Implementation notes: amd64, margaux, crypto_aead/aes128otrpv3

Computer: margaux
Architecture: amd64
CPU ID: GenuineIntel-000006fb-bfebfbff
SUPERCOP version: 20211108
Operation: crypto_aead
Primitive: aes128otrpv3
TimeObject sizeTest sizeImplementationCompilerBenchmark dateSUPERCOP version
14252914235 4400 32029388 5212 1328T:refclang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2021050320210423
14258114403 4400 32030908 5212 1328T:refclang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2021050320210423
14261414235 4400 32029388 5212 1328T:refclang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2021050320210423
14307314469 4400 32030780 5212 1328T:refclang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2021050320210423
1449876319 4400 32019538 5204 1328T:refclang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2021050320210423
14836621182 4392 32038320 5212 1424T:refgcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2021050320210423
1661247208 4392 32021944 5196 1424T:refgcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2021050320210423
1884926065 4392 32020720 5196 1424T:refgcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2021050320210423
2601545288 4392 32018852 5180 1392T:refgcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2021050320210423

Compiler output

Implementation: T:ni_p7m1
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
encrypt.c: encrypt.c:250:33: warning: implicit conversion from 'int' to 'char' changes value from 255 to -1 [-Wconstant-conversion]
encrypt.c: const block sh1 = _mm_set_epi8(255, 255, 255, 255, 255, 255, 15, 14, 255, 255, 255, 255, 255, 255, 7, 6);
encrypt.c: ~~~~~~~~~~~~ ^~~
encrypt.c: encrypt.c:250:38: warning: implicit conversion from 'int' to 'char' changes value from 255 to -1 [-Wconstant-conversion]
encrypt.c: const block sh1 = _mm_set_epi8(255, 255, 255, 255, 255, 255, 15, 14, 255, 255, 255, 255, 255, 255, 7, 6);
encrypt.c: ~~~~~~~~~~~~ ^~~
encrypt.c: encrypt.c:250:43: warning: implicit conversion from 'int' to 'char' changes value from 255 to -1 [-Wconstant-conversion]
encrypt.c: const block sh1 = _mm_set_epi8(255, 255, 255, 255, 255, 255, 15, 14, 255, 255, 255, 255, 255, 255, 7, 6);
encrypt.c: ~~~~~~~~~~~~ ^~~
encrypt.c: encrypt.c:250:48: warning: implicit conversion from 'int' to 'char' changes value from 255 to -1 [-Wconstant-conversion]
encrypt.c: const block sh1 = _mm_set_epi8(255, 255, 255, 255, 255, 255, 15, 14, 255, 255, 255, 255, 255, 255, 7, 6);
encrypt.c: ~~~~~~~~~~~~ ^~~
encrypt.c: encrypt.c:250:53: warning: implicit conversion from 'int' to 'char' changes value from 255 to -1 [-Wconstant-conversion]
encrypt.c: const block sh1 = _mm_set_epi8(255, 255, 255, 255, 255, 255, 15, 14, 255, 255, 255, 255, 255, 255, 7, 6);
encrypt.c: ~~~~~~~~~~~~ ^~~
encrypt.c: encrypt.c:250:58: warning: implicit conversion from 'int' to 'char' changes value from 255 to -1 [-Wconstant-conversion]
encrypt.c: const block sh1 = _mm_set_epi8(255, 255, 255, 255, 255, 255, 15, 14, 255, 255, 255, 255, 255, 255, 7, 6);
encrypt.c: ~~~~~~~~~~~~ ^~~
encrypt.c: encrypt.c:250:71: warning: implicit conversion from 'int' to 'char' changes value from 255 to -1 [-Wconstant-conversion]
encrypt.c: const block sh1 = _mm_set_epi8(255, 255, 255, 255, 255, 255, 15, 14, 255, 255, 255, 255, 255, 255, 7, 6);
encrypt.c: ~~~~~~~~~~~~ ^~~
encrypt.c: encrypt.c:250:76: warning: implicit conversion from 'int' to 'char' changes value from 255 to -1 [-Wconstant-conversion]
encrypt.c: const block sh1 = _mm_set_epi8(255, 255, 255, 255, 255, 255, 15, 14, 255, 255, 255, 255, 255, 255, 7, 6);
encrypt.c: ~~~~~~~~~~~~ ^~~
encrypt.c: encrypt.c:250:81: warning: implicit conversion from 'int' to 'char' changes value from 255 to -1 [-Wconstant-conversion]
encrypt.c: ...

Number of similar (compiler,implementation) pairs: 10, namely:
CompilerImplementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ni_p7m1
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ni_p7m1
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ni_p7m1
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ni_p7m1
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ni_p7m1
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ni_p8m1
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ni_p8m1
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ni_p8m1
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ni_p8m1
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ni_p8m1

Compiler output

Implementation: T:ni_p7m1
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE
encrypt.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/7/include/x86intrin.h:45:0,
encrypt.c: from otr.h:30,
encrypt.c: from encrypt.c:33:
encrypt.c: encrypt.c: In function 'AES_128_Key_Expansion':
encrypt.c: /usr/lib/gcc/x86_64-linux-gnu/7/include/wmmintrin.h:87:1: error: inlining failed in call to always_inline '_mm_aeskeygenassist_si128': target specific option mismatch
encrypt.c: _mm_aeskeygenassist_si128 (__m128i __X, const int __C)
encrypt.c: ^~~~~~~~~~~~~~~~~~~~~~~~~
encrypt.c: encrypt.c:55:8: note: called from here
encrypt.c: v2 = _mm_aeskeygenassist_si128(v4,aes_const); \
encrypt.c: ^
encrypt.c: encrypt.c:110:2: note: in expansion of macro 'EXPAND_ASSIST'
encrypt.c: EXPAND_ASSIST(x0, x1, x2, x0, 255, 54); kp[10] = x0;
encrypt.c: ^~~~~~~~~~~~~
encrypt.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/7/include/x86intrin.h:45:0,
encrypt.c: from otr.h:30,
encrypt.c: from encrypt.c:33:
encrypt.c: /usr/lib/gcc/x86_64-linux-gnu/7/include/wmmintrin.h:87:1: error: inlining failed in call to always_inline '_mm_aeskeygenassist_si128': target specific option mismatch
encrypt.c: _mm_aeskeygenassist_si128 (__m128i __X, const int __C)
encrypt.c: ^~~~~~~~~~~~~~~~~~~~~~~~~
encrypt.c: encrypt.c:55:8: note: called from here
encrypt.c: v2 = _mm_aeskeygenassist_si128(v4,aes_const); \
encrypt.c: ^
encrypt.c: encrypt.c:109:2: note: in expansion of macro 'EXPAND_ASSIST'
encrypt.c: EXPAND_ASSIST(x0, x1, x2, x0, 255, 27); kp[9] = x0;
encrypt.c: ^~~~~~~~~~~~~
encrypt.c: ...

Number of similar (compiler,implementation) pairs: 16, namely:
CompilerImplementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ni_p7m1
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ni_p7m1
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ni_p7m1
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ni_p7m1
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ni_p7m2
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ni_p7m2
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ni_p7m2
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ni_p7m2
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ni_p8m1
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ni_p8m1
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ni_p8m1
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ni_p8m1
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ni_p8m2
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ni_p8m2
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ni_p8m2
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ni_p8m2

Compiler output

Implementation: T:ni_p7m2
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
encrypt.c: encrypt.c:206:13: error: always_inline function '_mm_aesenc_si128' requires target feature 'aes', but would be inlined into function 'AES_ecb_encrypt_PIPE' that is compiled without support for 'aes'
encrypt.c: blks[0] = _mm_aesenc_si128(blks[0], key[j]);
encrypt.c: ^
encrypt.c: encrypt.c:207:13: error: always_inline function '_mm_aesenc_si128' requires target feature 'aes', but would be inlined into function 'AES_ecb_encrypt_PIPE' that is compiled without support for 'aes'
encrypt.c: blks[1] = _mm_aesenc_si128(blks[1], key[j]);
encrypt.c: ^
encrypt.c: encrypt.c:208:13: error: always_inline function '_mm_aesenc_si128' requires target feature 'aes', but would be inlined into function 'AES_ecb_encrypt_PIPE' that is compiled without support for 'aes'
encrypt.c: blks[2] = _mm_aesenc_si128(blks[2], key[j]);
encrypt.c: ^
encrypt.c: encrypt.c:209:13: error: always_inline function '_mm_aesenc_si128' requires target feature 'aes', but would be inlined into function 'AES_ecb_encrypt_PIPE' that is compiled without support for 'aes'
encrypt.c: blks[3] = _mm_aesenc_si128(blks[3], key[j]);
encrypt.c: ^
encrypt.c: encrypt.c:211:13: error: always_inline function '_mm_aesenc_si128' requires target feature 'aes', but would be inlined into function 'AES_ecb_encrypt_PIPE' that is compiled without support for 'aes'
encrypt.c: blks[4] = _mm_aesenc_si128(blks[4], key[j]);
encrypt.c: ^
encrypt.c: encrypt.c:214:13: error: always_inline function '_mm_aesenc_si128' requires target feature 'aes', but would be inlined into function 'AES_ecb_encrypt_PIPE' that is compiled without support for 'aes'
encrypt.c: blks[5] = _mm_aesenc_si128(blks[5], key[j]);
encrypt.c: ^
encrypt.c: encrypt.c:217:13: error: always_inline function '_mm_aesenc_si128' requires target feature 'aes', but would be inlined into function 'AES_ecb_encrypt_PIPE' that is compiled without support for 'aes'
encrypt.c: blks[6] = _mm_aesenc_si128(blks[6], key[j]);
encrypt.c: ^
encrypt.c: encrypt.c:223:12: error: always_inline function '_mm_aesenclast_si128' requires target feature 'aes', but would be inlined into function 'AES_ecb_encrypt_PIPE' that is compiled without support for 'aes'
encrypt.c: blks[0] = _mm_aesenclast_si128(blks[0], key[j]);
encrypt.c: ^
encrypt.c: encrypt.c:224:12: error: always_inline function '_mm_aesenclast_si128' requires target feature 'aes', but would be inlined into function 'AES_ecb_encrypt_PIPE' that is compiled without support for 'aes'
encrypt.c: ...

Number of similar (compiler,implementation) pairs: 4, namely:
CompilerImplementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ni_p7m2
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ni_p7m2
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ni_p7m2
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ni_p7m2

Compiler output

Implementation: T:ni_p7m2
Security model: timingleaks
Compiler: clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
encrypt.c: encrypt.c:304:18: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'mul2_PIPE' that is compiled without support for 'ssse3'
encrypt.c: __m128i intmp = le(dat[0]);
encrypt.c: ^
encrypt.c: encrypt.c:42:15: note: expanded from macro 'le'
encrypt.c: #define le(b) _mm_shuffle_epi8(b,_mm_set_epi8(0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15)) /*Byte order conversion*/
encrypt.c: ^
encrypt.c: encrypt.c:312:11: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'mul2_PIPE' that is compiled without support for 'ssse3'
encrypt.c: dat[1] = le(intmp);
encrypt.c: ^
encrypt.c: encrypt.c:42:15: note: expanded from macro 'le'
encrypt.c: #define le(b) _mm_shuffle_epi8(b,_mm_set_epi8(0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15)) /*Byte order conversion*/
encrypt.c: ^
encrypt.c: encrypt.c:319:11: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'mul2_PIPE' that is compiled without support for 'ssse3'
encrypt.c: dat[2] = le(intmp);
encrypt.c: ^
encrypt.c: encrypt.c:42:15: note: expanded from macro 'le'
encrypt.c: #define le(b) _mm_shuffle_epi8(b,_mm_set_epi8(0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15)) /*Byte order conversion*/
encrypt.c: ^
encrypt.c: encrypt.c:326:11: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'mul2_PIPE' that is compiled without support for 'ssse3'
encrypt.c: dat[3] = le(intmp);
encrypt.c: ^
encrypt.c: encrypt.c:42:15: note: expanded from macro 'le'
encrypt.c: #define le(b) _mm_shuffle_epi8(b,_mm_set_epi8(0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15)) /*Byte order conversion*/
encrypt.c: ^
encrypt.c: encrypt.c:332:11: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'mul2_PIPE' that is compiled without support for 'ssse3'
encrypt.c: ...

Number of similar (compiler,implementation) pairs: 2, namely:
CompilerImplementations
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ni_p7m2 T:ni_p8m2

Compiler output

Implementation: T:ni_p8m2
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
encrypt.c: encrypt.c:206:13: error: always_inline function '_mm_aesenc_si128' requires target feature 'aes', but would be inlined into function 'AES_ecb_encrypt_PIPE' that is compiled without support for 'aes'
encrypt.c: blks[0] = _mm_aesenc_si128(blks[0], key[j]);
encrypt.c: ^
encrypt.c: encrypt.c:207:13: error: always_inline function '_mm_aesenc_si128' requires target feature 'aes', but would be inlined into function 'AES_ecb_encrypt_PIPE' that is compiled without support for 'aes'
encrypt.c: blks[1] = _mm_aesenc_si128(blks[1], key[j]);
encrypt.c: ^
encrypt.c: encrypt.c:208:13: error: always_inline function '_mm_aesenc_si128' requires target feature 'aes', but would be inlined into function 'AES_ecb_encrypt_PIPE' that is compiled without support for 'aes'
encrypt.c: blks[2] = _mm_aesenc_si128(blks[2], key[j]);
encrypt.c: ^
encrypt.c: encrypt.c:209:13: error: always_inline function '_mm_aesenc_si128' requires target feature 'aes', but would be inlined into function 'AES_ecb_encrypt_PIPE' that is compiled without support for 'aes'
encrypt.c: blks[3] = _mm_aesenc_si128(blks[3], key[j]);
encrypt.c: ^
encrypt.c: encrypt.c:211:13: error: always_inline function '_mm_aesenc_si128' requires target feature 'aes', but would be inlined into function 'AES_ecb_encrypt_PIPE' that is compiled without support for 'aes'
encrypt.c: blks[4] = _mm_aesenc_si128(blks[4], key[j]);
encrypt.c: ^
encrypt.c: encrypt.c:214:13: error: always_inline function '_mm_aesenc_si128' requires target feature 'aes', but would be inlined into function 'AES_ecb_encrypt_PIPE' that is compiled without support for 'aes'
encrypt.c: blks[5] = _mm_aesenc_si128(blks[5], key[j]);
encrypt.c: ^
encrypt.c: encrypt.c:217:13: error: always_inline function '_mm_aesenc_si128' requires target feature 'aes', but would be inlined into function 'AES_ecb_encrypt_PIPE' that is compiled without support for 'aes'
encrypt.c: blks[6] = _mm_aesenc_si128(blks[6], key[j]);
encrypt.c: ^
encrypt.c: encrypt.c:220:13: error: always_inline function '_mm_aesenc_si128' requires target feature 'aes', but would be inlined into function 'AES_ecb_encrypt_PIPE' that is compiled without support for 'aes'
encrypt.c: blks[7] = _mm_aesenc_si128(blks[7], key[j]);
encrypt.c: ^
encrypt.c: encrypt.c:223:12: error: always_inline function '_mm_aesenclast_si128' requires target feature 'aes', but would be inlined into function 'AES_ecb_encrypt_PIPE' that is compiled without support for 'aes'
encrypt.c: ...

Number of similar (compiler,implementation) pairs: 4, namely:
CompilerImplementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ni_p8m2
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ni_p8m2
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ni_p8m2
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ni_p8m2

Namespace violations

Implementation: T:ref
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
otr.o AE_Decrypt T
otr.o AE_Encrypt T
otr.o AFunc T
otr.o AFuncS T
otr.o DFunc T
otr.o EFunc T
otr.o L B
otr.o Ls B
otr.o Q B
otr.o Setup T
otr.o TA B
otr.o TE B
otr.o nEnc T
t-aes_enc_only.o Encryption T
t-aes_enc_only.o KeySchedule T
t-aes_enc_only.o RC D
t-aes_enc_only.o S D
t-aes_enc_only.o T0 D
t-aes_enc_only.o T1 D
t-aes_enc_only.o T2 D
t-aes_enc_only.o T3 D

Number of similar (compiler,implementation) pairs: 9, namely:
CompilerImplementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ref
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ref
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ref
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ref
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ref
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ref
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ref
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ref
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ref