Implementation notes: amd64, sectionthirtyone, crypto_sign/dilithium4aes

Computer: sectionthirtyone
Architecture: amd64
CPU ID: GenuineIntel-000906e9-bfebfbff
SUPERCOP version: 20191221
Operation: crypto_sign
Primitive: dilithium4aes

Time	Object size	Test size	Implementation	Compiler	Benchmark date	SUPERCOP version
540715	161488 0 0	73112 784 1600	`avx2`	`clang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20200110	20191221
551209	161488 0 0	73112 784 1600	`avx2`	`clang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20200110	20191221
553384	174756 0 0	86120 784 1600	`avx2`	`clang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20200110	20191221
603686	239976 0 0	83585 784 1632	`avx2`	`gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20200110	20191221
646500	136172 0 0	49490 784 1600	`avx2`	`clang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20200110	20191221
730283	130323 0 0	48377 784 1632	`avx2`	`gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20200110	20191221
753229	128327 0 0	47401 784 1632	`avx2`	`gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20200110	20191221
803323	127053 0 0	44841 776 1600	`avx2`	`gcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20200110	20191221
3012509	57533 0 0	78864 784 1600	`ref`	`clang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20200110	20191221
4314189	46106 0 0	67256 784 1600	`ref`	`clang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20200110	20191221
4344351	46106 0 0	67256 784 1600	`ref`	`clang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20200110	20191221
4553055	22969 0 0	40546 776 1600	`ref`	`clang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20200110	20191221
4891714	42016 0 0	62944 784 1600	`ref`	`clang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20200110	20191221
5384773	58484 0 0	80177 784 1632	`ref`	`gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20200110	20191221
5798867	25046 0 0	44337 784 1632	`ref`	`gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20200110	20191221
6163078	22083 0 0	40313 776 1600	`ref`	`gcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20200110	20191221
6213771	24163 0 0	43401 784 1632	`ref`	`gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20200110	20191221

Compiler output

Implementation: avx2
Security model: unknown
Compiler: clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

aes256ctr.c: aes256ctr.c:119:3: error: '__builtin_ia32_aeskeygenassist128' needs target feature aes
aes256ctr.c: BLOCK1(0x01);
aes256ctr.c: ^
aes256ctr.c: aes256ctr.c:100:11: note: expanded from macro 'BLOCK1'
aes256ctr.c: temp1 = _mm_aeskeygenassist_si128(temp2, IMM); \
aes256ctr.c: ^
aes256ctr.c: /usr/lib/llvm-8/lib/clang/8.0.0/include/__wmmintrin_aes.h:150:12: note: expanded from macro '_mm_aeskeygenassist_si128'
aes256ctr.c: (__m128i)__builtin_ia32_aeskeygenassist128((__v2di)(__m128i)(C), (int)(R))
aes256ctr.c: ^
aes256ctr.c: aes256ctr.c:120:3: error: '__builtin_ia32_aeskeygenassist128' needs target feature aes
aes256ctr.c: BLOCK2(0x01);
aes256ctr.c: ^
aes256ctr.c: aes256ctr.c:110:11: note: expanded from macro 'BLOCK2'
aes256ctr.c: temp1 = _mm_aeskeygenassist_si128(temp0, IMM); \
aes256ctr.c: ^
aes256ctr.c: /usr/lib/llvm-8/lib/clang/8.0.0/include/__wmmintrin_aes.h:150:12: note: expanded from macro '_mm_aeskeygenassist_si128'
aes256ctr.c: (__m128i)__builtin_ia32_aeskeygenassist128((__v2di)(__m128i)(C), (int)(R))
aes256ctr.c: ^
aes256ctr.c: aes256ctr.c:122:3: error: '__builtin_ia32_aeskeygenassist128' needs target feature aes
aes256ctr.c: BLOCK1(0x02);
aes256ctr.c: ^
aes256ctr.c: aes256ctr.c:100:11: note: expanded from macro 'BLOCK1'
aes256ctr.c: temp1 = _mm_aeskeygenassist_si128(temp2, IMM); \
aes256ctr.c: ^
aes256ctr.c: /usr/lib/llvm-8/lib/clang/8.0.0/include/__wmmintrin_aes.h:150:12: note: expanded from macro '_mm_aeskeygenassist_si128'
aes256ctr.c: ...

Number of similar (compiler,implementation) pairs: 1, namely:

Compiler	Implementations
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	avx2

Namespace violations

Implementation: avx2
Security model: unknown
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

KeccakP-1600-times4-SIMD256.o KeccakF1600times4_FastLoop_Absorb T
KeccakP-1600-times4-SIMD256.o KeccakP1600times4_12rounds_FastLoop_Absorb T
KeccakP-1600-times4-SIMD256.o KeccakP1600times4_AddBytes T
KeccakP-1600-times4-SIMD256.o KeccakP1600times4_AddLanesAll T
KeccakP-1600-times4-SIMD256.o KeccakP1600times4_ExtractAndAddBytes T
KeccakP-1600-times4-SIMD256.o KeccakP1600times4_ExtractAndAddLanesAll T
KeccakP-1600-times4-SIMD256.o KeccakP1600times4_ExtractBytes T
KeccakP-1600-times4-SIMD256.o KeccakP1600times4_ExtractLanesAll T
KeccakP-1600-times4-SIMD256.o KeccakP1600times4_InitializeAll T
KeccakP-1600-times4-SIMD256.o KeccakP1600times4_OverwriteBytes T
KeccakP-1600-times4-SIMD256.o KeccakP1600times4_OverwriteLanesAll T
KeccakP-1600-times4-SIMD256.o KeccakP1600times4_OverwriteWithZeroes T
KeccakP-1600-times4-SIMD256.o KeccakP1600times4_PermuteAll_12rounds T
KeccakP-1600-times4-SIMD256.o KeccakP1600times4_PermuteAll_24rounds T
aes256ctr.o aes256ctr_init T
aes256ctr.o aes256ctr_prf T
aes256ctr.o aes256ctr_select T
aes256ctr.o aes256ctr_squeezeblocks T
fips202.o shake128 T
fips202.o shake128_absorb T
fips202.o shake128_squeezeblocks T
fips202.o shake128_stream_init T
fips202.o shake256 T
fips202.o shake256_absorb T
fips202.o shake256_squeezeblocks T
fips202.o shake256_stream_init T
fips202x4.o shake128_4x T
fips202x4.o shake128_absorb4x T
fips202x4.o shake128_squeezeblocks4x T
fips202x4.o shake256_4x T
fips202x4.o shake256_absorb4x T
fips202x4.o shake256_squeezeblocks4x T
invntt.o invntt_levels0t4_avx T
invntt.o invntt_levels5t7_avx T
ntt.o ntt_levels0t2_avx T
ntt.o ntt_levels3t8_avx T
nttconsts.o _8x23ones R
nttconsts.o _8x256q R
nttconsts.o _8x2q R
nttconsts.o _8xdiv R
nttconsts.o _8xq R
nttconsts.o _8xqinv R
nttconsts.o _mask R
nttconsts.o zetas R
nttconsts.o zetas_inv R
packing.o pack_pk T
packing.o pack_sig T
packing.o pack_sk T
packing.o unpack_pk T
packing.o unpack_sig T
packing.o unpack_sk T
pointwise.o pointwise_acc_avx T
pointwise.o pointwise_avx T
poly.o poly_add T
poly.o poly_chknorm T
poly.o poly_csubq T
poly.o poly_decompose T
poly.o poly_freeze T
poly.o poly_invntt_montgomery T
poly.o poly_make_hint T
poly.o poly_ntt T
poly.o poly_pointwise_invmontgomery T
poly.o poly_power2round T
poly.o poly_reduce T
poly.o poly_shiftl T
poly.o poly_sub T
poly.o poly_uniform T
poly.o poly_uniform_eta T
poly.o poly_uniform_gamma1m1 T
poly.o poly_use_hint T
poly.o polyeta_pack T
poly.o polyeta_unpack T
poly.o polyt0_pack T
poly.o polyt0_unpack T
poly.o polyt1_pack T
poly.o polyt1_unpack T
poly.o polyw1_pack T
poly.o polyz_pack T
poly.o polyz_unpack T
polyvec.o polyveck_add T
polyvec.o polyveck_chknorm T
polyvec.o polyveck_csubq T
polyvec.o polyveck_decompose T
polyvec.o polyveck_freeze T
polyvec.o polyveck_invntt_montgomery T
polyvec.o polyveck_make_hint T
polyvec.o polyveck_ntt T
polyvec.o polyveck_power2round T
polyvec.o polyveck_reduce T
polyvec.o polyveck_shiftl T
polyvec.o polyveck_sub T
polyvec.o polyveck_use_hint T
polyvec.o polyvecl_add T
polyvec.o polyvecl_chknorm T
polyvec.o polyvecl_freeze T
polyvec.o polyvecl_ntt T
polyvec.o polyvecl_pointwise_acc_invmontgomery T
reduce.o csubq_avx T
reduce.o reduce_avx T
rejsample.o rej_eta T
rejsample.o rej_gamma1m1 T
rejsample.o rej_uniform T
rounding.o decompose T
rounding.o make_hint T
rounding.o power2round T
rounding.o use_hint T
sign.o challenge T
sign.o expand_mat T

Number of similar (compiler,implementation) pairs: 8, namely:

Compiler	Implementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	avx2
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	avx2
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	avx2
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	avx2
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE	avx2
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE	avx2
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE	avx2
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE	avx2

Namespace violations

Implementation: ref
Security model: unknown
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

aes256ctr.o aes256_prf T
aes256ctr.o aes256ctr_init T
aes256ctr.o aes256ctr_squeezeblocks T
aes256ctr.o br_range_enc32le T
fips202.o shake128 T
fips202.o shake128_absorb T
fips202.o shake128_squeezeblocks T
fips202.o shake128_stream_init T
fips202.o shake256 T
fips202.o shake256_absorb T
fips202.o shake256_squeezeblocks T
fips202.o shake256_stream_init T
ntt.o invntt_frominvmont T
ntt.o ntt T
packing.o pack_pk T
packing.o pack_sig T
packing.o pack_sk T
packing.o unpack_pk T
packing.o unpack_sig T
packing.o unpack_sk T
poly.o poly_add T
poly.o poly_chknorm T
poly.o poly_csubq T
poly.o poly_decompose T
poly.o poly_freeze T
poly.o poly_invntt_montgomery T
poly.o poly_make_hint T
poly.o poly_ntt T
poly.o poly_pointwise_invmontgomery T
poly.o poly_power2round T
poly.o poly_reduce T
poly.o poly_shiftl T
poly.o poly_sub T
poly.o poly_uniform T
poly.o poly_uniform_eta T
poly.o poly_uniform_gamma1m1 T
poly.o poly_use_hint T
poly.o polyeta_pack T
poly.o polyeta_unpack T
poly.o polyt0_pack T
poly.o polyt0_unpack T
poly.o polyt1_pack T
poly.o polyt1_unpack T
poly.o polyw1_pack T
poly.o polyz_pack T
poly.o polyz_unpack T
polyvec.o polyveck_add T
polyvec.o polyveck_chknorm T
polyvec.o polyveck_csubq T
polyvec.o polyveck_decompose T
polyvec.o polyveck_freeze T
polyvec.o polyveck_invntt_montgomery T
polyvec.o polyveck_make_hint T
polyvec.o polyveck_ntt T
polyvec.o polyveck_power2round T
polyvec.o polyveck_reduce T
polyvec.o polyveck_shiftl T
polyvec.o polyveck_sub T
polyvec.o polyveck_use_hint T
polyvec.o polyvecl_add T
polyvec.o polyvecl_chknorm T
polyvec.o polyvecl_freeze T
polyvec.o polyvecl_ntt T
polyvec.o polyvecl_pointwise_acc_invmontgomery T
reduce.o csubq T
reduce.o freeze T
reduce.o montgomery_reduce T
reduce.o reduce32 T
rounding.o decompose T
rounding.o make_hint T
rounding.o power2round T
rounding.o use_hint T
sign.o challenge T
sign.o expand_mat T

Number of similar (compiler,implementation) pairs: 9, namely:

Compiler	Implementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	ref
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	ref
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	ref
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	ref
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	ref
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE	ref
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE	ref
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE	ref
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE	ref