Implementation notes: amd64, speed2supercop, crypto_aead/kiasuneq128v1
Computer: speed2supercop
Microarchitecture: amd64; Haswell+AES (306c3)
Architecture: amd64
CPU ID: GenuineIntel-000306c3-1fc9cbf5
SUPERCOP version: 20240625
Operation: crypto_aead
Primitive: kiasuneq128v1
| Time | Object size | Test size | Implementation | Compiler | Benchmark date | SUPERCOP version |
|---|
| 4816 | 19341 0 0 | 41453 752 928 | T:opt | gcc_-march=native_-mtune=native_-O3_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall | 20240703 | 20240625 |
| 4836 | 15128 0 0 | 35245 752 928 | T:opt | gcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall | 20240703 | 20240625 |
| 5040 | 14649 0 0 | 33486 792 856 | T:opt | clang_-march=native_-O_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall | 20240703 | 20240625 |
| 5076 | 14343 0 0 | 32376 728 896 | T:opt | gcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall | 20240703 | 20240625 |
| 5092 | 15252 0 0 | 34933 752 928 | T:opt | gcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall | 20240703 | 20240625 |
| 5104 | 14867 0 0 | 37950 792 872 | T:opt | clang_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall | 20240703 | 20240625 |
| 5228 | 14867 0 0 | 37758 792 872 | T:opt | clang_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall | 20240703 | 20240625 |
| 5768 | 16410 0 0 | 36183 784 920 | T:opt | clang_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall | 20240703 | 20240625 |
| 166216 | 21599 0 0 | 37269 752 928 | T:ref | gcc_-march=native_-mtune=native_-O3_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall | 20240703 | 20240625 |
| 167828 | 20021 0 0 | 33701 752 928 | T:ref | gcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall | 20240703 | 20240625 |
| 190740 | 18668 0 0 | 30880 728 896 | T:ref | gcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall | 20240703 | 20240625 |
| 197432 | 19311 0 0 | 36790 792 872 | T:ref | clang_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall | 20240703 | 20240625 |
| 198664 | 19311 0 0 | 36598 792 872 | T:ref | clang_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall | 20240703 | 20240625 |
| 199172 | 19216 0 0 | 35254 792 856 | T:ref | clang_-mcpu=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall | 20240703 | 20240625 |
| 205288 | 19327 0 0 | 33431 784 920 | T:ref | clang_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall | 20240703 | 20240625 |
| 205688 | 19527 0 0 | 33013 752 928 | T:ref | gcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall | 20240703 | 20240625 |
| 212560 | 19425 0 0 | 32702 792 856 | T:ref | clang_-march=native_-O_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall | 20240703 | 20240625 |
Compiler output
kiasu.c: kiasu.c:74:26: warning: unused function 'bswap64' [-Wunused-function]
kiasu.c: static inline uint64_t bswap64(uint64_t x) {
kiasu.c: ^
kiasu.c: 1 warning generated.
try.c: /usr/bin/ld: libcrypto_aead_kiasuneq128v1.a(aes_tweaked.o): relocation R_X86_64_32S against symbol `M0' can not be used when making a PIE object; recompile with -fPIE
try.c: /usr/bin/ld: failed to set dynamic section sizes: bad value
try.c: clang: error: linker command failed with exit code 1 (use -v to see invocation)
Number of similar (implementation,compiler) pairs: 5, namely:
| Implementation | Compiler |
| T:bitslice | clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
| T:bitslice | clang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
| T:bitslice | clang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
| T:bitslice | clang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
| T:bitslice | clang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
Compiler output
try.c: /usr/bin/ld: libcrypto_aead_kiasuneq128v1.a(aes_tweaked.o): relocation R_X86_64_32S against symbol `M0' can not be used when making a PIE object; recompile with -fPIE
try.c: /usr/bin/ld: failed to set dynamic section sizes: bad value
try.c: collect2: error: ld returned 1 exit status
Number of similar (implementation,compiler) pairs: 4, namely:
| Implementation | Compiler |
| T:bitslice | gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0) |
| T:bitslice | gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0) |
| T:bitslice | gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0) |
| T:bitslice | gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0) |
Compiler output
encrypt.c: encrypt.c:70:12: warning: unused variable 'outlen' [-Wunused-variable]
encrypt.c: size_t outlen = 0;
encrypt.c: ^
encrypt.c: 1 warning generated.
kiasu.c: kiasu.c:91:50: warning: implicit conversion from 'int' to 'char' changes value from 192 to -64 [-Wconstant-conversion]
kiasu.c: const __m128i MSB_AD_LAST = constant8( (0x6<<5),0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00 );
kiasu.c: ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
kiasu.c: ./aes_ni.macros:13:171: note: expanded from macro 'constant8'
kiasu.c: #define constant8(b15,b14,b13,b12,b11,b10,b9,b8,b7,b6,b5,b4,b3,b2,b1,b0) _mm_set_epi8 ((b0),(b1),(b2),(b3),(b4),(b5),(b6),(b7),(b8),(b9),(b10),(b11),(b12),(b13),(b14),(b15))
kiasu.c: ~~~~~~~~~~~~ ^~~
kiasu.c: kiasu.c:94:56: warning: implicit conversion from 'int' to 'char' changes value from 128 to -128 [-Wconstant-conversion]
kiasu.c: const __m128i MSB_M_LAST_NONZERO = constant8( (0x4<<5),0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00 );
kiasu.c: ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
kiasu.c: ./aes_ni.macros:13:171: note: expanded from macro 'constant8'
kiasu.c: #define constant8(b15,b14,b13,b12,b11,b10,b9,b8,b7,b6,b5,b4,b3,b2,b1,b0) _mm_set_epi8 ((b0),(b1),(b2),(b3),(b4),(b5),(b6),(b7),(b8),(b9),(b10),(b11),(b12),(b13),(b14),(b15))
kiasu.c: ~~~~~~~~~~~~ ^~~
kiasu.c: kiasu.c:95:49: warning: implicit conversion from 'int' to 'char' changes value from 160 to -96 [-Wconstant-conversion]
kiasu.c: const __m128i MSB_CHKSUM = constant8( (0x5<<5),0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00 );
kiasu.c: ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
kiasu.c: ./aes_ni.macros:13:171: note: expanded from macro 'constant8'
kiasu.c: #define constant8(b15,b14,b13,b12,b11,b10,b9,b8,b7,b6,b5,b4,b3,b2,b1,b0) _mm_set_epi8 ((b0),(b1),(b2),(b3),(b4),(b5),(b6),(b7),(b8),(b9),(b10),(b11),(b12),(b13),(b14),(b15))
kiasu.c: ~~~~~~~~~~~~ ^~~
kiasu.c: kiasu.c:331:50: warning: implicit conversion from 'int' to 'char' changes value from 192 to -64 [-Wconstant-conversion]
kiasu.c: const __m128i MSB_AD_LAST = constant8( (0x6<<5),0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00 );
kiasu.c: ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
kiasu.c: ./aes_ni.macros:13:171: note: expanded from macro 'constant8'
kiasu.c: #define constant8(b15,b14,b13,b12,b11,b10,b9,b8,b7,b6,b5,b4,b3,b2,b1,b0) _mm_set_epi8 ((b0),(b1),(b2),(b3),(b4),(b5),(b6),(b7),(b8),(b9),(b10),(b11),(b12),(b13),(b14),(b15))
kiasu.c: ~~~~~~~~~~~~ ^~~
kiasu.c: kiasu.c:334:56: warning: implicit conversion from 'int' to 'char' changes value from 128 to -128 [-Wconstant-conversion]
kiasu.c: ...
Number of similar (implementation,compiler) pairs: 4, namely:
| Implementation | Compiler |
| T:opt | clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
| T:opt | clang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
| T:opt | clang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
| T:opt | clang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
Compiler output
encrypt.c: encrypt.c:70:12: warning: unused variable 'outlen' [-Wunused-variable]
encrypt.c: size_t outlen = 0;
encrypt.c: ^
encrypt.c: 1 warning generated.
kiasu.c: kiasu.c:91:50: warning: implicit conversion from 'int' to 'char' changes value from 192 to -64 [-Wconstant-conversion]
kiasu.c: const __m128i MSB_AD_LAST = constant8( (0x6<<5),0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00 );
kiasu.c: ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
kiasu.c: ./aes_ni.macros:13:171: note: expanded from macro 'constant8'
kiasu.c: #define constant8(b15,b14,b13,b12,b11,b10,b9,b8,b7,b6,b5,b4,b3,b2,b1,b0) _mm_set_epi8 ((b0),(b1),(b2),(b3),(b4),(b5),(b6),(b7),(b8),(b9),(b10),(b11),(b12),(b13),(b14),(b15))
kiasu.c: ~~~~~~~~~~~~ ^~~
kiasu.c: kiasu.c:94:56: warning: implicit conversion from 'int' to 'char' changes value from 128 to -128 [-Wconstant-conversion]
kiasu.c: const __m128i MSB_M_LAST_NONZERO = constant8( (0x4<<5),0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00 );
kiasu.c: ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
kiasu.c: ./aes_ni.macros:13:171: note: expanded from macro 'constant8'
kiasu.c: #define constant8(b15,b14,b13,b12,b11,b10,b9,b8,b7,b6,b5,b4,b3,b2,b1,b0) _mm_set_epi8 ((b0),(b1),(b2),(b3),(b4),(b5),(b6),(b7),(b8),(b9),(b10),(b11),(b12),(b13),(b14),(b15))
kiasu.c: ~~~~~~~~~~~~ ^~~
kiasu.c: kiasu.c:95:49: warning: implicit conversion from 'int' to 'char' changes value from 160 to -96 [-Wconstant-conversion]
kiasu.c: const __m128i MSB_CHKSUM = constant8( (0x5<<5),0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00 );
kiasu.c: ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
kiasu.c: ./aes_ni.macros:13:171: note: expanded from macro 'constant8'
kiasu.c: #define constant8(b15,b14,b13,b12,b11,b10,b9,b8,b7,b6,b5,b4,b3,b2,b1,b0) _mm_set_epi8 ((b0),(b1),(b2),(b3),(b4),(b5),(b6),(b7),(b8),(b9),(b10),(b11),(b12),(b13),(b14),(b15))
kiasu.c: ~~~~~~~~~~~~ ^~~
kiasu.c: kiasu.c:130:4: error: always_inline function '_mm_aesenc_si128' requires target feature 'aes', but would be inlined into function 'kiasu_aead_encrypt' that is compiled without support for 'aes'
kiasu.c: AES( State, subkeys, Tweak );
kiasu.c: ^
kiasu.c: ./aes_ni.macros:21:5: note: expanded from macro 'AES'
kiasu.c: s = enc( s , xor( subkeys[1] , tw ) );\
kiasu.c: ^
kiasu.c: ./aes_ni.macros:1:18: note: expanded from macro 'enc'
kiasu.c: ...
Number of similar (implementation,compiler) pairs: 1, namely:
| Implementation | Compiler |
| T:opt | clang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
Compiler output
encrypt.c: encrypt.c: In function 'crypto_aead_kiasuneq128v1_opt_timingleaks_decrypt':
encrypt.c: encrypt.c:70:12: warning: unused variable 'outlen' [-Wunused-variable]
encrypt.c: 70 | size_t outlen = 0;
encrypt.c: | ^~~~~~
Number of similar (implementation,compiler) pairs: 4, namely:
| Implementation | Compiler |
| T:opt | gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0) |
| T:opt | gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0) |
| T:opt | gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0) |
| T:opt | gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0) |
Compiler output
kiasu.c: In function 'set_nonce_in_tweak',
kiasu.c: inlined from 'kiasu_aead_decrypt' at kiasu.c:224:5:
kiasu.c: kiasu.c:53:21: warning: 'tweak' is used uninitialized [-Wuninitialized]
kiasu.c: 53 | tweak[0]= (tweak[0]&0xe0) ^ (nonce[0] >> 3);
kiasu.c: | ~~~~~^~~
kiasu.c: kiasu.c: In function 'kiasu_aead_decrypt':
kiasu.c: kiasu.c:207:13: note: 'tweak' declared here
kiasu.c: 207 | uint8_t tweak[8];
kiasu.c: | ^~~~~
Number of similar (implementation,compiler) pairs: 1, namely:
| Implementation | Compiler |
| T:ref | gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0) |