Implementation notes: amd64, saber214, crypto_aead/deoxysneq256128v1

Computer: saber214
Microarchitecture: amd64; Bulldozer (600f20)
Architecture: amd64
CPU ID: AuthenticAMD-00600f20-1789c3f5
SUPERCOP version: 20240107
Operation: crypto_aead
Primitive: deoxysneq256128v1
TimeObject sizeTest sizeImplementationCompilerBenchmark dateSUPERCOP version
1079035717 0 058269 784 928T:optgcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023121420231212
1173833444 0 054565 784 928T:optgcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023121420231212
1197732459 0 051432 760 896T:optgcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023121420231212
1233034897 0 055589 784 928T:optgcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023121420231212
115314425304 0 042388 816 872T:refclang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023121420231212
133754725680 0 041644 816 856T:refclang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023121420231212
141683727734 0 043885 784 928T:refgcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023121420231212
182841526152 0 040844 816 856T:refclang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023121420231212
274341424706 0 038148 816 856T:refclang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023121420231212
404411525621 0 040325 784 928T:refgcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023121420231212
409122724152 0 037150 808 856T:refclang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023121420231212
555650424544 0 039037 784 928T:refgcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023121420231212
589688723221 0 036344 760 896T:refgcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023121420231212

Compiler output

Implementation: T:opt
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
deoxys-256.c: deoxys-256.c:47:50: warning: implicit conversion from 'int' to 'char' changes value from 192 to -64 [-Wconstant-conversion]
deoxys-256.c: const __m128i MSB_AD_LAST = constant8( (0x6<<5),0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00 );
deoxys-256.c: ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
deoxys-256.c: ./tweakable-cipher.macros:12:171: note: expanded from macro 'constant8'
deoxys-256.c: #define constant8(b15,b14,b13,b12,b11,b10,b9,b8,b7,b6,b5,b4,b3,b2,b1,b0) _mm_set_epi8 ((b0),(b1),(b2),(b3),(b4),(b5),(b6),(b7),(b8),(b9),(b10),(b11),(b12),(b13),(b14),(b15))
deoxys-256.c: ~~~~~~~~~~~~ ^~~
deoxys-256.c: deoxys-256.c:50:56: warning: implicit conversion from 'int' to 'char' changes value from 128 to -128 [-Wconstant-conversion]
deoxys-256.c: const __m128i MSB_M_LAST_NONZERO = constant8( (0x4<<5),0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00 );
deoxys-256.c: ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
deoxys-256.c: ./tweakable-cipher.macros:12:171: note: expanded from macro 'constant8'
deoxys-256.c: #define constant8(b15,b14,b13,b12,b11,b10,b9,b8,b7,b6,b5,b4,b3,b2,b1,b0) _mm_set_epi8 ((b0),(b1),(b2),(b3),(b4),(b5),(b6),(b7),(b8),(b9),(b10),(b11),(b12),(b13),(b14),(b15))
deoxys-256.c: ~~~~~~~~~~~~ ^~~
deoxys-256.c: deoxys-256.c:51:49: warning: implicit conversion from 'int' to 'char' changes value from 160 to -96 [-Wconstant-conversion]
deoxys-256.c: const __m128i MSB_CHKSUM = constant8( (0x5<<5),0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00 );
deoxys-256.c: ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
deoxys-256.c: ./tweakable-cipher.macros:12:171: note: expanded from macro 'constant8'
deoxys-256.c: #define constant8(b15,b14,b13,b12,b11,b10,b9,b8,b7,b6,b5,b4,b3,b2,b1,b0) _mm_set_epi8 ((b0),(b1),(b2),(b3),(b4),(b5),(b6),(b7),(b8),(b9),(b10),(b11),(b12),(b13),(b14),(b15))
deoxys-256.c: ~~~~~~~~~~~~ ^~~
deoxys-256.c: deoxys-256.c:294:50: warning: implicit conversion from 'int' to 'char' changes value from 192 to -64 [-Wconstant-conversion]
deoxys-256.c: const __m128i MSB_AD_LAST = constant8( (0x6<<5),0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00 );
deoxys-256.c: ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
deoxys-256.c: ./tweakable-cipher.macros:12:171: note: expanded from macro 'constant8'
deoxys-256.c: #define constant8(b15,b14,b13,b12,b11,b10,b9,b8,b7,b6,b5,b4,b3,b2,b1,b0) _mm_set_epi8 ((b0),(b1),(b2),(b3),(b4),(b5),(b6),(b7),(b8),(b9),(b10),(b11),(b12),(b13),(b14),(b15))
deoxys-256.c: ~~~~~~~~~~~~ ^~~
deoxys-256.c: deoxys-256.c:297:56: warning: implicit conversion from 'int' to 'char' changes value from 128 to -128 [-Wconstant-conversion]
deoxys-256.c: ...
Number of similar (compiler,implementation) pairs: 4, namely:
CompilerImplementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:opt
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:opt
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:opt
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:opt

Compiler output

Implementation: T:opt
Security model: timingleaks
Compiler: clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
deoxys-256.c: deoxys-256.c:47:50: warning: implicit conversion from 'int' to 'char' changes value from 192 to -64 [-Wconstant-conversion]
deoxys-256.c: const __m128i MSB_AD_LAST = constant8( (0x6<<5),0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00 );
deoxys-256.c: ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
deoxys-256.c: ./tweakable-cipher.macros:12:171: note: expanded from macro 'constant8'
deoxys-256.c: #define constant8(b15,b14,b13,b12,b11,b10,b9,b8,b7,b6,b5,b4,b3,b2,b1,b0) _mm_set_epi8 ((b0),(b1),(b2),(b3),(b4),(b5),(b6),(b7),(b8),(b9),(b10),(b11),(b12),(b13),(b14),(b15))
deoxys-256.c: ~~~~~~~~~~~~ ^~~
deoxys-256.c: deoxys-256.c:50:56: warning: implicit conversion from 'int' to 'char' changes value from 128 to -128 [-Wconstant-conversion]
deoxys-256.c: const __m128i MSB_M_LAST_NONZERO = constant8( (0x4<<5),0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00 );
deoxys-256.c: ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
deoxys-256.c: ./tweakable-cipher.macros:12:171: note: expanded from macro 'constant8'
deoxys-256.c: #define constant8(b15,b14,b13,b12,b11,b10,b9,b8,b7,b6,b5,b4,b3,b2,b1,b0) _mm_set_epi8 ((b0),(b1),(b2),(b3),(b4),(b5),(b6),(b7),(b8),(b9),(b10),(b11),(b12),(b13),(b14),(b15))
deoxys-256.c: ~~~~~~~~~~~~ ^~~
deoxys-256.c: deoxys-256.c:51:49: warning: implicit conversion from 'int' to 'char' changes value from 160 to -96 [-Wconstant-conversion]
deoxys-256.c: const __m128i MSB_CHKSUM = constant8( (0x5<<5),0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00 );
deoxys-256.c: ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
deoxys-256.c: ./tweakable-cipher.macros:12:171: note: expanded from macro 'constant8'
deoxys-256.c: #define constant8(b15,b14,b13,b12,b11,b10,b9,b8,b7,b6,b5,b4,b3,b2,b1,b0) _mm_set_epi8 ((b0),(b1),(b2),(b3),(b4),(b5),(b6),(b7),(b8),(b9),(b10),(b11),(b12),(b13),(b14),(b15))
deoxys-256.c: ~~~~~~~~~~~~ ^~~
deoxys-256.c: deoxys-256.c:96:13: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'deoxys_aead_encrypt' that is compiled without support for 'ssse3'
deoxys-256.c: tmp = permute( tmp, H_PERMUTATION );
deoxys-256.c: ^
deoxys-256.c: ./tweakable-cipher.macros:7:22: note: expanded from macro 'permute'
deoxys-256.c: #define permute(a,b) _mm_shuffle_epi8(a,b)
deoxys-256.c: ^
deoxys-256.c: deoxys-256.c:104:5: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'deoxys_aead_encrypt' that is compiled without support for 'ssse3'
deoxys-256.c: ...
Number of similar (compiler,implementation) pairs: 1, namely:
CompilerImplementations
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:opt