Implementation notes: amd64, devoptimis, crypto_kem/ntskem1264

Computer: devoptimis
Architecture: amd64
CPU ID: GenuineIntel-000206c2-bfebfbff
SUPERCOP version: 20190910
Operation: crypto_kem
Primitive: ntskem1264

Time	Object size	Test size	Implementation	Compiler	Benchmark date	SUPERCOP version
721760	89282 6228 16	105359 7080 1632	`sse2`	`gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20191003	20190910
759492	62186 6228 16	76119 7080 1632	`sse2`	`gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20191003	20190910
895824	55914 6228 16	68966 7072 1600	`sse2`	`gcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20191003	20190910
1055040	86797 6228 16	104503 7080 1632	`opt`	`gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20191003	20190910
1082111	57210 6228 16	72847 7080 1632	`opt`	`gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20191003	20190910
1186426	63102 6228 16	77103 7080 1632	`sse2`	`gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20191003	20190910
1326160	50582 6228 16	65102 7072 1600	`opt`	`gcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20191003	20190910
1919973	56241 6228 16	71799 7080 1632	`opt`	`gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20191003	20190910
12439102	41517 76 16	59191 904 1632	`ref`	`gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20191003	20190910
13552016	23177 76 16	38711 904 1632	`ref`	`gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20191003	20190910
13790400	19707 76 16	34174 896 1600	`ref`	`gcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20191003	20190910
15895906	24948 76 16	40535 904 1632	`ref`	`gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20191003	20190910

Compiler output

Implementation: avx2
Security model: unknown
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE

bitslice_fft_256.c: bitslice_fft_256.c: In function 'bitslice_butterflies12_256':
bitslice_fft_256.c: bitslice_fft_256.c:87:23: warning: AVX vector return without AVX enabled changes the ABI [-Wpsabi]
bitslice_fft_256.c: out[i][b] = _mm256_set_epi64x(-((in[0][b] >> reversal[4*i+3]) & 1),
bitslice_fft_256.c: ~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
bitslice_fft_256.c: -((in[0][b] >> reversal[4*i+2]) & 1),
bitslice_fft_256.c: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
bitslice_fft_256.c: -((in[0][b] >> reversal[4*i+1]) & 1),
bitslice_fft_256.c: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
bitslice_fft_256.c: -((in[0][b] >> reversal[4*i+0]) & 1));
bitslice_fft_256.c: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
bitslice_fft_256.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/7/include/immintrin.h:41:0,
bitslice_fft_256.c: from bitslice_fft_256.h:21,
bitslice_fft_256.c: from bitslice_fft_256.c:18:
bitslice_fft_256.c: /usr/lib/gcc/x86_64-linux-gnu/7/include/avxintrin.h:1295:1: error: inlining failed in call to always_inline '_mm256_set_epi64x': target specific option mismatch
bitslice_fft_256.c: _mm256_set_epi64x (long long __A, long long __B, long long __C,
bitslice_fft_256.c: ^~~~~~~~~~~~~~~~~
bitslice_fft_256.c: bitslice_fft_256.c:87:25: note: called from here
bitslice_fft_256.c: out[i][b] = _mm256_set_epi64x(-((in[0][b] >> reversal[4*i+3]) & 1),
bitslice_fft_256.c: ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
bitslice_fft_256.c: -((in[0][b] >> reversal[4*i+2]) & 1),
bitslice_fft_256.c: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
bitslice_fft_256.c: -((in[0][b] >> reversal[4*i+1]) & 1),
bitslice_fft_256.c: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
bitslice_fft_256.c: -((in[0][b] >> reversal[4*i+0]) & 1));
bitslice_fft_256.c: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
bitslice_fft_256.c: ...

Number of similar (compiler,implementation) pairs: 4, namely:

Compiler	Implementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE	avx2
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE	avx2
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE	avx2
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE	avx2

Namespace violations

Implementation: opt
Security model: unknown
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE

bitslice_bma_64.o bitslice_bma T
bitslice_fft_64.o _twist_factors12_64_64 R
bitslice_fft_64.o a64_consts_64 D
bitslice_fft_64.o bitslice_fft12_64 T
bitslice_fft_64.o twiddle_factors R
bitslice_fft_64.o twist_factors D
ff.o bitslice_mul12_64 T
ff.o ff_add_m T
ff.o ff_create T
ff.o ff_inv_12 T
ff.o ff_mul_12 T
ff.o ff_reduce_12 T
ff.o ff_release T
ff.o ff_sqr_12 T
ff.o vector_ff_inv_12 T
ff.o vector_ff_mul_12 T
ff.o vector_ff_pow16_12 T
ff.o vector_ff_pow4_12 T
ff.o vector_ff_pow8_12 T
ff.o vector_ff_sqr_12 T
ff.o vector_ff_sqr_inv_12 T
ff.o vector_ff_transpose_xor_12 T
keccak.o shake_256 T
m4r.o _gray_codes_lut D
m4r.o _gray_codes_lut2 R
m4r.o _gray_codes_lut3 R
m4r.o _gray_codes_lut4 R
m4r.o _gray_codes_lut5 R
m4r.o _gray_codes_lut6 R
m4r.o _gray_codes_lut7 R
m4r.o _gray_codes_lut8 R
m4r.o _m4ri_gauss_submatrix T
m4r.o _m4ri_make_table_rev T
m4r.o m4r_rref T
matrix_ff2.o alloc_matrix_ff2 T
matrix_ff2.o calloc_matrix_ff2 T
matrix_ff2.o clone_matrix_ff2 T
matrix_ff2.o column_swap_matrix_ff2 T
matrix_ff2.o free_matrix_ff2 T
matrix_ff2.o is_equal_matrix_ff2 T
matrix_ff2.o reduce_row_echelon_matrix_ff2 T
matrix_ff2.o zero_matrix_ff2 T
nts_kem.o compute_syndrome T
nts_kem.o correct_error_and_recover_ke T
nts_kem.o create_matrix_G T
nts_kem.o create_random_goppa_polynomial T
nts_kem.o deserialise_private_key T
nts_kem.o fisher_yates_shuffle T
nts_kem.o is_valid_goppa_polynomial T
nts_kem.o load_input_ciphertext T
nts_kem.o nts_kem_ciphertext_size T
nts_kem.o nts_kem_create T
nts_kem.o nts_kem_decapsulate T
nts_kem.o nts_kem_encapsulate T
nts_kem.o nts_kem_init_from_private_key T
nts_kem.o nts_kem_key_size T
nts_kem.o nts_kem_release T
nts_kem.o pack_buffer T
nts_kem.o random_vector T
nts_kem.o serialise_private_key T
nts_kem.o serialise_public_key T
nts_kem.o unpack_buffer T
polynomial.o clone_poly T
polynomial.o create_random_poly T
polynomial.o evaluate_poly T
polynomial.o formal_derivative_poly T
polynomial.o free_poly T
polynomial.o gcd_poly T
polynomial.o init_poly T
polynomial.o is_equal_poly T
polynomial.o modulo_reduce_poly T
polynomial.o poly_from_roots T
polynomial.o update_poly_degree T
polynomial.o zero_poly T
random.o random_uint16_bounded T
random.o randombit T
vector_utils.o vector_ff_or_64 T
vector_utils.o vector_load_1d_64 T
vector_utils.o vector_load_2d_64 T
vector_utils.o vector_store_1d_64 T
vector_utils.o vector_store_2d_64 T

Number of similar (compiler,implementation) pairs: 4, namely:

Compiler	Implementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE	opt
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE	opt
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE	opt
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE	opt

Namespace violations

Implementation: ref
Security model: unknown
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE

additive_fft.o _additive_fft_construct_basis T
additive_fft.o _additive_fft_core T
additive_fft.o _additive_fft_ff_value T
additive_fft.o additive_fft T
additive_fft.o ff_poly_taylor_expansion T
berlekamp_massey.o berlekamp_massey T
ff.o ff_add_m T
ff.o ff_create T
ff.o ff_inv_12 T
ff.o ff_mul_12 T
ff.o ff_reduce_12 T
ff.o ff_release T
ff.o ff_sqr_12 T
keccak.o Keccak T
keccak.o KeccakF1600_StatePermute T
keccak.o LFSR86540 T
keccak.o sha3_256 T
keccak.o sha3_384 T
keccak.o sha3_512 T
keccak.o shake_256 T
m4r.o _gray_codes_lut D
m4r.o _gray_codes_lut2 R
m4r.o _gray_codes_lut3 R
m4r.o _gray_codes_lut4 R
m4r.o _gray_codes_lut5 R
m4r.o _gray_codes_lut6 R
m4r.o _gray_codes_lut7 R
m4r.o _gray_codes_lut8 R
m4r.o _m4ri_gauss_submatrix T
m4r.o _m4ri_make_table_rev T
m4r.o m4r_rref T
matrix_ff2.o alloc_matrix_ff2 T
matrix_ff2.o calloc_matrix_ff2 T
matrix_ff2.o clone_matrix_ff2 T
matrix_ff2.o column_swap_matrix_ff2 T
matrix_ff2.o free_matrix_ff2 T
matrix_ff2.o is_equal_matrix_ff2 T
matrix_ff2.o reduce_row_echelon_matrix_ff2 T
matrix_ff2.o zero_matrix_ff2 T
nts_kem.o compute_syndrome T
nts_kem.o correct_error_and_recover_ke T
nts_kem.o create_matrix_G T
nts_kem.o create_random_goppa_polynomial T
nts_kem.o deserialise_private_key T
nts_kem.o fisher_yates_shuffle T
nts_kem.o is_valid_goppa_polynomial T
nts_kem.o nts_kem_ciphertext_size T
nts_kem.o nts_kem_create T
nts_kem.o nts_kem_decapsulate T
nts_kem.o nts_kem_encapsulate T
nts_kem.o nts_kem_init_from_private_key T
nts_kem.o nts_kem_key_size T
nts_kem.o nts_kem_release T
nts_kem.o pack_buffer T
nts_kem.o random_vector T
nts_kem.o serialise_private_key T
nts_kem.o serialise_public_key T
nts_kem.o unpack_buffer T
polynomial.o clone_poly T
polynomial.o create_random_poly T
polynomial.o evaluate_poly T
polynomial.o formal_derivative_poly T
polynomial.o free_poly T
polynomial.o gcd_poly T
polynomial.o init_poly T
polynomial.o is_equal_poly T
polynomial.o modulo_reduce_poly T
polynomial.o poly_from_roots T
polynomial.o update_poly_degree T
polynomial.o zero_poly T
random.o random_uint16_bounded T
random.o randombit T
stack.o stack_create T
stack.o stack_free T
stack.o stack_pop T
stack.o stack_push T
stack.o stack_size T

Number of similar (compiler,implementation) pairs: 4, namely:

Compiler	Implementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE	ref
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE	ref
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE	ref
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE	ref

Namespace violations

Implementation: sse2
Security model: unknown
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE

bitslice_bma_128.o bitslice_bma T
bitslice_fft_128.o _twist_factors12_64_64 R
bitslice_fft_128.o a64_consts_128 D
bitslice_fft_128.o bitslice_fft12_128 T
bitslice_fft_128.o twiddle_factors R
bitslice_fft_128.o twist_factors D
ff.o bitslice_mul12_128 T
ff.o bitslice_mul12_64 T
ff.o ff_add_m T
ff.o ff_create T
ff.o ff_inv_12 T
ff.o ff_mul_12 T
ff.o ff_reduce_12 T
ff.o ff_release T
ff.o ff_sqr_12 T
ff.o vector_ff_inv_12 T
ff.o vector_ff_mul_12 T
ff.o vector_ff_pow16_12 T
ff.o vector_ff_pow4_12 T
ff.o vector_ff_pow8_12 T
ff.o vector_ff_sqr_12 T
ff.o vector_ff_sqr_inv_12 T
ff.o vector_ff_transpose_xor_12 T
keccak.o shake_256 T
m4r.o _gray_codes_lut D
m4r.o _gray_codes_lut2 R
m4r.o _gray_codes_lut3 R
m4r.o _gray_codes_lut4 R
m4r.o _gray_codes_lut5 R
m4r.o _gray_codes_lut6 R
m4r.o _gray_codes_lut7 R
m4r.o _gray_codes_lut8 R
m4r.o _m4ri_gauss_submatrix T
m4r.o _m4ri_make_table_rev T
m4r.o m4r_rref T
matrix_ff2.o alloc_matrix_ff2 T
matrix_ff2.o calloc_matrix_ff2 T
matrix_ff2.o clone_matrix_ff2 T
matrix_ff2.o column_swap_matrix_ff2 T
matrix_ff2.o free_matrix_ff2 T
matrix_ff2.o is_equal_matrix_ff2 T
matrix_ff2.o reduce_row_echelon_matrix_ff2 T
matrix_ff2.o zero_matrix_ff2 T
nts_kem.o compute_syndrome T
nts_kem.o correct_error_and_recover_ke T
nts_kem.o create_matrix_G T
nts_kem.o create_random_goppa_polynomial T
nts_kem.o deserialise_private_key T
nts_kem.o fisher_yates_shuffle T
nts_kem.o is_valid_goppa_polynomial T
nts_kem.o load_input_ciphertext T
nts_kem.o nts_kem_ciphertext_size T
nts_kem.o nts_kem_create T
nts_kem.o nts_kem_decapsulate T
nts_kem.o nts_kem_encapsulate T
nts_kem.o nts_kem_init_from_private_key T
nts_kem.o nts_kem_key_size T
nts_kem.o nts_kem_release T
nts_kem.o pack_buffer T
nts_kem.o random_vector T
nts_kem.o serialise_private_key T
nts_kem.o serialise_public_key T
nts_kem.o unpack_buffer T
polynomial.o clone_poly T
polynomial.o create_random_poly T
polynomial.o evaluate_poly T
polynomial.o formal_derivative_poly T
polynomial.o free_poly T
polynomial.o gcd_poly T
polynomial.o init_poly T
polynomial.o is_equal_poly T
polynomial.o modulo_reduce_poly T
polynomial.o poly_from_roots T
polynomial.o update_poly_degree T
polynomial.o zero_poly T
random.o random_uint16_bounded T
random.o randombit T
utils.o cpucycles T
utils.o cpucycles_persecond T
vector_utils.o vector_ff_or_128 T
vector_utils.o vector_ff_or_64 T
vector_utils.o vector_load_1d_128 T
vector_utils.o vector_load_1d_64 T
vector_utils.o vector_load_2d_128 T
vector_utils.o vector_load_2d_64 T
vector_utils.o vector_store_1d_128 T
vector_utils.o vector_store_1d_64 T
vector_utils.o vector_store_2d_128 T
vector_utils.o vector_store_2d_64 T

Number of similar (compiler,implementation) pairs: 4, namely:

Compiler	Implementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE	sse2
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE	sse2
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE	sse2
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE	sse2