Implementation notes: amd64, hunsnivy, crypto_aead/deoxysneq256128v1

Computer: hunsnivy
Microarchitecture: amd64; Ivy Bridge+AES (306a9)
Architecture: amd64
CPU ID: GenuineIntel-000306a9-bfebfbff
SUPERCOP version: 20240107
Operation: crypto_aead
Primitive: deoxysneq256128v1
TimeObject sizeTest sizeImplementationCompilerBenchmark dateSUPERCOP version
1337735138 0 056864 780 1080T:optgcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023121320231212
1359733208 0 054016 780 1080T:optgcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023121320231212
1364631914 0 050683 756 1048T:optgcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023121320231212
1438433993 0 054432 780 1080T:optgcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023121320231212
87256325245 0 043176 812 1016T:refclang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023121320231212
100316725476 0 041808 812 1016T:refclang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023121320231212
119181027181 0 043456 812 1016T:refclang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023121320231212
128915629216 0 044680 780 1080T:refgcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023121320231212
222287324668 0 039176 780 1080T:refgcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023121320231212
300674523558 0 036958 804 1016T:refclang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023121320231212
404269622006 0 034915 756 1048T:refgcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023121320231212
409518022701 0 036678 804 1016T:refclang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023121320231212
414602823410 0 037648 780 1080T:refgcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023121320231212

Compiler output

Implementation: T:opt
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
deoxys-256.c: deoxys-256.c:47:50: warning: implicit conversion from 'int' to 'char' changes value from 192 to -64 [-Wconstant-conversion]
deoxys-256.c: const __m128i MSB_AD_LAST = constant8( (0x6<<5),0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00 );
deoxys-256.c: ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
deoxys-256.c: ./tweakable-cipher.macros:12:171: note: expanded from macro 'constant8'
deoxys-256.c: #define constant8(b15,b14,b13,b12,b11,b10,b9,b8,b7,b6,b5,b4,b3,b2,b1,b0) _mm_set_epi8 ((b0),(b1),(b2),(b3),(b4),(b5),(b6),(b7),(b8),(b9),(b10),(b11),(b12),(b13),(b14),(b15))
deoxys-256.c: ~~~~~~~~~~~~ ^~~
deoxys-256.c: deoxys-256.c:50:56: warning: implicit conversion from 'int' to 'char' changes value from 128 to -128 [-Wconstant-conversion]
deoxys-256.c: const __m128i MSB_M_LAST_NONZERO = constant8( (0x4<<5),0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00 );
deoxys-256.c: ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
deoxys-256.c: ./tweakable-cipher.macros:12:171: note: expanded from macro 'constant8'
deoxys-256.c: #define constant8(b15,b14,b13,b12,b11,b10,b9,b8,b7,b6,b5,b4,b3,b2,b1,b0) _mm_set_epi8 ((b0),(b1),(b2),(b3),(b4),(b5),(b6),(b7),(b8),(b9),(b10),(b11),(b12),(b13),(b14),(b15))
deoxys-256.c: ~~~~~~~~~~~~ ^~~
deoxys-256.c: deoxys-256.c:51:49: warning: implicit conversion from 'int' to 'char' changes value from 160 to -96 [-Wconstant-conversion]
deoxys-256.c: const __m128i MSB_CHKSUM = constant8( (0x5<<5),0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00 );
deoxys-256.c: ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
deoxys-256.c: ./tweakable-cipher.macros:12:171: note: expanded from macro 'constant8'
deoxys-256.c: #define constant8(b15,b14,b13,b12,b11,b10,b9,b8,b7,b6,b5,b4,b3,b2,b1,b0) _mm_set_epi8 ((b0),(b1),(b2),(b3),(b4),(b5),(b6),(b7),(b8),(b9),(b10),(b11),(b12),(b13),(b14),(b15))
deoxys-256.c: ~~~~~~~~~~~~ ^~~
deoxys-256.c: deoxys-256.c:294:50: warning: implicit conversion from 'int' to 'char' changes value from 192 to -64 [-Wconstant-conversion]
deoxys-256.c: const __m128i MSB_AD_LAST = constant8( (0x6<<5),0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00 );
deoxys-256.c: ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
deoxys-256.c: ./tweakable-cipher.macros:12:171: note: expanded from macro 'constant8'
deoxys-256.c: #define constant8(b15,b14,b13,b12,b11,b10,b9,b8,b7,b6,b5,b4,b3,b2,b1,b0) _mm_set_epi8 ((b0),(b1),(b2),(b3),(b4),(b5),(b6),(b7),(b8),(b9),(b10),(b11),(b12),(b13),(b14),(b15))
deoxys-256.c: ~~~~~~~~~~~~ ^~~
deoxys-256.c: deoxys-256.c:297:56: warning: implicit conversion from 'int' to 'char' changes value from 128 to -128 [-Wconstant-conversion]
deoxys-256.c: ...
Number of similar (compiler,implementation) pairs: 4, namely:
CompilerImplementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:opt
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:opt
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:opt
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:opt

Compiler output

Implementation: T:opt
Security model: timingleaks
Compiler: clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
deoxys-256.c: deoxys-256.c:47:50: warning: implicit conversion from 'int' to 'char' changes value from 192 to -64 [-Wconstant-conversion]
deoxys-256.c: const __m128i MSB_AD_LAST = constant8( (0x6<<5),0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00 );
deoxys-256.c: ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
deoxys-256.c: ./tweakable-cipher.macros:12:171: note: expanded from macro 'constant8'
deoxys-256.c: #define constant8(b15,b14,b13,b12,b11,b10,b9,b8,b7,b6,b5,b4,b3,b2,b1,b0) _mm_set_epi8 ((b0),(b1),(b2),(b3),(b4),(b5),(b6),(b7),(b8),(b9),(b10),(b11),(b12),(b13),(b14),(b15))
deoxys-256.c: ~~~~~~~~~~~~ ^~~
deoxys-256.c: deoxys-256.c:50:56: warning: implicit conversion from 'int' to 'char' changes value from 128 to -128 [-Wconstant-conversion]
deoxys-256.c: const __m128i MSB_M_LAST_NONZERO = constant8( (0x4<<5),0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00 );
deoxys-256.c: ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
deoxys-256.c: ./tweakable-cipher.macros:12:171: note: expanded from macro 'constant8'
deoxys-256.c: #define constant8(b15,b14,b13,b12,b11,b10,b9,b8,b7,b6,b5,b4,b3,b2,b1,b0) _mm_set_epi8 ((b0),(b1),(b2),(b3),(b4),(b5),(b6),(b7),(b8),(b9),(b10),(b11),(b12),(b13),(b14),(b15))
deoxys-256.c: ~~~~~~~~~~~~ ^~~
deoxys-256.c: deoxys-256.c:51:49: warning: implicit conversion from 'int' to 'char' changes value from 160 to -96 [-Wconstant-conversion]
deoxys-256.c: const __m128i MSB_CHKSUM = constant8( (0x5<<5),0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00 );
deoxys-256.c: ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
deoxys-256.c: ./tweakable-cipher.macros:12:171: note: expanded from macro 'constant8'
deoxys-256.c: #define constant8(b15,b14,b13,b12,b11,b10,b9,b8,b7,b6,b5,b4,b3,b2,b1,b0) _mm_set_epi8 ((b0),(b1),(b2),(b3),(b4),(b5),(b6),(b7),(b8),(b9),(b10),(b11),(b12),(b13),(b14),(b15))
deoxys-256.c: ~~~~~~~~~~~~ ^~~
deoxys-256.c: deoxys-256.c:96:13: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'deoxys_aead_encrypt' that is compiled without support for 'ssse3'
deoxys-256.c: tmp = permute( tmp, H_PERMUTATION );
deoxys-256.c: ^
deoxys-256.c: ./tweakable-cipher.macros:7:22: note: expanded from macro 'permute'
deoxys-256.c: #define permute(a,b) _mm_shuffle_epi8(a,b)
deoxys-256.c: ^
deoxys-256.c: deoxys-256.c:104:5: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'deoxys_aead_encrypt' that is compiled without support for 'ssse3'
deoxys-256.c: ...
Number of similar (compiler,implementation) pairs: 1, namely:
CompilerImplementations
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:opt