Implementation notes: amd64, saber214, crypto_dh/ed448goldilocks

Computer: saber214
Architecture: amd64
CPU ID: AuthenticAMD-00600f20-178bfbff
SUPERCOP version: 20210423
Operation: crypto_dh
Primitive: ed448goldilocks
TimeObject sizeTest sizeImplementationCompilerBenchmark dateSUPERCOP version
316044671020 24 2192490060 932 23664T:amd64clang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2021011520210114
376265497880 24 21924117116 932 23664T:64clang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2021011520210114
1144642381735 24 18852100612 932 20592T:32clang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2021011520210114

Compiler output

Implementation: T:32
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
barrett_field.c: In file included from barrett_field.c:5:
barrett_field.c: In file included from ./barrett_field.h:15:
barrett_field.c: In file included from ./word.h:17:
barrett_field.c: In file included from /usr/include/endian.h:21:
barrett_field.c: /usr/include/features.h:184:3: warning: "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-W#warnings]
barrett_field.c: # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
barrett_field.c: ^
barrett_field.c: 1 warning generated.
crandom.c: In file included from crandom.c:9:
crandom.c: ./intrinsics.h:176:12: error: invalid operand for instruction
crandom.c: __asm__ ("vprotd %1, %2, %0" : "=x"(out) : "x"(x), "g"(amount));
crandom.c: ^
crandom.c: <inline asm>:1:16: note: instantiated into assembly here
crandom.c: vprotd %xmm2, $16, %xmm2
crandom.c: ^~~~
crandom.c: In file included from crandom.c:9:
crandom.c: ./intrinsics.h:176:12: error: invalid operand for instruction
crandom.c: __asm__ ("vprotd %1, %2, %0" : "=x"(out) : "x"(x), "g"(amount));
crandom.c: ^
crandom.c: <inline asm>:1:16: note: instantiated into assembly here
crandom.c: vprotd %xmm3, $12, %xmm3
crandom.c: ^~~~
crandom.c: In file included from crandom.c:9:
crandom.c: ./intrinsics.h:176:12: error: invalid operand for instruction
crandom.c: __asm__ ("vprotd %1, %2, %0" : "=x"(out) : "x"(x), "g"(amount));
crandom.c: ^
crandom.c: <inline asm>:1:16: note: instantiated into assembly here
crandom.c: vprotd %xmm2, $8, %xmm2
crandom.c: ^~~
crandom.c: In file included from crandom.c:9:
crandom.c: ./intrinsics.h:176:12: error: invalid operand for instruction
crandom.c: __asm__ ("vprotd %1, %2, %0" : "=x"(out) : "x"(x), "g"(amount));
crandom.c: ^
crandom.c: ...

Number of similar (compiler,implementation) pairs: 12, namely:
CompilerImplementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:32
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:32
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:32
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:32
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:64
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:64
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:64
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:64
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:amd64
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:amd64
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:amd64
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:amd64

Compiler output

Implementation: T:32
Security model: timingleaks
Compiler: clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
barrett_field.c: In file included from barrett_field.c:5:
barrett_field.c: In file included from ./barrett_field.h:15:
barrett_field.c: In file included from ./word.h:17:
barrett_field.c: In file included from /usr/include/endian.h:21:
barrett_field.c: /usr/include/features.h:184:3: warning: "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-W#warnings]
barrett_field.c: # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
barrett_field.c: ^
barrett_field.c: 1 warning generated.
ec_point.c: In file included from ec_point.c:12:
ec_point.c: In file included from ./ec_point.h:13:
ec_point.c: In file included from ./p448.h:7:
ec_point.c: In file included from ./word.h:17:
ec_point.c: In file included from /usr/include/endian.h:21:
ec_point.c: /usr/include/features.h:184:3: warning: "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-W#warnings]
ec_point.c: # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
ec_point.c: ^
ec_point.c: 1 warning generated.
goldilocks.c: In file included from goldilocks.c:6:
goldilocks.c: In file included from ./word.h:17:
goldilocks.c: In file included from /usr/include/endian.h:21:
goldilocks.c: /usr/include/features.h:184:3: warning: "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-W#warnings]
goldilocks.c: # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
goldilocks.c: ^
goldilocks.c: 1 warning generated.
magic.c: In file included from magic.c:5:
magic.c: In file included from ./field.h:11:
magic.c: In file included from ./magic.h:14:
magic.c: In file included from ./word.h:17:
magic.c: In file included from /usr/include/endian.h:21:
magic.c: /usr/include/features.h:184:3: warning: "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-W#warnings]
magic.c: # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
magic.c: ^
magic.c: 1 warning generated.
p448.c: In file included from p448.c:5:
p448.c: In file included from ./word.h:17:
p448.c: In file included from /usr/include/endian.h:21:
p448.c: /usr/include/features.h:184:3: warning: "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-W#warnings]
p448.c: # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
p448.c: ^
p448.c: 1 warning generated.
scalarmul.c: In file included from scalarmul.c:5:
scalarmul.c: In file included from ./word.h:17:
scalarmul.c: In file included from /usr/include/endian.h:21:
scalarmul.c: /usr/include/features.h:184:3: warning: "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-W#warnings]
scalarmul.c: # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
scalarmul.c: ^
scalarmul.c: 1 warning generated.
sha512.c: In file included from sha512.c:5:
sha512.c: In file included from ./word.h:17:
sha512.c: In file included from /usr/include/endian.h:21:
sha512.c: /usr/include/features.h:184:3: warning: "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-W#warnings]
sha512.c: # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
sha512.c: ^
sha512.c: 1 warning generated.

Number of similar (compiler,implementation) pairs: 1, namely:
CompilerImplementations
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:32

Compiler output

Implementation: T:32
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE
barrett_field.c: In file included from /usr/include/endian.h:21:0,
barrett_field.c: from word.h:17,
barrett_field.c: from barrett_field.h:15,
barrett_field.c: from barrett_field.c:5:
barrett_field.c: /usr/include/features.h:184:3: warning: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-Wcpp]
barrett_field.c: # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
barrett_field.c: ^~~~~~~
crandom.c: intrinsics.h: Assembler messages:
crandom.c: intrinsics.h:176: Error: operand type mismatch for `vprotd'
crandom.c: intrinsics.h:176: Error: operand type mismatch for `vprotd'
crandom.c: intrinsics.h:176: Error: operand type mismatch for `vprotd'
crandom.c: intrinsics.h:176: Error: operand type mismatch for `vprotd'
crandom.c: intrinsics.h:176: Error: operand type mismatch for `vprotd'
crandom.c: intrinsics.h:176: Error: operand type mismatch for `vprotd'
crandom.c: intrinsics.h:176: Error: operand type mismatch for `vprotd'
crandom.c: intrinsics.h:176: Error: operand type mismatch for `vprotd'
crandom.c: intrinsics.h:176: Error: operand type mismatch for `vprotd'
crandom.c: intrinsics.h:176: Error: operand type mismatch for `vprotd'
crandom.c: intrinsics.h:176: Error: operand type mismatch for `vprotd'
crandom.c: intrinsics.h:176: Error: operand type mismatch for `vprotd'
crandom.c: intrinsics.h:176: Error: operand type mismatch for `vprotd'
crandom.c: intrinsics.h:176: Error: operand type mismatch for `vprotd'
crandom.c: intrinsics.h:176: Error: operand type mismatch for `vprotd'
crandom.c: intrinsics.h:176: Error: operand type mismatch for `vprotd'

Number of similar (compiler,implementation) pairs: 9, namely:
CompilerImplementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:32
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:32
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE T:32
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:64
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:64
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE T:64
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:amd64
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:amd64
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE T:amd64

Compiler output

Implementation: T:32
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE
barrett_field.c: In file included from /usr/include/endian.h:21:0,
barrett_field.c: from word.h:17,
barrett_field.c: from barrett_field.h:15,
barrett_field.c: from barrett_field.c:5:
barrett_field.c: /usr/include/features.h:184:3: warning: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-Wcpp]
barrett_field.c: # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
barrett_field.c: ^~~~~~~
crandom.c: intrinsics.h: Assembler messages:
crandom.c: intrinsics.h:176: Error: operand type mismatch for `vprotd'
crandom.c: intrinsics.h:176: Error: operand type mismatch for `vprotd'
crandom.c: intrinsics.h:176: Error: operand type mismatch for `vprotd'
crandom.c: intrinsics.h:176: Error: operand type mismatch for `vprotd'

Number of similar (compiler,implementation) pairs: 3, namely:
CompilerImplementations
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:32 T:64 T:amd64

Compiler output

Implementation: T:64
Security model: timingleaks
Compiler: clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
barrett_field.c: In file included from barrett_field.c:5:
barrett_field.c: In file included from ./barrett_field.h:15:
barrett_field.c: In file included from ./word.h:17:
barrett_field.c: In file included from /usr/include/endian.h:21:
barrett_field.c: /usr/include/features.h:184:3: warning: "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-W#warnings]
barrett_field.c: # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
barrett_field.c: ^
barrett_field.c: 1 warning generated.
goldilocks.c: In file included from goldilocks.c:6:
goldilocks.c: In file included from ./word.h:17:
goldilocks.c: In file included from /usr/include/endian.h:21:
goldilocks.c: /usr/include/features.h:184:3: warning: "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-W#warnings]
goldilocks.c: # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
goldilocks.c: ^
goldilocks.c: 1 warning generated.
magic.c: In file included from magic.c:5:
magic.c: In file included from ./field.h:11:
magic.c: In file included from ./magic.h:14:
magic.c: In file included from ./word.h:17:
magic.c: In file included from /usr/include/endian.h:21:
magic.c: /usr/include/features.h:184:3: warning: "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-W#warnings]
magic.c: # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
magic.c: ^
magic.c: 1 warning generated.
scalarmul.c: In file included from scalarmul.c:5:
scalarmul.c: In file included from ./word.h:17:
scalarmul.c: In file included from /usr/include/endian.h:21:
scalarmul.c: /usr/include/features.h:184:3: warning: "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-W#warnings]
scalarmul.c: # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
scalarmul.c: ^
scalarmul.c: 1 warning generated.
sha512.c: In file included from sha512.c:5:
sha512.c: In file included from ./word.h:17:
sha512.c: In file included from /usr/include/endian.h:21:
sha512.c: /usr/include/features.h:184:3: warning: "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-W#warnings]
sha512.c: # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
sha512.c: ^
sha512.c: 1 warning generated.

Number of similar (compiler,implementation) pairs: 2, namely:
CompilerImplementations
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:64 T:amd64

Namespace violations

Implementation: T:32
Security model: timingleaks
Compiler: clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
barrett_field.o add_nr_ext_packed T
barrett_field.o barrett_deserialize T
barrett_field.o barrett_deserialize_and_reduce T
barrett_field.o barrett_mul_or_mac T
barrett_field.o barrett_negate T
barrett_field.o barrett_reduce T
barrett_field.o barrett_serialize T
barrett_field.o sub_nr_ext_packed T
crandom.o crandom_destroy T
crandom.o crandom_detect_features T
crandom.o crandom_features B
crandom.o crandom_generate T
crandom.o crandom_init_from_buffer T
crandom.o crandom_init_from_file T
ec_point.o add_tw_niels_to_tw_extensible T
ec_point.o add_tw_pniels_to_tw_extensible T
ec_point.o convert_affine_to_extensible T
ec_point.o convert_tw_affine_to_tw_extensible T
ec_point.o convert_tw_affine_to_tw_pniels T
ec_point.o convert_tw_extensible_to_tw_pniels T
ec_point.o convert_tw_niels_to_tw_extensible T
ec_point.o convert_tw_pniels_to_tw_extensible T
ec_point.o deserialize_affine T
ec_point.o deserialize_and_twist_approx T
ec_point.o deserialize_montgomery T
ec_point.o double_extensible T
ec_point.o double_tw_extensible T
ec_point.o elligator_2s_inject T
ec_point.o eq_affine T
ec_point.o eq_extensible T
ec_point.o eq_tw_extensible T
ec_point.o is_even_pt T
ec_point.o is_even_tw T
ec_point.o is_square T
ec_point.o montgomery_step T
ec_point.o p448_inverse T
ec_point.o p448_isr T
ec_point.o serialize_extensible T
ec_point.o serialize_montgomery T
ec_point.o set_identity_affine T
ec_point.o set_identity_extensible T
ec_point.o set_identity_tw_extensible T
ec_point.o sub_tw_niels_from_tw_extensible T
ec_point.o sub_tw_pniels_from_tw_extensible T
ec_point.o test_only_twist T
ec_point.o twist_and_double T
ec_point.o twist_even T
ec_point.o untwist_and_double T
ec_point.o untwist_and_double_and_serialize T
ec_point.o validate_affine T
ec_point.o validate_extensible T
ec_point.o validate_tw_extensible T
goldilocks.o goldilocks_derive_private_key T
goldilocks.o goldilocks_destroy_precomputed_public_key T
goldilocks.o goldilocks_init T
goldilocks.o goldilocks_keygen T
goldilocks.o goldilocks_precompute_public_key T
goldilocks.o goldilocks_private_to_public T
goldilocks.o goldilocks_shared_secret T
goldilocks.o goldilocks_shared_secret_precomputed T
goldilocks.o goldilocks_sign T
goldilocks.o goldilocks_underive_private_key T
goldilocks.o goldilocks_verify T
goldilocks.o goldilocks_verify_precomputed T
magic.o SCALARMUL_FIXED_WINDOW_ADJUSTMENT R
magic.o curve_prime_order D
magic.o goldilocks_base_point R
magic.o sqrt_d_minus_1 R
p448.o p448_deserialize T
p448.o p448_is_zero T
p448.o p448_mul T
p448.o p448_mulw T
p448.o p448_serialize T
p448.o p448_sqr T
p448.o p448_strong_reduce T
p448.o simultaneous_invert_p448 T
scalarmul.o destroy_fixed_base T
scalarmul.o linear_combo_combs_vt T
scalarmul.o linear_combo_var_fixed_vt T
scalarmul.o montgomery_ladder T
scalarmul.o precompute_fixed_base T
scalarmul.o precompute_fixed_base_wnaf T
scalarmul.o scalarmul T
scalarmul.o scalarmul_fixed_base T
scalarmul.o scalarmul_fixed_base_wnaf_vt T
scalarmul.o scalarmul_vlook T
scalarmul.o scalarmul_vt T
sha512.o sha512_final T
sha512.o sha512_init T
sha512.o sha512_update T

Number of similar (compiler,implementation) pairs: 3, namely:
CompilerImplementations
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:32 T:64 T:amd64