Implementation notes: amd64, latour, crypto_dh/ed448goldilocks

Computer: latour
Architecture: amd64
CPU ID: GenuineIntel-000006fb-bfebfbff
SUPERCOP version: 20201130
Operation: crypto_dh
Primitive: ed448goldilocks
TimeObject sizeTest sizeImplementationCompilerBenchmark dateSUPERCOP version
270797470106 24 2192488504 920 23520T:amd64clang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2020083020200826
270834370106 24 2192488504 920 23520T:amd64clang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2020083020200826
271890971954 24 2192491272 920 23520T:amd64clang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2020083020200826
272611871365 24 2192490488 920 23520T:amd64clang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2020083020200826
285411654015 24 2192471262 912 23520T:amd64clang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2020083020200826
310767374168 24 2192496164 864 23584T:amd64gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2020083020200826
322212659874 24 2192479196 864 23584T:amd64gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2020083020200826
329882499949 24 21924119592 920 23520T:64clang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2020083020200826
329947297621 24 21924116312 920 23520T:64clang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2020083020200826
331168597621 24 21924116312 920 23520T:64clang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2020083020200826
333354699376 24 21924118760 920 23520T:64clang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2020083020200826
3406959118834 24 21924140956 864 23584T:64gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2020083020200826
348853561000 24 2192479694 912 23520T:64clang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2020083020200826
351197179037 24 2192499052 864 23584T:64gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2020083020200826
358516842210 24 2192460844 856 23552T:64gcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2020083020200826
362172674338 24 2192493740 864 23584T:64gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2020083020200826
741622565777 24 1885285692 864 20512T:32gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2020083020200826
747622888382 24 18852110428 864 20512T:32gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2020083020200826
762162356495 24 1885273734 912 20448T:32clang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2020083020200826
916086683287 24 18852101528 920 20448T:32clang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2020083020200826
945555385106 24 18852104024 920 20448T:32clang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2020083020200826
947826985759 24 18852104936 920 20448T:32clang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2020083020200826
969036383287 24 18852101528 920 20448T:32clang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2020083020200826
979312563744 24 1885283036 864 20512T:32gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2020083020200826
1015398952645 24 1885270980 856 20480T:32gcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2020083020200826

Test failure

Implementation: T:amd64
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE
error 111
crypto_dh returns nonzero

Number of similar (compiler,implementation) pairs: 1, namely:
CompilerImplementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:amd64

Test failure

Implementation: T:amd64
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE
error 111

Number of similar (compiler,implementation) pairs: 1, namely:
CompilerImplementations
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:amd64

Namespace violations

Implementation: T:32
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
barrett_field.o add_nr_ext_packed T
barrett_field.o barrett_deserialize T
barrett_field.o barrett_deserialize_and_reduce T
barrett_field.o barrett_mul_or_mac T
barrett_field.o barrett_negate T
barrett_field.o barrett_reduce T
barrett_field.o barrett_serialize T
barrett_field.o sub_nr_ext_packed T
crandom.o crandom_destroy T
crandom.o crandom_detect_features T
crandom.o crandom_features B
crandom.o crandom_generate T
crandom.o crandom_init_from_buffer T
crandom.o crandom_init_from_file T
ec_point.o add_tw_niels_to_tw_extensible T
ec_point.o add_tw_pniels_to_tw_extensible T
ec_point.o convert_affine_to_extensible T
ec_point.o convert_tw_affine_to_tw_extensible T
ec_point.o convert_tw_affine_to_tw_pniels T
ec_point.o convert_tw_extensible_to_tw_pniels T
ec_point.o convert_tw_niels_to_tw_extensible T
ec_point.o convert_tw_pniels_to_tw_extensible T
ec_point.o deserialize_affine T
ec_point.o deserialize_and_twist_approx T
ec_point.o deserialize_montgomery T
ec_point.o double_extensible T
ec_point.o double_tw_extensible T
ec_point.o elligator_2s_inject T
ec_point.o eq_affine T
ec_point.o eq_extensible T
ec_point.o eq_tw_extensible T
ec_point.o is_even_pt T
ec_point.o is_even_tw T
ec_point.o is_square T
ec_point.o montgomery_step T
ec_point.o p448_inverse T
ec_point.o p448_isr T
ec_point.o serialize_extensible T
ec_point.o serialize_montgomery T
ec_point.o set_identity_affine T
ec_point.o set_identity_extensible T
ec_point.o set_identity_tw_extensible T
ec_point.o sub_tw_niels_from_tw_extensible T
ec_point.o sub_tw_pniels_from_tw_extensible T
ec_point.o test_only_twist T
ec_point.o twist_and_double T
ec_point.o twist_even T
ec_point.o untwist_and_double T
ec_point.o untwist_and_double_and_serialize T
ec_point.o validate_affine T
ec_point.o validate_extensible T
ec_point.o validate_tw_extensible T
goldilocks.o goldilocks_derive_private_key T
goldilocks.o goldilocks_destroy_precomputed_public_key T
goldilocks.o goldilocks_init T
goldilocks.o goldilocks_keygen T
goldilocks.o goldilocks_precompute_public_key T
goldilocks.o goldilocks_private_to_public T
goldilocks.o goldilocks_shared_secret T
goldilocks.o goldilocks_shared_secret_precomputed T
goldilocks.o goldilocks_sign T
goldilocks.o goldilocks_underive_private_key T
goldilocks.o goldilocks_verify T
goldilocks.o goldilocks_verify_precomputed T
magic.o SCALARMUL_FIXED_WINDOW_ADJUSTMENT R
magic.o curve_prime_order D
magic.o goldilocks_base_point R
magic.o sqrt_d_minus_1 R
p448.o p448_deserialize T
p448.o p448_is_zero T
p448.o p448_mul T
p448.o p448_mulw T
p448.o p448_serialize T
p448.o p448_sqr T
p448.o p448_strong_reduce T
p448.o simultaneous_invert_p448 T
scalarmul.o destroy_fixed_base T
scalarmul.o linear_combo_combs_vt T
scalarmul.o linear_combo_var_fixed_vt T
scalarmul.o montgomery_ladder T
scalarmul.o precompute_fixed_base T
scalarmul.o precompute_fixed_base_wnaf T
scalarmul.o scalarmul T
scalarmul.o scalarmul_fixed_base T
scalarmul.o scalarmul_fixed_base_wnaf_vt T
scalarmul.o scalarmul_vlook T
scalarmul.o scalarmul_vt T
sha512.o sha512_final T
sha512.o sha512_init T
sha512.o sha512_update T

Number of similar (compiler,implementation) pairs: 25, namely:
CompilerImplementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:32
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:32
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:32
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:32
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:32
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:32
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:32
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE T:32
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:32
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:64
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:64
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:64
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:64
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:64
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:64
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:64
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE T:64
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:64
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:amd64
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:amd64
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:amd64
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:amd64
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:amd64
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:amd64
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE T:amd64