Implementation notes: amd64, titan0, crypto_aead/deoxyseq128128v1

Computer: titan0
Microarchitecture: amd64; Haswell+AES (306c3)
Architecture: amd64
CPU ID: GenuineIntel-000306c3-bfebfbff
SUPERCOP version: 20240716
Operation: crypto_aead
Primitive: deoxyseq128128v1

Time	Object size	Test size	Implementation	Compiler	Benchmark date	SUPERCOP version
13921	58607 0 0	81280 860 1056	`T:opt`	`clang_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240717	20240716
13934	58655 0 0	81608 860 1056	`T:opt`	`clang_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240717	20240716
14178	49997 0 0	69312 860 1024	`T:opt`	`clang_-march=native_-O_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240717	20240716
14189	49994 0 0	69978 852 1088	`T:opt`	`clang_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240717	20240716
15019	49384 0 0	73068 812 1088	`T:opt`	`gcc_-march=native_-mtune=native_-O3_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240717	20240716
15098	46775 0 0	68428 812 1088	`T:opt`	`gcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240717	20240716
15316	43411 0 0	62887 788 1056	`T:opt`	`gcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240717	20240716
15887	47417 0 0	68523 804 1088	`T:opt`	`gcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240717	20240716
801992	34574 0 0	52488 860 1056	`T:ref`	`clang_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240717	20240716
899908	30123 0 0	46512 860 1024	`T:ref`	`clang_-mcpu=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240717	20240716
1049760	30901 0 0	48196 812 1088	`T:ref`	`gcc_-march=native_-mtune=native_-O3_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240717	20240716
1173506	35518 0 0	53152 860 1056	`T:ref`	`clang_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240717	20240716
1643819	26362 0 0	40344 860 1024	`T:ref`	`clang_-march=native_-O_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240717	20240716
1885119	27244 0 0	42500 812 1088	`T:ref`	`gcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240717	20240716
2241076	25428 0 0	40018 852 1088	`T:ref`	`clang_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240717	20240716
3050894	25072 0 0	38727 788 1056	`T:ref`	`gcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240717	20240716
3445996	26615 0 0	41523 804 1088	`T:ref`	`gcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240717	20240716

Compiler output

deoxys.c: deoxys.c:79:45: warning: implicit conversion from 'int' to 'char' changes value from 128 to -128 [-Wconstant-conversion]
deoxys.c:   const __m128i MSB_XLS1                = constant8( (0x8<<4),0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00 );
deoxys.c:                                           ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
deoxys.c: ./tweakable-cipher.macros:12:171: note: expanded from macro 'constant8'
deoxys.c: #define constant8(b15,b14,b13,b12,b11,b10,b9,b8,b7,b6,b5,b4,b3,b2,b1,b0)   _mm_set_epi8 ((b0),(b1),(b2),(b3),(b4),(b5),(b6),(b7),(b8),(b9),(b10),(b11),(b12),(b13),(b14),(b15))
deoxys.c:                                                                            ~~~~~~~~~~~~                                                                                   ^~~
deoxys.c: deoxys.c:80:45: warning: implicit conversion from 'int' to 'char' changes value from 144 to -112 [-Wconstant-conversion]
deoxys.c:   const __m128i MSB_XLS2                = constant8( (0x9<<4),0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00 );
deoxys.c:                                           ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
deoxys.c: ./tweakable-cipher.macros:12:171: note: expanded from macro 'constant8'
deoxys.c: #define constant8(b15,b14,b13,b12,b11,b10,b9,b8,b7,b6,b5,b4,b3,b2,b1,b0)   _mm_set_epi8 ((b0),(b1),(b2),(b3),(b4),(b5),(b6),(b7),(b8),(b9),(b10),(b11),(b12),(b13),(b14),(b15))
deoxys.c:                                                                            ~~~~~~~~~~~~                                                                                   ^~~
deoxys.c: 2 warnings generated.
encrypt.c: encrypt.c:70:25: warning: unused variable 'outlen' [-Wunused-variable]
encrypt.c:     unsigned long long  outlen = 0;
encrypt.c:                         ^
encrypt.c: 1 warning generated.

Number of similar (implementation,compiler) pairs: 4, namely:

Implementation	Compiler
`T:opt`	`clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)`
`T:opt`	`clang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)`
`T:opt`	`clang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)`
`T:opt`	`clang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)`

Compiler output

deoxys.c: deoxys.c:79:45: warning: implicit conversion from 'int' to 'char' changes value from 128 to -128 [-Wconstant-conversion]
deoxys.c:   const __m128i MSB_XLS1                = constant8( (0x8<<4),0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00 );
deoxys.c:                                           ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
deoxys.c: ./tweakable-cipher.macros:12:171: note: expanded from macro 'constant8'
deoxys.c: #define constant8(b15,b14,b13,b12,b11,b10,b9,b8,b7,b6,b5,b4,b3,b2,b1,b0)   _mm_set_epi8 ((b0),(b1),(b2),(b3),(b4),(b5),(b6),(b7),(b8),(b9),(b10),(b11),(b12),(b13),(b14),(b15))
deoxys.c:                                                                            ~~~~~~~~~~~~                                                                                   ^~~
deoxys.c: deoxys.c:80:45: warning: implicit conversion from 'int' to 'char' changes value from 144 to -112 [-Wconstant-conversion]
deoxys.c:   const __m128i MSB_XLS2                = constant8( (0x9<<4),0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00 );
deoxys.c:                                           ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
deoxys.c: ./tweakable-cipher.macros:12:171: note: expanded from macro 'constant8'
deoxys.c: #define constant8(b15,b14,b13,b12,b11,b10,b9,b8,b7,b6,b5,b4,b3,b2,b1,b0)   _mm_set_epi8 ((b0),(b1),(b2),(b3),(b4),(b5),(b6),(b7),(b8),(b9),(b10),(b11),(b12),(b13),(b14),(b15))
deoxys.c:                                                                            ~~~~~~~~~~~~                                                                                   ^~~
deoxys.c: deoxys.c:94:12: error: always_inline function '_mm_aesimc_si128' requires target feature 'aes', but would be inlined into function 'XLS' that is compiled without support for 'aes'
deoxys.c:   dTweak = mc_inv(Tweak);
deoxys.c:            ^
deoxys.c: ./tweakable-cipher.macros:4:23: note: expanded from macro 'mc_inv'
deoxys.c: #define mc_inv(a)     _mm_aesimc_si128(a)
deoxys.c:                       ^
deoxys.c: deoxys.c:96:21: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'XLS' that is compiled without support for 'ssse3'
deoxys.c:   if( Direction){   AES( State , subkeys , Tweak , tTweak ); }
deoxys.c:                     ^
deoxys.c: ./tweakable-cipher.macros:69:41: note: expanded from macro 'AES'
deoxys.c: s = xor( s , xor( subkeys[ 0] , t ) );t=permute( t , H_PERMUTATION);\
deoxys.c:                                         ^
deoxys.c: ./tweakable-cipher.macros:7:22: note: expanded from macro 'permute'
deoxys.c: ...

Number of similar (implementation,compiler) pairs: 1, namely:

Implementation	Compiler
`T:opt`	`clang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)`

Compiler output

encrypt.c: encrypt.c: In function 'crypto_aead_deoxyseq128128v1_opt_timingleaks_decrypt':
encrypt.c: encrypt.c:70:25: warning: unused variable 'outlen' [-Wunused-variable]
encrypt.c:    70 |     unsigned long long  outlen = 0;
encrypt.c:       |                         ^~~~~~

Number of similar (implementation,compiler) pairs: 4, namely:

Implementation	Compiler
`T:opt`	`gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`
`T:opt`	`gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`
`T:opt`	`gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`
`T:opt`	`gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`

Compiler output

tweakableBC.c: tweakableBC.c:886:9: warning: variable 'Nr' set but not used [-Wunused-but-set-variable]
tweakableBC.c:     int Nr;
tweakableBC.c:         ^
tweakableBC.c: tweakableBC.c:1005:9: warning: variable 'Nr' set but not used [-Wunused-but-set-variable]
tweakableBC.c:     int Nr;
tweakableBC.c:         ^
tweakableBC.c: 2 warnings generated.

Number of similar (implementation,compiler) pairs: 5, namely:

Implementation	Compiler
`T:ref`	`clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)`
`T:ref`	`clang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)`
`T:ref`	`clang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)`
`T:ref`	`clang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)`
`T:ref`	`clang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)`

Compiler output

tweakableBC.c: tweakableBC.c: In function 'aesTweakEncrypt':
tweakableBC.c: tweakableBC.c:886:9: warning: variable 'Nr' set but not used [-Wunused-but-set-variable]
tweakableBC.c:   886 |     int Nr;
tweakableBC.c:       |         ^~
tweakableBC.c: tweakableBC.c: In function 'aesTweakDecrypt':
tweakableBC.c: tweakableBC.c:1005:9: warning: variable 'Nr' set but not used [-Wunused-but-set-variable]
tweakableBC.c:  1005 |     int Nr;
tweakableBC.c:       |         ^~

Number of similar (implementation,compiler) pairs: 4, namely:

Implementation	Compiler
`T:ref`	`gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`
`T:ref`	`gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`
`T:ref`	`gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`
`T:ref`	`gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`

Namespace violations

deoxys.o XLS T
deoxys.o deoxys_aead_decrypt T
deoxys.o deoxys_aead_encrypt T
deoxys.o mix T

Number of similar (implementation,compiler) pairs: 8, namely:

Implementation	Compiler
`T:opt`	`clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)`
`T:opt`	`clang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)`
`T:opt`	`clang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)`
`T:opt`	`clang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)`
`T:opt`	`gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`
`T:opt`	`gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`
`T:opt`	`gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`
`T:opt`	`gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`

Namespace violations

deoxys.o XLS T
deoxys.o deoxys_aead_decrypt T
deoxys.o deoxys_aead_encrypt T
deoxys.o getUnpaddedLength T
deoxys.o mix T
tweakableBC.o G T
tweakableBC.o H T
tweakableBC.o aesTweakDecrypt T
tweakableBC.o aesTweakEncrypt T
tweakableBC.o deoxysKeySetupDec256 T
tweakableBC.o deoxysKeySetupEnc256 T
tweakableBC.o multi T

Number of similar (implementation,compiler) pairs: 9, namely:

Implementation	Compiler
`T:ref`	`clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)`
`T:ref`	`clang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)`
`T:ref`	`clang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)`
`T:ref`	`clang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)`
`T:ref`	`clang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)`
`T:ref`	`gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`
`T:ref`	`gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`
`T:ref`	`gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`
`T:ref`	`gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`