Implementation notes: amd64, speed2supercop, crypto_aead/deoxysi128v141

Computer: speed2supercop
Microarchitecture: amd64; Haswell+AES (306c3)
Architecture: amd64
CPU ID: GenuineIntel-000306c3-1fc9cbf5
SUPERCOP version: 20240625
Operation: crypto_aead
Primitive: deoxysi128v141

Time	Object size	Test size	Implementation	Compiler	Benchmark date	SUPERCOP version
7584	28712 0 0	44365 752 928	`T:aesni`	`gcc_-march=native_-mtune=native_-O3_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
7708	27325 0 0	43942 792 872	`T:aesni`	`clang_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
7768	27261 0 0	43702 792 872	`T:aesni`	`clang_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
7888	26868 0 0	40549 752 928	`T:aesni`	`gcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
7940	27282 0 0	40749 752 928	`T:aesni`	`gcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
8024	23492 0 0	35672 728 896	`T:aesni`	`gcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
8052	27491 0 0	41199 784 920	`T:aesni`	`clang_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
8084	27587 0 0	40438 792 856	`T:aesni`	`clang_-march=native_-O_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
12820	122158 0 0	135679 784 920	`T:aesnis`	`clang_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
12828	122411 0 0	139294 792 872	`T:aesnis`	`clang_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
12832	122379 0 0	139086 792 872	`T:aesnis`	`clang_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
12948	122285 0 0	135030 792 856	`T:aesnis`	`clang_-march=native_-O_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
14772	111662 0 0	123848 728 896	`T:aesnis`	`gcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
14916	121637 0 0	137293 752 928	`T:aesnis`	`gcc_-march=native_-mtune=native_-O3_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
14940	121616 0 0	135293 752 928	`T:aesnis`	`gcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
18208	116240 0 0	129709 752 928	`T:aesnis`	`gcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
65624	96580 0 547	112614 792 1432	`T:bitslice`	`clang_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
65684	96580 0 547	112406 792 1432	`T:bitslice`	`clang_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
69524	118462 0 592	134173 752 1520	`T:bitslice`	`gcc_-march=native_-mtune=native_-O3_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
76920	96741 0 547	109519 784 1480	`T:bitslice`	`clang_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
78348	100867 0 592	114621 752 1520	`T:bitslice`	`gcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
79096	98866 0 547	110806 792 1416	`T:bitslice`	`clang_-march=native_-O_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
83432	148929 0 592	162469 752 1520	`T:bitslice`	`gcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
90664	92872 0 592	105104 728 1488	`T:bitslice`	`gcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
129716	34327 0 592	48085 752 1520	`T:table`	`gcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
129716	35061 0 592	50789 752 1520	`T:table`	`gcc_-march=native_-mtune=native_-O3_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
133812	34141 0 547	48247 784 1480	`T:table`	`clang_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
134268	32528 0 592	44776 728 1488	`T:table`	`gcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
139228	34198 0 592	47733 752 1520	`T:table`	`gcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
141976	35126 0 547	52558 792 1432	`T:table`	`clang_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
142104	35126 0 547	52382 792 1432	`T:table`	`clang_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
142508	35114 0 547	51166 792 1416	`T:table`	`clang_-mcpu=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
148012	34764 0 547	48078 792 1416	`T:table`	`clang_-march=native_-O_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
531572	26570 0 0	42285 752 928	`T:ref`	`gcc_-march=native_-mtune=native_-O3_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
540516	24984 0 0	42222 792 872	`T:ref`	`clang_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
699696	27070 0 0	43134 792 856	`T:ref`	`clang_-mcpu=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
706316	26744 0 0	44206 792 872	`T:ref`	`clang_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
1101052	24482 0 0	37798 792 856	`T:ref`	`clang_-march=native_-O_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
1255156	24489 0 0	38221 752 928	`T:ref`	`gcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
1505736	23878 0 0	37983 784 920	`T:ref`	`clang_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
1971168	22345 0 0	34608 728 896	`T:ref`	`gcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625
2043000	23593 0 0	37133 752 928	`T:ref`	`gcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240703	20240625

Compiler output

deoxys.c: deoxys.c:98:13: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'deoxys_aead_encrypt' that is compiled without support for 'ssse3'
deoxys.c:       tmp = permute( tmp, H_PERMUTATION );
deoxys.c:             ^
deoxys.c: ./tweakable-cipher.macros:7:22: note: expanded from macro 'permute'
deoxys.c: #define permute(a,b) _mm_shuffle_epi8(a,b)
deoxys.c:                      ^
deoxys.c: deoxys.c:105:5: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'deoxys_aead_encrypt' that is compiled without support for 'ssse3'
deoxys.c:     TWEAKEY_SCHEDULE2( tsubkeys,subkeys, key);
deoxys.c:     ^
deoxys.c: ./tweakable-cipher.macros:39:3: note: expanded from macro 'TWEAKEY_SCHEDULE2'
deoxys.c:   ONE_KEY_ROUND( subkeys[ 0], subkeys[ 1] );    ts[ 1] = xor( subkeys[ 1], RCONS[ 1] ); \
deoxys.c:   ^
deoxys.c: ./tweakable-cipher.macros:35:13: note: expanded from macro 'ONE_KEY_ROUND'
deoxys.c:   new_key = permute( new_key, H_PERMUTATION);
deoxys.c:             ^
deoxys.c: ./tweakable-cipher.macros:7:22: note: expanded from macro 'permute'
deoxys.c: #define permute(a,b) _mm_shuffle_epi8(a,b)
deoxys.c:                      ^
deoxys.c: deoxys.c:105:5: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'deoxys_aead_encrypt' that is compiled without support for 'ssse3'
deoxys.c: ./tweakable-cipher.macros:40:3: note: expanded from macro 'TWEAKEY_SCHEDULE2'
deoxys.c:   ONE_KEY_ROUND( subkeys[ 1], subkeys[ 2] );    ts[ 2] = xor( subkeys[ 2], RCONS[ 2] ); \
deoxys.c:   ^
deoxys.c: ./tweakable-cipher.macros:35:13: note: expanded from macro 'ONE_KEY_ROUND'
deoxys.c:   new_key = permute( new_key, H_PERMUTATION);
deoxys.c:             ^
deoxys.c: ...

Number of similar (implementation,compiler) pairs: 1, namely:

Implementation	Compiler
`T:aesni`	`clang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1))`

Compiler output

deoxys.c: deoxys.c:346:20: warning: variable 'Checksum' is uninitialized when used here [-Wuninitialized]
deoxys.c:     Checksum = xor(Checksum, Checksum);
deoxys.c:                    ^~~~~~~~
deoxys.c: ./tweakable-cipher.macros:5:32: note: expanded from macro 'xor'
deoxys.c: #define xor(a,b) _mm_xor_si128(a,b)
deoxys.c:                                ^
deoxys.c: deoxys.c:72:5: note: variable 'Checksum' is declared here
deoxys.c:     __m128i Checksum;
deoxys.c:     ^
deoxys.c: deoxys.c:90:16: warning: variable 'Auth' is uninitialized when used here [-Wuninitialized]
deoxys.c:     Auth = xor(Auth, Auth);
deoxys.c:                ^~~~
deoxys.c: ./tweakable-cipher.macros:5:32: note: expanded from macro 'xor'
deoxys.c: #define xor(a,b) _mm_xor_si128(a,b)
deoxys.c:                                ^
deoxys.c: deoxys.c:71:5: note: variable 'Auth' is declared here
deoxys.c:     __m128i Auth;
deoxys.c:     ^
deoxys.c: deoxys.c:91:17: warning: variable 'Tweak' is uninitialized when used here [-Wuninitialized]
deoxys.c:     Tweak = xor(Tweak, Tweak);
deoxys.c:                 ^~~~~
deoxys.c: ./tweakable-cipher.macros:5:32: note: expanded from macro 'xor'
deoxys.c: #define xor(a,b) _mm_xor_si128(a,b)
deoxys.c:                                ^
deoxys.c: deoxys.c:69:5: note: variable 'Tweak' is declared here
deoxys.c: ...

Number of similar (implementation,compiler) pairs: 5, namely:

Implementation	Compiler
`T:aesnis`	`clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1))`
`T:aesnis`	`clang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1))`
`T:aesnis`	`clang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1))`
`T:aesnis`	`clang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1))`
`T:aesnis`	`clang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1))`

Compiler output

deoxys.c: In file included from deoxys.c:30:
deoxys.c: deoxys.c: In function 'deoxys_aead_encrypt':
deoxys.c: tweakable-cipher.macros:5:18: warning: 'Auth' is used uninitialized [-Wuninitialized]
deoxys.c:     5 | #define xor(a,b) _mm_xor_si128(a,b)
deoxys.c:       |                  ^~~~~~~~~~~~~~~~~~
deoxys.c: deoxys.c:90:12: note: in expansion of macro 'xor'
deoxys.c:    90 |     Auth = xor(Auth, Auth);
deoxys.c:       |            ^~~
deoxys.c: deoxys.c:71:13: note: 'Auth' was declared here
deoxys.c:    71 |     __m128i Auth;
deoxys.c:       |             ^~~~
deoxys.c: tweakable-cipher.macros:5:18: warning: 'Tweak' is used uninitialized [-Wuninitialized]
deoxys.c:     5 | #define xor(a,b) _mm_xor_si128(a,b)
deoxys.c:       |                  ^~~~~~~~~~~~~~~~~~
deoxys.c: deoxys.c:91:13: note: in expansion of macro 'xor'
deoxys.c:    91 |     Tweak = xor(Tweak, Tweak);
deoxys.c:       |             ^~~
deoxys.c: deoxys.c:69:13: note: 'Tweak' was declared here
deoxys.c:    69 |     __m128i Tweak;
deoxys.c:       |             ^~~~~
deoxys.c: tweakable-cipher.macros:5:18: warning: 'Checksum' is used uninitialized [-Wuninitialized]
deoxys.c:     5 | #define xor(a,b) _mm_xor_si128(a,b)
deoxys.c:       |                  ^~~~~~~~~~~~~~~~~~
deoxys.c: deoxys.c:346:16: note: in expansion of macro 'xor'
deoxys.c:   346 |     Checksum = xor(Checksum, Checksum);
deoxys.c: ...

Number of similar (implementation,compiler) pairs: 4, namely:

Implementation	Compiler
`T:aesnis`	`gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0)`
`T:aesnis`	`gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0)`
`T:aesnis`	`gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0)`
`T:aesnis`	`gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0)`

Compiler output

deoxys_8.c: deoxys_8.c:248:18: warning: variable 'CHECKSUM' is uninitialized when used here [-Wuninitialized]
deoxys_8.c:     CHECKSUM=XOR(CHECKSUM,CHECKSUM);
deoxys_8.c:                  ^~~~~~~~
deoxys_8.c: ./deoxys.macros:38:39: note: expanded from macro 'XOR'
deoxys_8.c: #define XOR(a,b)        _mm_xor_si128(a,b)
deoxys_8.c:                                       ^
deoxys_8.c: deoxys_8.c:159:5: note: variable 'CHECKSUM' is declared here
deoxys_8.c:     __m128i CHECKSUM;
deoxys_8.c:     ^
deoxys_8.c: deoxys_8.c:174:14: warning: variable 'AUTH' is uninitialized when used here [-Wuninitialized]
deoxys_8.c:     AUTH=XOR(AUTH,AUTH);
deoxys_8.c:              ^~~~
deoxys_8.c: ./deoxys.macros:38:39: note: expanded from macro 'XOR'
deoxys_8.c: #define XOR(a,b)        _mm_xor_si128(a,b)
deoxys_8.c:                                       ^
deoxys_8.c: deoxys_8.c:158:5: note: variable 'AUTH' is declared here
deoxys_8.c:     __m128i AUTH;
deoxys_8.c:     ^
deoxys_8.c: deoxys_8.c:460:18: warning: variable 'CHECKSUM' is uninitialized when used here [-Wuninitialized]
deoxys_8.c:     CHECKSUM=XOR(CHECKSUM,CHECKSUM);
deoxys_8.c:                  ^~~~~~~~
deoxys_8.c: ./deoxys.macros:38:39: note: expanded from macro 'XOR'
deoxys_8.c: #define XOR(a,b)        _mm_xor_si128(a,b)
deoxys_8.c:                                       ^
deoxys_8.c: deoxys_8.c:366:5: note: variable 'CHECKSUM' is declared here
deoxys_8.c: ...

Number of similar (implementation,compiler) pairs: 4, namely:

Implementation	Compiler
`T:bitslice`	`clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1))`
`T:bitslice`	`clang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1))`
`T:bitslice`	`clang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1))`
`T:bitslice`	`clang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1))`

Compiler output

deoxys_8.c: deoxys_8.c:248:18: warning: variable 'CHECKSUM' is uninitialized when used here [-Wuninitialized]
deoxys_8.c:     CHECKSUM=XOR(CHECKSUM,CHECKSUM);
deoxys_8.c:                  ^~~~~~~~
deoxys_8.c: ./deoxys.macros:38:39: note: expanded from macro 'XOR'
deoxys_8.c: #define XOR(a,b)        _mm_xor_si128(a,b)
deoxys_8.c:                                       ^
deoxys_8.c: deoxys_8.c:159:5: note: variable 'CHECKSUM' is declared here
deoxys_8.c:     __m128i CHECKSUM;
deoxys_8.c:     ^
deoxys_8.c: deoxys_8.c:174:14: warning: variable 'AUTH' is uninitialized when used here [-Wuninitialized]
deoxys_8.c:     AUTH=XOR(AUTH,AUTH);
deoxys_8.c:              ^~~~
deoxys_8.c: ./deoxys.macros:38:39: note: expanded from macro 'XOR'
deoxys_8.c: #define XOR(a,b)        _mm_xor_si128(a,b)
deoxys_8.c:                                       ^
deoxys_8.c: deoxys_8.c:158:5: note: variable 'AUTH' is declared here
deoxys_8.c:     __m128i AUTH;
deoxys_8.c:     ^
deoxys_8.c: deoxys_8.c:178:5: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'deoxys_aead_encrypt_8' that is compiled without support for 'ssse3'
deoxys_8.c:     KEY_SCHEDULE(key, subkey);
deoxys_8.c:     ^
deoxys_8.c: ./deoxys.macros:76:5: note: expanded from macro 'KEY_SCHEDULE'
deoxys_8.c:     packing(subkey[0]);\
deoxys_8.c:     ^
deoxys_8.c: ./deoxys.macros:401:14: note: expanded from macro 'packing'
deoxys_8.c: ...

Number of similar (implementation,compiler) pairs: 1, namely:

Implementation	Compiler
`T:bitslice`	`clang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1))`