https://github.com/mupq/pqm4
Revision 992f0f226503d43b6d33278ecb60a9168ed8d787 authored by Michiel Van Beirendonck on 18 February 2021, 05:57:25 UTC, committed by GitHub on 18 February 2021, 05:57:25 UTC
* This is a large commit, grouping two types of changes on top of the NTT-based Saber.
Firstly, this commit merges improvements between different Saber implementations.
1) For round 3, the Saber reference code was thoroughly refactored and the codebase reduced [https://github.com/KULeuven-COSIC/SABER]. These changes are now integrated into the m4 code.
2) All unnecessary modular reductions have been removed. The only modular reductions are now in the packing functions.
3) Packing/unpacking functions are simplified [PQClean, commit f8503cb].
4) The secret-key is stored in compressed format [ia.cr/2020/268, Section 4.1]. This reduces the secret-key size, and the packing/unpacking functions are faster. (This requires a fix in pqm4’s testvectors.c, as the secret-key is checked against the one produced by PQclean).
5) During re-encryption, the verification of the ciphertext is performed in place [ia.cr/2020/268, Section 4.2].
6) Use symlinks for Light/FireSaber to make (minimal) differences with Saber more clear.
Secondly, this commit implements some optimizations and reduces the memory footprint of the NTT-based multiplication.
1) Saber does not require any modular reduction apart from bitstream packing. Elements can be kept in int16_t (central-reduced) format.
1.a) The secret-key is sign-extended from 4-bit to 16-bit when unpacked.
1.b) The vectors b and b' are sign-extended from 10-bit to 16-bit when unpacked.
1.c) 1.a and 1.b allow to remove NTT_pk (with central reduction) and use NTT (without central reduction) uniformly.
1.d) NTT_inv and NTT_inv_inner include a final step that converts from int16_t back to mod_p or mod_q. This is not necessary and removed.
2) During encryption, the NTT of s' is only computed once and reused between A*s' and b*s'.
3) Some just-in-time memory optimizations of [ia.cr/2018/682, Section 2.2] are implemented for the NTT-based multiplication. Polynomial vectors are generated from their seed just-in-time, converted to NTT domain, and pointwise multiplied. The next polynomial vectors can reuse all the buffers.
The idea is to extend this from polynomial vectors to individual polynomials. This still requires a new my_mul function.
For {Fire,Light}Saber (keygen/encaps/decaps) the resulting implementation is approximately (2.3-2.6%/4.7-5.5%/7.4-9.5%) faster and uses (27-36%/47-61%/49-62%) less dynamic memory than the current version in pqm4.
* Add central reduction for matrix A
* Add benchmarks
* WIP : more memory-efficient NTT implementation
* Make secret key compression optional
and comment out non-stack-optimized (very slightly faster) functions
* Reclaim ~1kB more stack space
shake_out was SABER_POLYVECBYTES instead of only SABER_POLYBYTES.
Introduced a few unions to overlap memory.
* rm redundant files
* clean ups; add soft links
* Reclaim ~1kB more stack space
shake_out was SABER_POLYVECBYTES instead of only SABER_POLYBYTES.
Introduced a few unions to overlap memory.
* typo
* Noinline no longer needed without fast funcs
* add benchmarks
Co-authored-by: vincentvbh <b05902122@ntu.edu.tw>
Co-authored-by: Matthias J. Kannwischer <matthias@kannwischer.eu> 1 parent 5fb6938
Tip revision: 992f0f226503d43b6d33278ecb60a9168ed8d787 authored by Michiel Van Beirendonck on 18 February 2021, 05:57:25 UTC
Stack optimizations and refactoring of NTT-based Saber (#181)
Stack optimizations and refactoring of NTT-based Saber (#181)
Tip revision: 992f0f2
benchmarks.csv
Speed Evaluation,,,,,,,,,,
Key Encapsulation Schemes,,,,,,,,,,
Scheme,Implementation,Key Generation [cycles] (mean),Key Generation [cycles] (min),Key Generation [cycles] (max),Encapsulation [cycles] (mean),Encapsulation [cycles] (min),Encapsulation [cycles] (max),Decapsulation [cycles] (mean),Decapsulation [cycles] (min),Decapsulation [cycles] (max)
bikel1 (100 executions),m4f,25059586,25044097,25080997,3398384,3371979,3417178,54793168,54774340,54823993
bikel1 (100 executions),ref,65551874,65532779,65569765,4962214,4941128,4978626,116543558,116510779,116572274
firesaber (100 executions),clean,3723480,3723480,3723480,4622127,4622127,4622127,5233205,5233205,5233205
firesaber (100 executions),m4f,1006981,1006981,1006981,1220602,1220602,1220602,1171348,1171348,1171348
frodokem640aes (100 executions),m4,48348105,48348105,48348105,47130922,47130922,47130922,46594383,46594383,46594383
frodokem640shake (100 executions),m4,79325705,79325705,79325705,79699757,79699757,79699757,79145449,79145449,79145449
frodokem640shake (100 executions),opt,91896318,91896318,91896318,104912447,104912447,104912447,104638561,104638561,104638561
hqc-rmrs-128 (100 executions),clean,2958761,2926873,3154607,5389782,5323042,5587198,7814315,7715362,8070658
kyber1024 (100 executions),clean,1657144,1654880,1681921,2033986,2031721,2058777,2170110,2167845,2194901
kyber1024 (100 executions),m4,1216669,1212098,1252093,1406588,1402081,1441945,1326182,1321675,1361539
kyber1024-90s (100 executions),clean,3001553,3000212,3016252,3277401,3276089,3292099,3510669,3509357,3525367
kyber1024-90s (100 executions),m4,1040158,1032023,1045096,1137576,1129396,1142542,1154265,1146085,1159231
kyber512 (100 executions),clean,639281,638221,651734,853692,852632,866145,945783,944723,958236
kyber512 (100 executions),m4,463343,462340,475943,566744,565741,579344,525141,524138,537741
kyber512-90s (100 executions),clean,945590,944948,945965,1115224,1114582,1115599,1260218,1259576,1260593
kyber512-90s (100 executions),m4,390549,382560,395061,449172,441183,453684,460470,452481,464982
kyber768 (100 executions),clean,1060755,1059689,1073727,1363334,1362268,1376306,1475756,1474690,1488728
kyber768 (100 executions),m4,763979,761596,788310,923856,921477,948186,862176,859797,886506
kyber768-90s (100 executions),clean,1813167,1812309,1828332,2036400,2035542,2051565,2223819,2222961,2238984
kyber768-90s (100 executions),m4,660765,656834,665216,741256,737325,745707,754570,750639,759021
lightsaber (100 executions),clean,1026004,1026004,1026004,1498300,1498300,1498300,1806894,1806894,1806894
lightsaber (100 executions),m4f,359451,359451,359451,490901,490901,490901,464470,464470,464470
ntruhps2048509 (100 executions),clean,68795185,68795185,68795185,1062964,1062964,1062964,2435439,2435439,2435439
ntruhps2048509 (100 executions),m4f,79658656,79658656,79658656,564411,564411,564411,537473,537473,537473
ntruhps2048677 (100 executions),clean,123029086,123029086,123029086,1796535,1796535,1796535,4287726,4287726,4287726
ntruhps2048677 (100 executions),m4f,143734184,143734184,143734184,821524,821524,821524,815516,815516,815516
ntruhps4096821 (100 executions),clean,181325162,181325162,181325162,2347265,2347265,2347265,5668286,5668286,5668286
ntruhps4096821 (100 executions),m4f,208835863,208835863,208835863,1028465,1028465,1028465,1032726,1032726,1032726
ntruhrss701 (100 executions),clean,132506447,132506447,132506447,1510371,1510371,1510371,4347522,4347522,4347522
ntruhrss701 (100 executions),m4f,153104418,153104418,153104418,377377,377377,377377,869701,869701,869701
ntrulpr653 (100 executions),clean,4097458,4097458,4097458,7821693,7821693,7821693,11273153,11273153,11273153
ntrulpr761 (100 executions),clean,5637574,5637574,5637574,10817090,10817090,10817090,15498061,15498061,15498061
ntrulpr761 (100 executions),m4f,824669,824669,824669,1508936,1508936,1508936,1691312,1691312,1691312
ntrulpr857 (100 executions),clean,6794314,6794314,6794314,13061118,13061118,13061118,18992752,18992752,18992752
saber (100 executions),clean,2132294,2132294,2132294,2814441,2814441,2814441,3279418,3279418,3279418
saber (100 executions),m4f,656540,656540,656540,835504,835504,835504,791138,791138,791138
sikep434 (100 executions),m4,48264129,48264129,48264129,78911465,78911465,78911465,84276911,84276911,84276911
sikep434 (100 executions),opt,643140813,643140813,643140813,1053374539,1053374539,1053374539,1123506035,1123506035,1123506035
sikep503 (100 executions),m4,67365363,67365363,67365363,110846067,110846067,110846067,117993160,117993160,117993160
sikep503 (100 executions),opt,972733846,972733846,972733846,1602886599,1602886599,1602886599,1704605781,1704605781,1704605781
sikep610 (100 executions),m4,119480622,119480622,119480622,219632058,219632058,219632058,221029700,221029700,221029700
sikep610 (100 executions),opt,1815959387,1815959387,1815959387,3341196195,3341196195,3341196195,3360955305,3360955305,3360955305
sikep751 (100 executions),m4,204646661,204646661,204646661,331934480,331934480,331934480,356425812,356425812,356425812
sikep751 (100 executions),opt,3288678781,3288678781,3288678781,5333567877,5333567877,5333567877,5728790883,5728790883,5728790883
sntrup653 (100 executions),clean,107454880,105111497,144167887,4058297,4058297,4058297,11719072,11719072,11719073
sntrup761 (100 executions),clean,140229196,140229196,140229196,5393601,5393601,5393601,15823589,15823589,15823589
sntrup761 (100 executions),m4f,11392072,11392072,11392072,794049,794049,794049,743378,743378,743378
sntrup857 (100 executions),clean,177668015,177668015,177668015,6739738,6739738,6739738,19262010,19262010,19262010
Signature Schemes,,,,,,,,,,
Scheme,Implementation,Key Generation [cycles] (mean),Key Generation [cycles] (min),Key Generation [cycles] (max),Sign [cycles] (mean),Sign [cycles] (min),Sign [cycles] (max),Verify [cycles] (mean),Verify [cycles] (min),Verify [cycles] (max)
dilithium2 (100 executions),clean,1948921,1948646,1949314,7209994,3263628,28544712,2129398,2128896,2129741
dilithium2 (100 executions),m4,1574432,1574139,1574935,3969997,2052227,10488178,1598582,1598246,1598971
dilithium3 (100 executions),clean,3464369,3462937,3465485,11868693,5077074,32249347,3534606,3534142,3534933
dilithium3 (100 executions),m4,2884458,2883255,2886283,7146517,3324437,20508397,2735132,2734843,2735417
falcon-1024 (100 executions),clean,622175711,337571831,1880024329,133629247,133291572,133967706,1528951,1528400,1529571
falcon-1024 (100 executions),m4-ct,459534839,273177640,1047054767,85072673,84815948,85305908,980052,969152,985686
falcon-1024 (100 executions),opt-ct,495167251,273177640,1379271017,85054991,84783337,85362818,977782,967975,987002
falcon-1024 (100 executions),opt-leaktime,405281116,244875160,891184049,76013689,75446015,76508847,979746,967632,986832
falcon-512 (100 executions),clean,208399225,130550614,472461727,61097585,60852840,61406301,766917,766489,767319
falcon-512 (100 executions),m4-ct,171386113,102414161,578366405,38980990,38781213,39236694,474764,465756,481271
falcon-512 (100 executions),opt-ct,177602037,102400864,714825912,38965055,38810150,39279838,473672,465686,482281
falcon-512 (100 executions),opt-leaktime,152926229,90346571,337384529,35378639,35029929,35717852,475420,465612,482310
falcon-512-tree (100 executions),m4-ct,171727053,117531546,490748018,17669755,17432665,17857219,473783,465581,481627
falcon-512-tree (100 executions),opt-ct,182000803,117531546,537014335,17671861,17503582,17907492,474096,465021,482523
falcon-512-tree (100 executions),opt-leaktime,168338680,101826596,516678670,19213176,18918057,19567974,474214,465252,481696
sphincs-haraka-128f-robust (1 executions),clean,104787309,104787309,104787309,3878075744,3878075744,3878075744,160747512,160747512,160747512
sphincs-haraka-128f-simple (1 executions),clean,72822905,72822905,72822905,2618613346,2618613346,2618613346,110346142,110346142,110346142
sphincs-haraka-128s-robust (1 executions),clean,3336087734,3336087734,3336087734,62522334287,62522334287,62522334287,69736124,69736124,69736124
sphincs-haraka-128s-simple (1 executions),clean,2312256437,2312256437,2312256437,41759085792,41759085792,41759085792,45891563,45891563,45891563
sphincs-haraka-192f-robust (1 executions),clean,155427078,155427078,155427078,4653572252,4653572252,4653572252,254933605,254933605,254933605
sphincs-haraka-192f-simple (1 executions),clean,107270973,107270973,107270973,3088059988,3088059988,3088059988,168554107,168554107,168554107
sphincs-haraka-192s-robust (1 executions),clean,4957051483,4957051483,4957051483,154251598347,154251598347,154251598347,110861825,110861825,110861825
sphincs-haraka-192s-simple (1 executions),clean,3414581337,3414581337,3414581337,92506480154,92506480154,92506480154,70786261,70786261,70786261
sphincs-haraka-256f-robust (1 executions),clean,415473286,415473286,415473286,11563963571,11563963571,11563963571,277440214,277440214,277440214
sphincs-haraka-256f-simple (1 executions),clean,285155664,285155664,285155664,7636212442,7636212442,7636212442,180737136,180737136,180737136
sphincs-haraka-256s-robust (1 executions),clean,6639120105,6639120105,6639120105,103762136231,103762136231,103762136231,154024957,154024957,154024957
sphincs-haraka-256s-simple (1 executions),clean,4553387845,4553387845,4553387845,67650617389,67650617389,67650617389,98468503,98468503,98468503
sphincs-sha256-128f-robust (1 executions),clean,30486094,30486094,30486094,912695869,912695869,912695869,39774881,39774881,39774881
sphincs-sha256-128f-simple (1 executions),clean,15903697,15903697,15903697,502249164,502249164,502249164,20926343,20926343,20926343
sphincs-sha256-128s-robust (1 executions),clean,975171329,975171329,975171329,13506102373,13506102373,13506102373,16045163,16045163,16045163
sphincs-sha256-128s-simple (1 executions),clean,509099334,509099334,509099334,7581936911,7581936911,7581936911,8649907,8649907,8649907
sphincs-sha256-192f-robust (1 executions),clean,45129438,45129438,45129438,1250923888,1250923888,1250923888,68600406,68600406,68600406
sphincs-sha256-192f-simple (1 executions),clean,23396245,23396245,23396245,660825812,660825812,660825812,34075987,34075987,34075987
sphincs-sha256-192s-robust (1 executions),clean,1444574386,1444574386,1444574386,33011372835,33011372835,33011372835,26737825,26737825,26737825
sphincs-sha256-192s-simple (1 executions),clean,748723035,748723035,748723035,18267765959,18267765959,18267765959,13287049,13287049,13287049
sphincs-sha256-256f-robust (1 executions),clean,164782903,164782903,164782903,3847550681,3847550681,3847550681,95517895,95517895,95517895
sphincs-sha256-256f-simple (1 executions),clean,61681246,61681246,61681246,1492124764,1492124764,1492124764,35023102,35023102,35023102
sphincs-sha256-256s-robust (1 executions),clean,2636998612,2636998612,2636998612,32413409203,32413409203,32413409203,50331427,50331427,50331427
sphincs-sha256-256s-simple (1 executions),clean,985161519,985161519,985161519,12724301171,12724301171,12724301171,17073415,17073415,17073415
sphincs-shake256-128f-robust (1 executions),clean,123500899,123500899,123500899,3712792793,3712792793,3712792793,158221209,158221209,158221209
sphincs-shake256-128f-simple (1 executions),clean,64653461,64653461,64653461,2034928399,2034928399,2034928399,80976754,80976754,80976754
sphincs-shake256-128s-robust (1 executions),clean,3952863150,3952863150,3952863150,54890446193,54890446193,54890446193,70806849,70806849,70806849
sphincs-shake256-128s-simple (1 executions),clean,2069315153,2069315153,2069315153,30698186946,30698186946,30698186946,32311274,32311274,32311274
sphincs-shake256-192f-robust (1 executions),clean,180649244,180649244,180649244,4819914241,4819914241,4819914241,267285175,267285175,267285175
sphincs-shake256-192f-simple (1 executions),clean,94651090,94651090,94651090,2582471427,2582471427,2582471427,133970724,133970724,133970724
sphincs-shake256-192s-robust (1 executions),clean,5781596874,5781596874,5781596874,111470931139,111470931139,111470931139,95270415,95270415,95270415
sphincs-shake256-192s-simple (1 executions),clean,3029224867,3029224867,3029224867,63917126467,63917126467,63917126467,47809446,47809446,47809446
sphincs-shake256-256f-robust (1 executions),clean,476820891,476820891,476820891,10541877335,10541877335,10541877335,261196844,261196844,261196844
sphincs-shake256-256f-simple (1 executions),clean,249876285,249876285,249876285,5717039905,5717039905,5717039905,131984625,131984625,131984625
sphincs-shake256-256s-robust (1 executions),clean,7628190987,7628190987,7628190987,86771181274,86771181274,86771181274,124946339,124946339,124946339
sphincs-shake256-256s-simple (1 executions),clean,3996764935,3996764935,3996764935,47637377023,47637377023,47637377023,65274248,65274248,65274248
Memory Evaluation,,,,,,,,,,
Key Encapsulation Schemes,,,,,,,,,,
Scheme,Implementation,Key Generation [bytes],Encapsulation [bytes],Decapsulation [bytes],,,,,,
bikel1,m4f,44108,32156,91400,,,,,,
bikel1,ref,35960,25908,78784,,,,,,
firesaber,clean,19524,19628,21108,,,,,,
firesaber,m4f,7388,7340,7356,,,,,,
frodokem640aes,m4,31992,62488,83104,,,,,,
frodokem640shake,m4,26600,51976,72592,,,,,,
frodokem640shake,opt,36664,58320,78944,,,,,,
hqc-rmrs-128,clean,48348,63932,70676,,,,,,
kyber1024,clean,15164,18836,20412,,,,,,
kyber1024,m4,3788,3476,3508,,,,,,
kyber1024-90s,clean,15340,19020,20596,,,,,,
kyber1024-90s,m4,4636,4000,4032,,,,,,
kyber512,clean,6292,8956,9732,,,,,,
kyber512,m4,2396,2484,2500,,,,,,
kyber512-90s,clean,6548,9212,9988,,,,,,
kyber512-90s,m4,2904,2992,3008,,,,,,
kyber768,clean,10388,13556,14652,,,,,,
kyber768,m4,3276,2964,2988,,,,,,
kyber768-90s,clean,10652,13820,14916,,,,,,
kyber768-90s,m4,3432,3504,3520,,,,,,
lightsaber,clean,9332,9436,10180,,,,,,
lightsaber,m4f,5332,5292,5308,,,,,,
ntruhps2048509,clean,25532,20680,18996,,,,,,
ntruhps2048509,m4f,21392,14068,14800,,,,,,
ntruhps2048677,clean,34296,27756,25548,,,,,,
ntruhps2048677,m4f,28504,9036,19728,,,,,,
ntruhps4096821,clean,40960,33036,30472,,,,,,
ntruhps4096821,m4f,34504,10924,23952,,,,,,
ntruhrss701,clean,32920,26140,25984,,,,,,
ntruhrss701,m4f,27560,7400,20552,,,,,,
ntrulpr653,clean,11864,12048,13416,,,,,,
ntrulpr761,clean,10784,12376,13864,,,,,,
ntrulpr761,m4f,28444,33460,39684,,,,,,
ntrulpr857,clean,15640,15600,17376,,,,,,
saber,clean,12908,13012,14108,,,,,,
saber,m4f,6364,6316,6332,,,,,,
sikep434,m4,6272,6504,6840,,,,,,
sikep434,opt,6752,7040,7376,,,,,,
sikep503,m4,6992,7344,7720,,,,,,
sikep503,opt,6664,7016,7392,,,,,,
sikep610,m4,10504,10904,11368,,,,,,
sikep610,opt,10072,10488,10936,,,,,,
sikep751,m4,12272,12272,12840,,,,,,
sikep751,opt,11616,11728,12296,,,,,,
sntrup653,clean,10664,8096,9656,,,,,,
sntrup761,clean,12284,9256,11200,,,,,,
sntrup761,m4f,98420,28612,31452,,,,,,
sntrup857,clean,13912,10400,12696,,,,,,
Signature Schemes,,,,,,,,,,
Scheme,Implementation,Key Generation [bytes],Sign [bytes],Verify [bytes],,,,,,
dilithium2,clean,38428,52052,36340,,,,,,
dilithium2,m4,38420,52044,36332,,,,,,
dilithium3,clean,60956,79700,57844,,,,,,
dilithium3,m4,60948,79692,57836,,,,,,
falcon-1024,clean,35256,82484,8796,,,,,,
falcon-1024,m4-ct,1432,2680,492,,,,,,
falcon-1024,opt-ct,1504,2568,496,,,,,,
falcon-1024,opt-leaktime,1408,2672,492,,,,,,
falcon-512,clean,18392,42460,4700,,,,,,
falcon-512,m4-ct,1480,2480,492,,,,,,
falcon-512,opt-ct,1488,2479,492,,,,,,
falcon-512,opt-leaktime,1488,2576,492,,,,,,
falcon-512-tree,m4-ct,1440,2776,492,,,,,,
falcon-512-tree,opt-ct,1496,2776,492,,,,,,
falcon-512-tree,opt-leaktime,1400,2792,492,,,,,,
sphincs-haraka-128f-robust,clean,3612,3704,4068,,,,,,
sphincs-haraka-128f-simple,clean,3604,3696,4060,,,,,,
sphincs-haraka-128s-robust,clean,3824,3872,3408,,,,,,
sphincs-haraka-128s-simple,clean,3816,3784,3372,,,,,,
sphincs-haraka-192f-robust,clean,5128,5080,5396,,,,,,
sphincs-haraka-192f-simple,clean,5012,5072,5388,,,,,,
sphincs-haraka-192s-robust,clean,5312,5296,4840,,,,,,
sphincs-haraka-192s-simple,clean,5304,5288,4752,,,,,,
sphincs-haraka-256f-robust,clean,7040,7008,6660,,,,,,
sphincs-haraka-256f-simple,clean,7004,7000,6652,,,,,,
sphincs-haraka-256s-robust,clean,7320,7232,6596,,,,,,
sphincs-haraka-256s-simple,clean,7304,7224,6588,,,,,,
sphincs-sha256-128f-robust,clean,2264,2328,2720,,,,,,
sphincs-sha256-128f-simple,clean,2104,2168,2560,,,,,,
sphincs-sha256-128s-robust,clean,2488,2528,2032,,,,,,
sphincs-sha256-128s-simple,clean,2288,2368,1872,,,,,,
sphincs-sha256-192f-robust,clean,3680,3824,4056,,,,,,
sphincs-sha256-192f-simple,clean,3512,3544,3888,,,,,,
sphincs-sha256-192s-robust,clean,3984,3960,3392,,,,,,
sphincs-sha256-192s-simple,clean,3776,3792,3224,,,,,,
sphincs-sha256-256f-robust,clean,5680,5760,5328,,,,,,
sphincs-sha256-256f-simple,clean,5504,5584,5152,,,,,,
sphincs-sha256-256s-robust,clean,5992,5904,5264,,,,,,
sphincs-sha256-256s-simple,clean,5816,5728,5088,,,,,,
sphincs-shake256-128f-robust,clean,2180,2236,2628,,,,,,
sphincs-shake256-128f-simple,clean,2180,2344,2628,,,,,,
sphincs-shake256-128s-robust,clean,2364,2432,1940,,,,,,
sphincs-shake256-128s-simple,clean,2400,2432,1940,,,,,,
sphincs-shake256-192f-robust,clean,3596,3728,3964,,,,,,
sphincs-shake256-192f-simple,clean,3596,3620,3964,,,,,,
sphincs-shake256-192s-robust,clean,3896,3864,3300,,,,,,
sphincs-shake256-192s-simple,clean,3896,3864,3300,,,,,,
sphincs-shake256-256f-robust,clean,5632,5664,5236,,,,,,
sphincs-shake256-256f-simple,clean,5596,5664,5280,,,,,,
sphincs-shake256-256s-robust,clean,5904,5808,5172,,,,,,
sphincs-shake256-256s-simple,clean,5904,5808,5172,,,,,,
Hashing Evaluation,,,,,,,,,,
Key Encapsulation Schemes,,,,,,,,,,
Scheme,Implementation,Key Generation [%],Encapsulation [%],Decapsulation [%],,,,,,
bikel1,m4f,0.7,15.1,1.3,,,,,,
bikel1,ref,0.3,10.3,0.6,,,,,,
firesaber,clean,19.2,19.1,14.1,,,,,,
firesaber,m4f,71.0,72.2,63.2,,,,,,
frodokem640aes,m4,74.3,77.8,77.1,,,,,,
frodokem640shake,m4,85.5,86.5,86.2,,,,,,
frodokem640shake,opt,74.2,65.7,65.2,,,,,,
hqc-rmrs-128,clean,53.6,41.4,33.2,,,,,,
kyber1024,clean,54.9,54.3,43.2,,,,,,
kyber1024,m4,74.8,78.4,70.7,,,,,,
kyber1024-90s,clean,73.8,70.5,64.0,,,,,,
kyber1024-90s,m4,66.5,69.0,62.3,,,,,,
kyber512,clean,55.3,52.4,37.7,,,,,,
kyber512,m4,76.2,78.8,67.8,,,,,,
kyber512-90s,clean,68.7,62.7,52.6,,,,,,
kyber512-90s,m4,68.6,70.3,60.8,,,,,,
kyber768,clean,53.4,53.0,40.3,,,,,,
kyber768,m4,74.2,78.2,69.0,,,,,,
kyber768-90s,clean,71.4,67.4,59.4,,,,,,
kyber768-90s,m4,66.0,69.0,61.1,,,,,,
lightsaber,clean,25.3,24.2,15.7,,,,,,
lightsaber,m4f,72.1,73.8,61.2,,,,,,
ntruhps2048509,clean,0.0,2.5,4.2,,,,,,
ntruhps2048509,m4f,0.0,4.7,19.2,,,,,,
ntruhps2048677,clean,0.0,2.2,3.3,,,,,,
ntruhps2048677,m4f,0.0,4.7,17.3,,,,,,
ntruhps4096821,clean,0.0,1.7,2.9,,,,,,
ntruhps4096821,m4f,0.0,3.8,16.1,,,,,,
ntruhrss701,clean,0.0,2.6,3.5,,,,,,
ntruhrss701,m4f,0.0,10.3,17.7,,,,,,
ntrulpr653,clean,5.4,6.0,3.5,,,,,,
ntrulpr761,clean,7.9,8.5,5.4,,,,,,
ntrulpr761,m4f,20.9,35.6,31.8,,,,,,
ntrulpr857,clean,4.2,4.6,2.7,,,,,,
saber,clean,22.0,21.7,15.2,,,,,,
saber,m4f,72.2,73.6,63.1,,,,,,
sikep434,m4,0.0,0.1,0.1,,,,,,
sikep434,opt,0.0,0.0,0.0,,,,,,
sikep503,m4,0.0,0.1,0.1,,,,,,
sikep503,opt,0.0,0.0,0.0,,,,,,
sikep610,m4,0.0,0.1,0.1,,,,,,
sikep610,opt,0.0,0.0,0.0,,,,,,
sikep751,m4,0.0,0.0,0.0,,,,,,
sikep751,opt,0.0,0.0,0.0,,,,,,
sntrup653,clean,0.1,4.2,1.0,,,,,,
sntrup761,clean,0.1,3.7,0.8,,,,,,
sntrup761,m4f,0.0,0.0,0.0,,,,,,
sntrup857,clean,0.1,3.2,0.7,,,,,,
Signature Schemes,,,,,,,,,,
Scheme,Implementation,Key Generation [%],Sign [%],Verify [%],,,,,,
dilithium2,clean,66.7,37.0,60.4,,,,,,
dilithium2,m4,82.4,64.0,80.4,,,,,,
dilithium3,clean,70.9,37.9,64.0,,,,,,
dilithium3,m4,85.0,64.0,82.6,,,,,,
falcon-1024,clean,8.5,0.3,27.0,,,,,,
falcon-1024,m4-ct,11.1,0.5,34.2,,,,,,
falcon-1024,opt-ct,10.7,0.5,34.3,,,,,,
falcon-1024,opt-leaktime,12.6,0.5,34.2,,,,,,
falcon-512,clean,12.8,0.4,29.4,,,,,,
falcon-512,m4-ct,15.9,0.5,36.0,,,,,,
falcon-512,opt-ct,17.1,0.5,35.9,,,,,,
falcon-512,opt-leaktime,18.4,0.6,36.0,,,,,,
falcon-512-tree,m4-ct,15.9,1.2,36.0,,,,,,
falcon-512-tree,opt-ct,17.0,1.2,35.9,,,,,,
falcon-512-tree,opt-leaktime,19.3,1.1,35.9,,,,,,
sphincs-haraka-128f-robust,clean,0.0,0.0,0.0,,,,,,
sphincs-haraka-128f-simple,clean,0.0,0.0,0.0,,,,,,
sphincs-haraka-128s-robust,clean,0.0,0.0,0.0,,,,,,
sphincs-haraka-128s-simple,clean,0.0,0.0,0.0,,,,,,
sphincs-haraka-192f-robust,clean,0.0,0.0,0.0,,,,,,
sphincs-haraka-192f-simple,clean,0.0,0.0,0.0,,,,,,
sphincs-haraka-192s-robust,clean,0.0,0.0,0.0,,,,,,
sphincs-haraka-192s-simple,clean,0.0,0.0,0.0,,,,,,
sphincs-haraka-256f-robust,clean,0.0,0.0,0.0,,,,,,
sphincs-haraka-256f-simple,clean,0.0,0.0,0.0,,,,,,
sphincs-haraka-256s-robust,clean,0.0,0.0,0.0,,,,,,
sphincs-haraka-256s-simple,clean,0.0,0.0,0.0,,,,,,
sphincs-sha256-128f-robust,clean,89.0,88.6,89.1,,,,,,
sphincs-sha256-128f-simple,clean,87.6,87.0,87.5,,,,,,
sphincs-sha256-128s-robust,clean,89.0,88.5,89.1,,,,,,
sphincs-sha256-128s-simple,clean,87.6,86.7,87.4,,,,,,
sphincs-sha256-192f-robust,clean,88.6,88.7,88.9,,,,,,
sphincs-sha256-192f-simple,clean,87.3,87.4,87.6,,,,,,
sphincs-sha256-192s-robust,clean,88.6,89.1,89.1,,,,,,
sphincs-sha256-192s-simple,clean,87.3,87.8,87.9,,,,,,
sphincs-sha256-256f-robust,clean,91.9,91.9,92.3,,,,,,
sphincs-sha256-256f-simple,clean,87.0,87.2,87.4,,,,,,
sphincs-sha256-256s-robust,clean,91.9,92.0,92.4,,,,,,
sphincs-sha256-256s-simple,clean,87.2,87.4,87.8,,,,,,
sphincs-shake256-128f-robust,clean,97.8,97.6,97.8,,,,,,
sphincs-shake256-128f-simple,clean,96.4,96.3,96.4,,,,,,
sphincs-shake256-128s-robust,clean,97.8,97.6,97.8,,,,,,
sphincs-shake256-128s-simple,clean,96.4,96.2,96.3,,,,,,
sphincs-shake256-192f-robust,clean,97.7,97.6,97.7,,,,,,
sphincs-shake256-192f-simple,clean,96.3,96.3,96.3,,,,,,
sphincs-shake256-192s-robust,clean,97.7,97.4,97.7,,,,,,
sphincs-shake256-192s-simple,clean,96.3,96.0,96.2,,,,,,
sphincs-shake256-256f-robust,clean,97.7,97.6,97.7,,,,,,
sphincs-shake256-256f-simple,clean,96.3,96.2,96.2,,,,,,
sphincs-shake256-256s-robust,clean,97.7,97.5,97.7,,,,,,
sphincs-shake256-256s-simple,clean,96.3,96.1,96.2,,,,,,
Size Evaluation,,,,,,,,,,
Key Encapsulation Schemes,,,,,,,,,,
Scheme,Implementation,.text [bytes],.data [bytes],.bss [bytes],Total [bytes],,,,,
bikel1,m4f,181430,24,49,181503,,,,,
bikel1,ref,35199,24,1,35224,,,,,
firesaber,clean,10220,0,0,10220,,,,,
firesaber,m4f,9556,0,0,9556,,,,,
frodokem640aes,m4,8568,0,0,8568,,,,,
frodokem640shake,m4,8644,0,0,8644,,,,,
frodokem640shake,opt,6476,0,0,6476,,,,,
hqc-rmrs-128,clean,18460,0,0,18460,,,,,
kyber1024,clean,6084,0,0,6084,,,,,
kyber1024,m4,11696,0,0,11696,,,,,
kyber1024-90s,clean,6468,0,0,6468,,,,,
kyber1024-90s,m4,11976,0,0,11976,,,,,
kyber512,clean,4900,0,0,4900,,,,,
kyber512,m4,10720,0,0,10720,,,,,
kyber512-90s,clean,5148,0,0,5148,,,,,
kyber512-90s,m4,10932,0,0,10932,,,,,
kyber768,clean,4912,0,0,4912,,,,,
kyber768,m4,10872,0,0,10872,,,,,
kyber768-90s,clean,5172,0,0,5172,,,,,
kyber768-90s,m4,10848,0,0,10848,,,,,
lightsaber,clean,10380,0,0,10380,,,,,
lightsaber,m4f,9660,0,0,9660,,,,,
ntruhps2048509,clean,64644,0,0,64644,,,,,
ntruhps2048509,m4f,91656,0,0,91656,,,,,
ntruhps2048677,clean,17304,0,0,17304,,,,,
ntruhps2048677,m4f,142240,0,12288,154528,,,,,
ntruhps4096821,clean,17064,0,0,17064,,,,,
ntruhps4096821,m4f,167356,0,13824,181180,,,,,
ntruhrss701,clean,16724,0,0,16724,,,,,
ntruhrss701,m4f,145324,0,12288,157612,,,,,
ntrulpr653,clean,7612,0,0,7612,,,,,
ntrulpr761,clean,8096,0,0,8096,,,,,
ntrulpr761,m4f,114281,0,0,114281,,,,,
ntrulpr857,clean,8340,0,0,8340,,,,,
saber,clean,10128,0,0,10128,,,,,
saber,m4f,9412,0,0,9412,,,,,
sikep434,m4,29600,0,0,29600,,,,,
sikep434,opt,28232,0,0,28232,,,,,
sikep503,m4,31576,0,0,31576,,,,,
sikep503,opt,26432,0,0,26432,,,,,
sikep610,m4,29420,0,0,29420,,,,,
sikep610,opt,19420,0,0,19420,,,,,
sikep751,m4,33012,0,0,33012,,,,,
sikep751,opt,21064,0,0,21064,,,,,
sntrup653,clean,12420,0,0,12420,,,,,
sntrup761,clean,13160,0,0,13160,,,,,
sntrup761,m4f,146845,40,6952,153837,,,,,
sntrup857,clean,13536,0,0,13536,,,,,
Signature Schemes,,,,,,,,,,
Scheme,Implementation,.text [bytes],.data [bytes],.bss [bytes],Total [bytes],,,,,
dilithium2,clean,7968,0,0,7968,,,,,
dilithium2,m4,10576,0,0,10576,,,,,
dilithium3,clean,7472,0,0,7472,,,,,
dilithium3,m4,10104,0,0,10104,,,,,
falcon-1024,clean,80193,0,0,80193,,,,,
falcon-1024,m4-ct,81289,0,79872,161161,,,,,
falcon-1024,opt-ct,81289,0,79872,161161,,,,,
falcon-1024,opt-leaktime,74453,0,79872,154325,,,,,
falcon-512,clean,80165,0,0,80165,,,,,
falcon-512,m4-ct,81289,0,39936,121225,,,,,
falcon-512,opt-ct,81289,0,39936,121225,,,,,
falcon-512,opt-leaktime,74453,0,39936,114389,,,,,
falcon-512-tree,m4-ct,81029,0,27648,108677,,,,,
falcon-512-tree,opt-ct,81029,0,27648,108677,,,,,
falcon-512-tree,opt-leaktime,74193,0,27648,101841,,,,,
sphincs-haraka-128f-robust,clean,16784,0,0,16784,,,,,
sphincs-haraka-128f-simple,clean,16632,0,0,16632,,,,,
sphincs-haraka-128s-robust,clean,17096,0,0,17096,,,,,
sphincs-haraka-128s-simple,clean,16944,0,0,16944,,,,,
sphincs-haraka-192f-robust,clean,16652,0,0,16652,,,,,
sphincs-haraka-192f-simple,clean,16468,0,0,16468,,,,,
sphincs-haraka-192s-robust,clean,16856,0,0,16856,,,,,
sphincs-haraka-192s-simple,clean,16672,0,0,16672,,,,,
sphincs-haraka-256f-robust,clean,17136,0,0,17136,,,,,
sphincs-haraka-256f-simple,clean,16896,0,0,16896,,,,,
sphincs-haraka-256s-robust,clean,17336,0,0,17336,,,,,
sphincs-haraka-256s-simple,clean,17092,0,0,17092,,,,,
sphincs-sha256-128f-robust,clean,4948,0,0,4948,,,,,
sphincs-sha256-128f-simple,clean,4700,0,0,4700,,,,,
sphincs-sha256-128s-robust,clean,5260,0,0,5260,,,,,
sphincs-sha256-128s-simple,clean,5012,0,0,5012,,,,,
sphincs-sha256-192f-robust,clean,5040,0,0,5040,,,,,
sphincs-sha256-192f-simple,clean,4672,0,0,4672,,,,,
sphincs-sha256-192s-robust,clean,5252,0,0,5252,,,,,
sphincs-sha256-192s-simple,clean,4884,0,0,4884,,,,,
sphincs-sha256-256f-robust,clean,5620,0,0,5620,,,,,
sphincs-sha256-256f-simple,clean,5152,0,0,5152,,,,,
sphincs-sha256-256s-robust,clean,5816,0,0,5816,,,,,
sphincs-sha256-256s-simple,clean,5344,0,0,5344,,,,,
sphincs-shake256-128f-robust,clean,4216,0,0,4216,,,,,
sphincs-shake256-128f-simple,clean,4076,0,0,4076,,,,,
sphincs-shake256-128s-robust,clean,4532,0,0,4532,,,,,
sphincs-shake256-128s-simple,clean,4392,0,0,4392,,,,,
sphincs-shake256-192f-robust,clean,4128,0,0,4128,,,,,
sphincs-shake256-192f-simple,clean,3956,0,0,3956,,,,,
sphincs-shake256-192s-robust,clean,4336,0,0,4336,,,,,
sphincs-shake256-192s-simple,clean,4164,0,0,4164,,,,,
sphincs-shake256-256f-robust,clean,4628,0,0,4628,,,,,
sphincs-shake256-256f-simple,clean,4416,0,0,4416,,,,,
sphincs-shake256-256s-robust,clean,4820,0,0,4820,,,,,
sphincs-shake256-256s-simple,clean,4612,0,0,4612,,,,,
Computing file changes ...
