Implementation notes: amd64, cezanne, crypto_aead/twine80n6t4clocv3

Computer: cezanne
Microarchitecture: amd64; Zen 3 (a50f00)
Architecture: amd64
CPU ID: AuthenticAMD-00a50f00-178bfbff
SUPERCOP version: 20240625
Operation: crypto_aead
Primitive: twine80n6t4clocv3

Time	Object size	Test size	Implementation	Compiler	Benchmark date	SUPERCOP version
112679	4517 0 896	18776 780 1976	`T:vperm`	`gcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240626	20240625
114181	5473 0 896	21752 780 1976	`T:vperm`	`gcc_-march=native_-mtune=native_-O3_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240626	20240625
117221	3833 0 896	16819 756 1944	`T:vperm`	`gcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240626	20240625
117905	4753 0 896	19368 780 1976	`T:vperm`	`gcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240626	20240625
726300	7908 0 304	24406 820 1336	`T:ref`	`clang_-mcpu=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240626	20240625
736841	7706 0 304	24558 820 1336	`T:ref`	`clang_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240626	20240625
1084584	6457 0 304	20414 804 1336	`T:ref`	`clang_-march=native_-O_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240626	20240625
1144666	7450 0 304	24166 820 1336	`T:ref`	`clang_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240626	20240625
1203152	6283 0 304	19918 804 1336	`T:ref`	`clang_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240626	20240625
1975186	7482 0 292	22112 780 1400	`T:ref`	`gcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240626	20240625
2179469	9374 0 292	25696 780 1400	`T:ref`	`gcc_-march=native_-mtune=native_-O3_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240626	20240625
2739900	6961 0 292	21143 772 1400	`T:ref`	`gcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240626	20240625
3734567	6266 0 292	19243 756 1368	`T:ref`	`gcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240626	20240625

Compiler output

Implementation: T:ref
Security model: timingleaks
Compiler: clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)

encrypt.c: encrypt.c:68:2: warning: misleading indentation; statement is not part of the previous 'for' [-Wmisleading-indentation]
encrypt.c:         return RETURN_SUCCESS;
encrypt.c:         ^
encrypt.c: encrypt.c:63:5: note: previous statement is here
encrypt.c:     for(i = 0; i < CRYPTO_ABYTES; i++)
encrypt.c:     ^
encrypt.c: 1 warning generated.

Number of similar (implementation,compiler) pairs: 5, namely:

Implementation	Compiler
`T:ref`	`clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)`
`T:ref`	`clang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)`
`T:ref`	`clang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)`
`T:ref`	`clang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)`
`T:ref`	`clang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)`

Compiler output

Implementation: T:ref
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)

encrypt.c: encrypt.c: In function 'crypto_aead_twine80n6t4clocv3_ref_timingleaks_decrypt':
encrypt.c: encrypt.c:63:5: warning: this 'for' clause does not guard... [-Wmisleading-indentation]
encrypt.c:    63 |     for(i = 0; i < CRYPTO_ABYTES; i++)
encrypt.c:       |     ^~~
encrypt.c: encrypt.c:68:2: note: ...this statement, but the latter is misleadingly indented as if it were guarded by the 'for'
encrypt.c:    68 |  return RETURN_SUCCESS;
encrypt.c:       |  ^~~~~~

Number of similar (implementation,compiler) pairs: 4, namely:

Implementation	Compiler
`T:ref`	`gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)`
`T:ref`	`gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)`
`T:ref`	`gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)`
`T:ref`	`gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)`

Compiler output

Implementation: T:vperm
Security model: timingleaks
Compiler: clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)

cloc.c: cloc.c:193:26: warning: implicit conversion from 'int' to 'char' changes value from 128 to -128 [-Wconstant-conversion]
cloc.c:                 state = XORDQW(state, SHR(state, 8));
cloc.c:                         ~~~~~~~~~~~~~~^~~~~~~~~~~~~~
cloc.c: ./common.h:30:126: note: expanded from macro 'SHR'
cloc.c: #define SHR(x,n)        _mm_shuffle_epi8((x), _mm_set_epi8(127+(n), 126+(n), 125+(n), 124+(n), 123+(n), 122+(n), 121+(n), 120+(n), 119+(n), 118+(n), 117+(n), 116+(n), 115+(n), 114+(n), 113+(n), 112+(n))) // shift to the right
cloc.c:                                               ~~~~~~~~~~~~                                                                   ^
cloc.c: ./common.h:18:43: note: expanded from macro 'XORDQW'
cloc.c: #define XORDQW(x, y)            _mm_xor_si128((x), (y))
cloc.c:                                                     ^
cloc.c: cloc.c:193:26: warning: implicit conversion from 'int' to 'char' changes value from 129 to -127 [-Wconstant-conversion]
cloc.c:                 state = XORDQW(state, SHR(state, 8));
cloc.c:                         ~~~~~~~~~~~~~~^~~~~~~~~~~~~~
cloc.c: ./common.h:30:117: note: expanded from macro 'SHR'
cloc.c: #define SHR(x,n)        _mm_shuffle_epi8((x), _mm_set_epi8(127+(n), 126+(n), 125+(n), 124+(n), 123+(n), 122+(n), 121+(n), 120+(n), 119+(n), 118+(n), 117+(n), 116+(n), 115+(n), 114+(n), 113+(n), 112+(n))) // shift to the right
cloc.c:                                               ~~~~~~~~~~~~                                                          ^
cloc.c: ./common.h:18:43: note: expanded from macro 'XORDQW'
cloc.c: #define XORDQW(x, y)            _mm_xor_si128((x), (y))
cloc.c:                                                     ^
cloc.c: cloc.c:193:26: warning: implicit conversion from 'int' to 'char' changes value from 130 to -126 [-Wconstant-conversion]
cloc.c:                 state = XORDQW(state, SHR(state, 8));
cloc.c:                         ~~~~~~~~~~~~~~^~~~~~~~~~~~~~
cloc.c: ./common.h:30:108: note: expanded from macro 'SHR'
cloc.c: #define SHR(x,n)        _mm_shuffle_epi8((x), _mm_set_epi8(127+(n), 126+(n), 125+(n), 124+(n), 123+(n), 122+(n), 121+(n), 120+(n), 119+(n), 118+(n), 117+(n), 116+(n), 115+(n), 114+(n), 113+(n), 112+(n))) // shift to the right
cloc.c:                                               ~~~~~~~~~~~~                                                 ^
cloc.c: ./common.h:18:43: note: expanded from macro 'XORDQW'
cloc.c: ...

Number of similar (implementation,compiler) pairs: 4, namely:

Implementation	Compiler
`T:vperm`	`clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)`
`T:vperm`	`clang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)`
`T:vperm`	`clang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)`
`T:vperm`	`clang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)`

Compiler output

Implementation: T:vperm
Security model: timingleaks
Compiler: clang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)

cloc.c: In file included from cloc.c:7:
cloc.c: ./twine.h:48:9: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'TWINE80_enc' that is compiled without support for 'ssse3'
cloc.c:                 tmp = PSHUFB(lsbox, tmp);
cloc.c:                       ^
cloc.c: ./common.h:42:22: note: expanded from macro 'PSHUFB'
cloc.c: #define PSHUFB(s, x)    _mm_shuffle_epi8((s), (x)) /*return s(x)*/
cloc.c:                         ^
cloc.c: In file included from cloc.c:7:
cloc.c: ./twine.h:51:10: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'TWINE80_enc' that is compiled without support for 'ssse3'
cloc.c:                 left = PSHUFB(left, tmp);
cloc.c:                        ^
cloc.c: ./common.h:42:22: note: expanded from macro 'PSHUFB'
cloc.c: #define PSHUFB(s, x)    _mm_shuffle_epi8((s), (x)) /*return s(x)*/
cloc.c:                         ^
cloc.c: In file included from cloc.c:7:
cloc.c: ./twine.h:54:9: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'TWINE80_enc' that is compiled without support for 'ssse3'
cloc.c:                 tmp = PSHUFB(lsbox, tmp);
cloc.c:                       ^
cloc.c: ./common.h:42:22: note: expanded from macro 'PSHUFB'
cloc.c: #define PSHUFB(s, x)    _mm_shuffle_epi8((s), (x)) /*return s(x)*/
cloc.c:                         ^
cloc.c: In file included from cloc.c:7:
cloc.c: ./twine.h:57:11: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'TWINE80_enc' that is compiled without support for 'ssse3'
cloc.c:                 right = PSHUFB(right, tmp);
cloc.c:                         ^
cloc.c: ...

Number of similar (implementation,compiler) pairs: 1, namely:

Implementation	Compiler
`T:vperm`	`clang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)`

Compiler output

Implementation: T:vperm
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)

cloc.c: cloc.c: In function 'ae_decrypt':
cloc.c: cloc.c:227:9: warning: unused variable 'tmpState' [-Wunused-variable]
cloc.c:   227 |  dqword tmpState;
cloc.c:       |         ^~~~~~~~
encrypt.c: encrypt.c: In function 'crypto_aead_twine80n6t4clocv3_vperm_timingleaks_decrypt':
encrypt.c: encrypt.c:64:5: warning: this 'for' clause does not guard... [-Wmisleading-indentation]
encrypt.c:    64 |     for(i = 0; i < CRYPTO_ABYTES; i++)
encrypt.c:       |     ^~~
encrypt.c: encrypt.c:69:2: note: ...this statement, but the latter is misleadingly indented as if it were guarded by the 'for'
encrypt.c:    69 |  return RETURN_SUCCESS;
encrypt.c:       |  ^~~~~~

Number of similar (implementation,compiler) pairs: 4, namely:

Implementation	Compiler
`T:vperm`	`gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)`
`T:vperm`	`gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)`
`T:vperm`	`gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)`
`T:vperm`	`gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)`