn/opt32
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE	aadomn/opt32
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE	aadomn/opt32
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE	aadomn/opt32

Namespace violations

Implementation: aadomn/x86
Security model: constbranchindex
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

Number of similar (compiler,implementation) pairs: 8, namely:

Compiler	Implementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	aadomn/x86
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	aadomn/x86
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	aadomn/x86
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	aadomn/x86
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE	aadomn/x86
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE	aadomn/x86
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE	aadomn/x86
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE	aadomn/x86

Namespace violations

Implementation: T:fixslice_opt32
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

skinny128.o mixcolumns_0 T
skinny128.o mixcolumns_1 T
skinny128.o mixcolumns_2 T
skinny128.o mixcolumns_3 T
skinny128.o skinny128_384_plus T
tk_schedule.o lfsr2_bs T
tk_schedule.o lfsr3_bs T
tk_schedule.o packing T
tk_schedule.o permute_tk T
tk_schedule.o permute_tk_10 T
tk_schedule.o permute_tk_12 T
tk_schedule.o permute_tk_14 T
tk_schedule.o permute_tk_2 T
tk_schedule.o permute_tk_4 T
tk_schedule.o permute_tk_6 T
tk_schedule.o permute_tk_8 T
tk_schedule.o precompute_lfsr_tk2 T
tk_schedule.o precompute_lfsr_tk3 T
tk_schedule.o precompute_rtk1 T
tk_schedule.o precompute_rtk2_3 T
tk_schedule.o rconst_32_bs D
tk_schedule.o unpacking T

Number of similar (compiler,implementation) pairs: 9, namely:

Compiler	Implementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:fixslice_opt32
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:fixslice_opt32
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:fixslice_opt32
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:fixslice_opt32
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:fixslice_opt32
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:fixslice_opt32
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:fixslice_opt32
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:fixslice_opt32
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:fixslice_opt32

Namespace violations

Implementation: T:opt32t
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

common.o ad_encryption_eq16 T
common.o ad_encryption_eqov32 T
common.o ad_encryption_ov16 T
common.o ad_encryption_ud16 T
common.o block_cipher T
common.o g8A T
common.o g8A_for_Tag_Generation T
common.o generate_tag T
common.o lfsr_gf56 T
common.o msg_encryption_eqov16 T
common.o msg_encryption_ud16 T
common.o nonce_encryption T
common.o pad T
common.o reset_lfsr_gf56 T
common.o rho_ad_eqov16 T
common.o rho_ad_ud16 T
common.o rho_eqov16 T
common.o rho_ud16 T
decrypt.o irho_eqov16 T
decrypt.o irho_ud16 T
decrypt.o msg_decryption_eqov16 T
decrypt.o msg_decryption_ud16 T
skinny_key_schedule2.o RunEncryptionKeyScheduleTK2 T
skinny_key_schedule3.o RunEncryptionKeyScheduleTK3 T
skinny_main.o Encrypt T
skinny_main.o RC D
skinny_main.o SBOX D
skinny_main.o SBOX2 D
skinny_main.o skinny_128_384_enc123_12 T
skinny_main.o skinny_128_384_enc12_12 T
skinny_main.o skinny_128_384_enc1_1 T

Number of similar (compiler,implementation) pairs: 9, namely:

Compiler	Implementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:opt32t
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:opt32t
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:opt32t
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:opt32t
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:opt32t
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:opt32t
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:opt32t
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:opt32t
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:opt32t

Namespace violations

Implementation: T:ref
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

romulus_n_reference.o ad_encryption T
romulus_n_reference.o block_cipher T
romulus_n_reference.o compose_tweakey T
romulus_n_reference.o g8A T
romulus_n_reference.o generate_tag T
romulus_n_reference.o irho T
romulus_n_reference.o lfsr_gf56 T
romulus_n_reference.o msg_encryption T
romulus_n_reference.o nonce_encryption T
romulus_n_reference.o pad T
romulus_n_reference.o reset_lfsr_gf56 T
romulus_n_reference.o rho T
romulus_n_reference.o rho_ad T
romulus_n_reference.o romulus_n T
romulus_n_reference.o romulus_n_decrypt T
romulus_n_reference.o romulus_n_encrypt T
skinny_reference.o AddConstants T
skinny_reference.o AddKey T
skinny_reference.o BLOCK_SIZE D
skinny_reference.o MixColumn T
skinny_reference.o N_RNDS D
skinny_reference.o P R
skinny_reference.o RC R
skinny_reference.o ShiftRows T
skinny_reference.o SubCell8 T
skinny_reference.o TWEAKEY_P R
skinny_reference.o TWEAKEY_SIZE D
skinny_reference.o enc T
skinny_reference.o sbox_8 R
skinny_reference.o skinny_128_384_plus_enc T

Number of similar (compiler,implementation) pairs: 9, namely:

Compiler	Implementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:ref
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:ref
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:ref
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:ref
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:ref
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:ref
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:ref
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:ref
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:ref