Constant-time hardening for caddq, poly_chknorm, decompose#371
Constant-time hardening for caddq, poly_chknorm, decompose#371hanno-becker merged 7 commits intomainfrom
caddq, poly_chknorm, decompose#371Conversation
There was a problem hiding this comment.
Mac Mini (M1, 2020) benchmarks (opt)
Details
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 keypair |
50488 cycles |
48802 cycles |
1.03 |
ML-DSA-44 sign |
215075 cycles |
182512 cycles |
1.18 |
ML-DSA-44 verify |
72446 cycles |
67786 cycles |
1.07 |
ML-DSA-65 keypair |
87392 cycles |
84879 cycles |
1.03 |
ML-DSA-65 sign |
343568 cycles |
290742 cycles |
1.18 |
ML-DSA-65 verify |
112046 cycles |
105851 cycles |
1.06 |
ML-DSA-87 keypair |
140356 cycles |
136419 cycles |
1.03 |
ML-DSA-87 sign |
412988 cycles |
355398 cycles |
1.16 |
ML-DSA-87 verify |
172917 cycles |
163912 cycles |
1.05 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
⚠️ Performance Alert ⚠️
Possible performance regression was detected for benchmark 'Mac Mini (M1, 2020) benchmarks (opt)'.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 1.03.
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 keypair |
50488 cycles |
48802 cycles |
1.03 |
ML-DSA-44 sign |
215075 cycles |
182512 cycles |
1.18 |
ML-DSA-44 verify |
72446 cycles |
67786 cycles |
1.07 |
ML-DSA-65 sign |
343568 cycles |
290742 cycles |
1.18 |
ML-DSA-65 verify |
112046 cycles |
105851 cycles |
1.06 |
ML-DSA-87 sign |
412988 cycles |
355398 cycles |
1.16 |
ML-DSA-87 verify |
172917 cycles |
163912 cycles |
1.05 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
Mac Mini (M1, 2020) benchmarks (no-opt)
Details
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 keypair |
116010 cycles |
114258 cycles |
1.02 |
ML-DSA-44 sign |
447658 cycles |
414438 cycles |
1.08 |
ML-DSA-44 verify |
136472 cycles |
131651 cycles |
1.04 |
ML-DSA-65 keypair |
197953 cycles |
195527 cycles |
1.01 |
ML-DSA-65 sign |
721048 cycles |
668417 cycles |
1.08 |
ML-DSA-65 verify |
216225 cycles |
210000 cycles |
1.03 |
ML-DSA-87 keypair |
325280 cycles |
321618 cycles |
1.01 |
ML-DSA-87 sign |
902001 cycles |
844770 cycles |
1.07 |
ML-DSA-87 verify |
352663 cycles |
343995 cycles |
1.03 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
⚠️ Performance Alert ⚠️
Possible performance regression was detected for benchmark 'Mac Mini (M1, 2020) benchmarks (no-opt)'.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 1.03.
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 sign |
447658 cycles |
414438 cycles |
1.08 |
ML-DSA-44 verify |
136472 cycles |
131651 cycles |
1.04 |
ML-DSA-65 sign |
721048 cycles |
668417 cycles |
1.08 |
ML-DSA-87 sign |
902001 cycles |
844770 cycles |
1.07 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
Arm Cortex-A55 (Snapdragon 888) benchmarks (opt)
Details
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 keypair |
292987 cycles |
285837 cycles |
1.03 |
ML-DSA-44 sign |
1182571 cycles |
1017744 cycles |
1.16 |
ML-DSA-44 verify |
352257 cycles |
327753 cycles |
1.07 |
ML-DSA-65 keypair |
496703 cycles |
487572 cycles |
1.02 |
ML-DSA-65 sign |
1906890 cycles |
1663334 cycles |
1.15 |
ML-DSA-65 verify |
548650 cycles |
513217 cycles |
1.07 |
ML-DSA-87 keypair |
836385 cycles |
825275 cycles |
1.01 |
ML-DSA-87 sign |
2452000 cycles |
2186302 cycles |
1.12 |
ML-DSA-87 verify |
906276 cycles |
856528 cycles |
1.06 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
⚠️ Performance Alert ⚠️
Possible performance regression was detected for benchmark 'Arm Cortex-A55 (Snapdragon 888) benchmarks (opt)'.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 1.03.
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 sign |
1182571 cycles |
1017744 cycles |
1.16 |
ML-DSA-44 verify |
352257 cycles |
327753 cycles |
1.07 |
ML-DSA-65 sign |
1906890 cycles |
1663334 cycles |
1.15 |
ML-DSA-65 verify |
548650 cycles |
513217 cycles |
1.07 |
ML-DSA-87 sign |
2452000 cycles |
2186302 cycles |
1.12 |
ML-DSA-87 verify |
906276 cycles |
856528 cycles |
1.06 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
Intel Xeon 4th gen (c7i)
Details
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 keypair |
37542 cycles |
36230 cycles |
1.04 |
ML-DSA-44 sign |
166790 cycles |
138487 cycles |
1.20 |
ML-DSA-44 verify |
50124 cycles |
46045 cycles |
1.09 |
ML-DSA-65 keypair |
65625 cycles |
64566 cycles |
1.02 |
ML-DSA-65 sign |
274615 cycles |
230597 cycles |
1.19 |
ML-DSA-65 verify |
78471 cycles |
71433 cycles |
1.10 |
ML-DSA-87 keypair |
101090 cycles |
98741 cycles |
1.02 |
ML-DSA-87 sign |
320494 cycles |
274945 cycles |
1.17 |
ML-DSA-87 verify |
116555 cycles |
107165 cycles |
1.09 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
⚠️ Performance Alert ⚠️
Possible performance regression was detected for benchmark 'Intel Xeon 4th gen (c7i)'.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 1.03.
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 keypair |
37542 cycles |
36230 cycles |
1.04 |
ML-DSA-44 sign |
166790 cycles |
138487 cycles |
1.20 |
ML-DSA-44 verify |
50124 cycles |
46045 cycles |
1.09 |
ML-DSA-65 sign |
274615 cycles |
230597 cycles |
1.19 |
ML-DSA-65 verify |
78471 cycles |
71433 cycles |
1.10 |
ML-DSA-87 sign |
320494 cycles |
274945 cycles |
1.17 |
ML-DSA-87 verify |
116555 cycles |
107165 cycles |
1.09 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
Intel Xeon 4th gen (c7i) (no-opt)
Details
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 keypair |
96155 cycles |
95582 cycles |
1.01 |
ML-DSA-44 sign |
347296 cycles |
322946 cycles |
1.08 |
ML-DSA-44 verify |
104855 cycles |
101532 cycles |
1.03 |
ML-DSA-65 keypair |
164112 cycles |
162604 cycles |
1.01 |
ML-DSA-65 sign |
568798 cycles |
522372 cycles |
1.09 |
ML-DSA-65 verify |
168809 cycles |
162706 cycles |
1.04 |
ML-DSA-87 keypair |
276032 cycles |
273426 cycles |
1.01 |
ML-DSA-87 sign |
724967 cycles |
673052 cycles |
1.08 |
ML-DSA-87 verify |
281498 cycles |
271672 cycles |
1.04 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
⚠️ Performance Alert ⚠️
Possible performance regression was detected for benchmark 'Intel Xeon 4th gen (c7i) (no-opt)'.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 1.03.
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 sign |
347296 cycles |
322946 cycles |
1.08 |
ML-DSA-44 verify |
104855 cycles |
101532 cycles |
1.03 |
ML-DSA-65 sign |
568798 cycles |
522372 cycles |
1.09 |
ML-DSA-65 verify |
168809 cycles |
162706 cycles |
1.04 |
ML-DSA-87 sign |
724967 cycles |
673052 cycles |
1.08 |
ML-DSA-87 verify |
281498 cycles |
271672 cycles |
1.04 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
AMD EPYC 3rd gen (c6a)
Details
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 keypair |
76926 cycles |
72434 cycles |
1.06 |
ML-DSA-44 sign |
278561 cycles |
224246 cycles |
1.24 |
ML-DSA-44 verify |
92289 cycles |
83522 cycles |
1.10 |
ML-DSA-65 keypair |
126427 cycles |
124793 cycles |
1.01 |
ML-DSA-65 sign |
429590 cycles |
362808 cycles |
1.18 |
ML-DSA-65 verify |
142678 cycles |
132717 cycles |
1.08 |
ML-DSA-87 keypair |
210652 cycles |
207762 cycles |
1.01 |
ML-DSA-87 sign |
541159 cycles |
464500 cycles |
1.17 |
ML-DSA-87 verify |
229863 cycles |
216400 cycles |
1.06 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
⚠️ Performance Alert ⚠️
Possible performance regression was detected for benchmark 'AMD EPYC 3rd gen (c6a)'.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 1.03.
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 keypair |
76926 cycles |
72434 cycles |
1.06 |
ML-DSA-44 sign |
278561 cycles |
224246 cycles |
1.24 |
ML-DSA-44 verify |
92289 cycles |
83522 cycles |
1.10 |
ML-DSA-65 sign |
429590 cycles |
362808 cycles |
1.18 |
ML-DSA-65 verify |
142678 cycles |
132717 cycles |
1.08 |
ML-DSA-87 sign |
541159 cycles |
464500 cycles |
1.17 |
ML-DSA-87 verify |
229863 cycles |
216400 cycles |
1.06 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
Intel Xeon 3rd gen (c6i)
Details
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 keypair |
61162 cycles |
59212 cycles |
1.03 |
ML-DSA-44 sign |
259898 cycles |
211541 cycles |
1.23 |
ML-DSA-44 verify |
81508 cycles |
73884 cycles |
1.10 |
ML-DSA-65 keypair |
106825 cycles |
104326 cycles |
1.02 |
ML-DSA-65 sign |
426164 cycles |
347410 cycles |
1.23 |
ML-DSA-65 verify |
126994 cycles |
115218 cycles |
1.10 |
ML-DSA-87 keypair |
165860 cycles |
162599 cycles |
1.02 |
ML-DSA-87 sign |
510581 cycles |
421422 cycles |
1.21 |
ML-DSA-87 verify |
191919 cycles |
177621 cycles |
1.08 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
⚠️ Performance Alert ⚠️
Possible performance regression was detected for benchmark 'Intel Xeon 3rd gen (c6i)'.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 1.03.
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 keypair |
61162 cycles |
59212 cycles |
1.03 |
ML-DSA-44 sign |
259898 cycles |
211541 cycles |
1.23 |
ML-DSA-44 verify |
81508 cycles |
73884 cycles |
1.10 |
ML-DSA-65 sign |
426164 cycles |
347410 cycles |
1.23 |
ML-DSA-65 verify |
126994 cycles |
115218 cycles |
1.10 |
ML-DSA-87 sign |
510581 cycles |
421422 cycles |
1.21 |
ML-DSA-87 verify |
191919 cycles |
177621 cycles |
1.08 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
Graviton4
Details
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 keypair |
72951 cycles |
71188 cycles |
1.02 |
ML-DSA-44 sign |
275790 cycles |
236961 cycles |
1.16 |
ML-DSA-44 verify |
86426 cycles |
81190 cycles |
1.06 |
ML-DSA-65 keypair |
128574 cycles |
125629 cycles |
1.02 |
ML-DSA-65 sign |
448212 cycles |
384709 cycles |
1.17 |
ML-DSA-65 verify |
138566 cycles |
131226 cycles |
1.06 |
ML-DSA-87 keypair |
208342 cycles |
203823 cycles |
1.02 |
ML-DSA-87 sign |
551582 cycles |
486383 cycles |
1.13 |
ML-DSA-87 verify |
221933 cycles |
212160 cycles |
1.05 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
⚠️ Performance Alert ⚠️
Possible performance regression was detected for benchmark 'Graviton4'.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 1.03.
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 sign |
275790 cycles |
236961 cycles |
1.16 |
ML-DSA-44 verify |
86426 cycles |
81190 cycles |
1.06 |
ML-DSA-65 sign |
448212 cycles |
384709 cycles |
1.17 |
ML-DSA-65 verify |
138566 cycles |
131226 cycles |
1.06 |
ML-DSA-87 sign |
551582 cycles |
486383 cycles |
1.13 |
ML-DSA-87 verify |
221933 cycles |
212160 cycles |
1.05 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
Arm Cortex-A55 (Snapdragon 888) benchmarks (no-opt)
Details
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 keypair |
464821 cycles |
458473 cycles |
1.01 |
ML-DSA-44 sign |
2196905 cycles |
2031159 cycles |
1.08 |
ML-DSA-44 verify |
557100 cycles |
532359 cycles |
1.05 |
ML-DSA-65 keypair |
779114 cycles |
769535 cycles |
1.01 |
ML-DSA-65 sign |
3582406 cycles |
3353844 cycles |
1.07 |
ML-DSA-65 verify |
862497 cycles |
827247 cycles |
1.04 |
ML-DSA-87 keypair |
1256966 cycles |
1241079 cycles |
1.01 |
ML-DSA-87 sign |
4412738 cycles |
4186890 cycles |
1.05 |
ML-DSA-87 verify |
1377727 cycles |
1328345 cycles |
1.04 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
⚠️ Performance Alert ⚠️
Possible performance regression was detected for benchmark 'Arm Cortex-A55 (Snapdragon 888) benchmarks (no-opt)'.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 1.03.
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 sign |
2196905 cycles |
2031159 cycles |
1.08 |
ML-DSA-44 verify |
557100 cycles |
532359 cycles |
1.05 |
ML-DSA-65 sign |
3582406 cycles |
3353844 cycles |
1.07 |
ML-DSA-65 verify |
862497 cycles |
827247 cycles |
1.04 |
ML-DSA-87 sign |
4412738 cycles |
4186890 cycles |
1.05 |
ML-DSA-87 verify |
1377727 cycles |
1328345 cycles |
1.04 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
AMD EPYC 3rd gen (c6a) (no-opt)
Details
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 keypair |
136633 cycles |
135071 cycles |
1.01 |
ML-DSA-44 sign |
551099 cycles |
510595 cycles |
1.08 |
ML-DSA-44 verify |
155069 cycles |
149244 cycles |
1.04 |
ML-DSA-65 keypair |
228231 cycles |
226517 cycles |
1.01 |
ML-DSA-65 sign |
886555 cycles |
820635 cycles |
1.08 |
ML-DSA-65 verify |
244279 cycles |
234097 cycles |
1.04 |
ML-DSA-87 keypair |
376203 cycles |
372954 cycles |
1.01 |
ML-DSA-87 sign |
1115054 cycles |
1035711 cycles |
1.08 |
ML-DSA-87 verify |
398395 cycles |
384434 cycles |
1.04 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
⚠️ Performance Alert ⚠️
Possible performance regression was detected for benchmark 'AMD EPYC 3rd gen (c6a) (no-opt)'.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 1.03.
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 sign |
551099 cycles |
510595 cycles |
1.08 |
ML-DSA-44 verify |
155069 cycles |
149244 cycles |
1.04 |
ML-DSA-65 sign |
886555 cycles |
820635 cycles |
1.08 |
ML-DSA-65 verify |
244279 cycles |
234097 cycles |
1.04 |
ML-DSA-87 sign |
1115054 cycles |
1035711 cycles |
1.08 |
ML-DSA-87 verify |
398395 cycles |
384434 cycles |
1.04 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
Intel Xeon 3rd gen (c6i) (no-opt)
Details
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 keypair |
159175 cycles |
157139 cycles |
1.01 |
ML-DSA-44 sign |
569022 cycles |
521064 cycles |
1.09 |
ML-DSA-44 verify |
174916 cycles |
167947 cycles |
1.04 |
ML-DSA-65 keypair |
270585 cycles |
271243 cycles |
1.00 |
ML-DSA-65 sign |
924086 cycles |
852337 cycles |
1.08 |
ML-DSA-65 verify |
281964 cycles |
272681 cycles |
1.03 |
ML-DSA-87 keypair |
452239 cycles |
448838 cycles |
1.01 |
ML-DSA-87 sign |
1179542 cycles |
1089952 cycles |
1.08 |
ML-DSA-87 verify |
468749 cycles |
451807 cycles |
1.04 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
⚠️ Performance Alert ⚠️
Possible performance regression was detected for benchmark 'Intel Xeon 3rd gen (c6i) (no-opt)'.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 1.03.
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 sign |
569022 cycles |
521064 cycles |
1.09 |
ML-DSA-44 verify |
174916 cycles |
167947 cycles |
1.04 |
ML-DSA-65 sign |
924086 cycles |
852337 cycles |
1.08 |
ML-DSA-65 verify |
281964 cycles |
272681 cycles |
1.03 |
ML-DSA-87 sign |
1179542 cycles |
1089952 cycles |
1.08 |
ML-DSA-87 verify |
468749 cycles |
451807 cycles |
1.04 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
AMD EPYC 4th gen (c7a)
Details
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 keypair |
44147 cycles |
43880 cycles |
1.01 |
ML-DSA-44 sign |
192701 cycles |
153569 cycles |
1.25 |
ML-DSA-44 verify |
60176 cycles |
55229 cycles |
1.09 |
ML-DSA-65 keypair |
77972 cycles |
74426 cycles |
1.05 |
ML-DSA-65 sign |
319890 cycles |
246006 cycles |
1.30 |
ML-DSA-65 verify |
97664 cycles |
84283 cycles |
1.16 |
ML-DSA-87 keypair |
114975 cycles |
114067 cycles |
1.01 |
ML-DSA-87 sign |
359514 cycles |
295714 cycles |
1.22 |
ML-DSA-87 verify |
140767 cycles |
128169 cycles |
1.10 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
⚠️ Performance Alert ⚠️
Possible performance regression was detected for benchmark 'AMD EPYC 4th gen (c7a)'.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 1.03.
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 sign |
192701 cycles |
153569 cycles |
1.25 |
ML-DSA-44 verify |
60176 cycles |
55229 cycles |
1.09 |
ML-DSA-65 keypair |
77972 cycles |
74426 cycles |
1.05 |
ML-DSA-65 sign |
319890 cycles |
246006 cycles |
1.30 |
ML-DSA-65 verify |
97664 cycles |
84283 cycles |
1.16 |
ML-DSA-87 sign |
359514 cycles |
295714 cycles |
1.22 |
ML-DSA-87 verify |
140767 cycles |
128169 cycles |
1.10 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
Graviton4 (no-opt)
Details
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 keypair |
134668 cycles |
132708 cycles |
1.01 |
ML-DSA-44 sign |
499979 cycles |
471356 cycles |
1.06 |
ML-DSA-44 verify |
149132 cycles |
143518 cycles |
1.04 |
ML-DSA-65 keypair |
228685 cycles |
226009 cycles |
1.01 |
ML-DSA-65 sign |
805992 cycles |
739063 cycles |
1.09 |
ML-DSA-65 verify |
236898 cycles |
228696 cycles |
1.04 |
ML-DSA-87 keypair |
377151 cycles |
374200 cycles |
1.01 |
ML-DSA-87 sign |
1017722 cycles |
945390 cycles |
1.08 |
ML-DSA-87 verify |
390838 cycles |
378937 cycles |
1.03 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
⚠️ Performance Alert ⚠️
Possible performance regression was detected for benchmark 'Graviton4 (no-opt)'.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 1.03.
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 sign |
499979 cycles |
471356 cycles |
1.06 |
ML-DSA-44 verify |
149132 cycles |
143518 cycles |
1.04 |
ML-DSA-65 sign |
805992 cycles |
739063 cycles |
1.09 |
ML-DSA-65 verify |
236898 cycles |
228696 cycles |
1.04 |
ML-DSA-87 sign |
1017722 cycles |
945390 cycles |
1.08 |
ML-DSA-87 verify |
390838 cycles |
378937 cycles |
1.03 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
Graviton2
Details
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 keypair |
120917 cycles |
117704 cycles |
1.03 |
ML-DSA-44 sign |
480627 cycles |
419317 cycles |
1.15 |
ML-DSA-44 verify |
145847 cycles |
137009 cycles |
1.06 |
ML-DSA-65 keypair |
207782 cycles |
202971 cycles |
1.02 |
ML-DSA-65 sign |
786650 cycles |
691577 cycles |
1.14 |
ML-DSA-65 verify |
231653 cycles |
220514 cycles |
1.05 |
ML-DSA-87 keypair |
336591 cycles |
331100 cycles |
1.02 |
ML-DSA-87 sign |
967345 cycles |
869010 cycles |
1.11 |
ML-DSA-87 verify |
369108 cycles |
354605 cycles |
1.04 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
⚠️ Performance Alert ⚠️
Possible performance regression was detected for benchmark 'Graviton2'.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 1.03.
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 sign |
480627 cycles |
419317 cycles |
1.15 |
ML-DSA-44 verify |
145847 cycles |
137009 cycles |
1.06 |
ML-DSA-65 sign |
786650 cycles |
691577 cycles |
1.14 |
ML-DSA-65 verify |
231653 cycles |
220514 cycles |
1.05 |
ML-DSA-87 sign |
967345 cycles |
869010 cycles |
1.11 |
ML-DSA-87 verify |
369108 cycles |
354605 cycles |
1.04 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
AMD EPYC 4th gen (c7a) (no-opt)
Details
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 keypair |
122467 cycles |
120631 cycles |
1.02 |
ML-DSA-44 sign |
460478 cycles |
424505 cycles |
1.08 |
ML-DSA-44 verify |
136758 cycles |
132270 cycles |
1.03 |
ML-DSA-65 keypair |
206273 cycles |
203949 cycles |
1.01 |
ML-DSA-65 sign |
746191 cycles |
677550 cycles |
1.10 |
ML-DSA-65 verify |
216398 cycles |
207064 cycles |
1.05 |
ML-DSA-87 keypair |
340114 cycles |
337594 cycles |
1.01 |
ML-DSA-87 sign |
944638 cycles |
871359 cycles |
1.08 |
ML-DSA-87 verify |
355602 cycles |
343109 cycles |
1.04 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
⚠️ Performance Alert ⚠️
Possible performance regression was detected for benchmark 'Arm Cortex-A72 (Raspberry Pi 4) benchmarks (opt)'.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 1.03.
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 sign |
799828 cycles |
746549 cycles |
1.07 |
ML-DSA-44 verify |
266832 cycles |
245039 cycles |
1.09 |
ML-DSA-65 sign |
1293746 cycles |
1184030 cycles |
1.09 |
ML-DSA-65 verify |
423456 cycles |
403607 cycles |
1.05 |
ML-DSA-87 sign |
1666424 cycles |
1538472 cycles |
1.08 |
This comment was automatically generated by workflow using github-action-benchmark.
oqs-bot
left a comment
There was a problem hiding this comment.
Graviton3 (no-opt)
Details
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 keypair |
139809 cycles |
137464 cycles |
1.02 |
ML-DSA-44 sign |
506922 cycles |
454171 cycles |
1.12 |
ML-DSA-44 verify |
154242 cycles |
147815 cycles |
1.04 |
ML-DSA-65 keypair |
245075 cycles |
242209 cycles |
1.01 |
ML-DSA-65 sign |
810119 cycles |
740730 cycles |
1.09 |
ML-DSA-65 verify |
248459 cycles |
238979 cycles |
1.04 |
ML-DSA-87 keypair |
397946 cycles |
392666 cycles |
1.01 |
ML-DSA-87 sign |
1030480 cycles |
955507 cycles |
1.08 |
ML-DSA-87 verify |
410884 cycles |
398960 cycles |
1.03 |
This comment was automatically generated by workflow using github-action-benchmark.
oqs-bot
left a comment
There was a problem hiding this comment.
⚠️ Performance Alert ⚠️
Possible performance regression was detected for benchmark 'Graviton3 (no-opt)'.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 1.03.
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 sign |
506922 cycles |
454171 cycles |
1.12 |
ML-DSA-44 verify |
154242 cycles |
147815 cycles |
1.04 |
ML-DSA-65 sign |
810119 cycles |
740730 cycles |
1.09 |
ML-DSA-65 verify |
248459 cycles |
238979 cycles |
1.04 |
ML-DSA-87 sign |
1030480 cycles |
955507 cycles |
1.08 |
This comment was automatically generated by workflow using github-action-benchmark.
oqs-bot
left a comment
There was a problem hiding this comment.
Graviton2 (no-opt)
Details
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 keypair |
215634 cycles |
212496 cycles |
1.01 |
ML-DSA-44 sign |
790020 cycles |
742145 cycles |
1.06 |
ML-DSA-44 verify |
239451 cycles |
230539 cycles |
1.04 |
ML-DSA-65 keypair |
383574 cycles |
380509 cycles |
1.01 |
ML-DSA-65 sign |
1292839 cycles |
1199264 cycles |
1.08 |
ML-DSA-65 verify |
384924 cycles |
373938 cycles |
1.03 |
ML-DSA-87 keypair |
612155 cycles |
606509 cycles |
1.01 |
ML-DSA-87 sign |
1652474 cycles |
1547667 cycles |
1.07 |
ML-DSA-87 verify |
637552 cycles |
621502 cycles |
1.03 |
This comment was automatically generated by workflow using github-action-benchmark.
oqs-bot
left a comment
There was a problem hiding this comment.
⚠️ Performance Alert ⚠️
Possible performance regression was detected for benchmark 'Graviton2 (no-opt)'.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 1.03.
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 sign |
790020 cycles |
742145 cycles |
1.06 |
ML-DSA-44 verify |
239451 cycles |
230539 cycles |
1.04 |
ML-DSA-65 sign |
1292839 cycles |
1199264 cycles |
1.08 |
ML-DSA-87 sign |
1652474 cycles |
1547667 cycles |
1.07 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
SpacemiT K1 8 (Banana Pi F3) benchmarks (no-opt)
Details
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 keypair |
946626 cycles |
944595 cycles |
1.00 |
ML-DSA-44 sign |
4411928 cycles |
4357225 cycles |
1.01 |
ML-DSA-44 verify |
1091753 cycles |
1075353 cycles |
1.02 |
ML-DSA-65 keypair |
1582387 cycles |
1570727 cycles |
1.01 |
ML-DSA-65 sign |
7317735 cycles |
7186436 cycles |
1.02 |
ML-DSA-65 verify |
1728569 cycles |
1701260 cycles |
1.02 |
ML-DSA-87 keypair |
2548834 cycles |
2540962 cycles |
1.00 |
ML-DSA-87 sign |
8977512 cycles |
8815371 cycles |
1.02 |
ML-DSA-87 verify |
2755678 cycles |
2720024 cycles |
1.01 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
Arm Cortex-A72 (Raspberry Pi 4) benchmarks (no-opt)
Details
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 keypair |
320126 cycles |
307872 cycles |
1.04 |
ML-DSA-44 sign |
1233790 cycles |
1140862 cycles |
1.08 |
ML-DSA-44 verify |
349626 cycles |
337492 cycles |
1.04 |
ML-DSA-65 keypair |
590709 cycles |
578597 cycles |
1.02 |
ML-DSA-65 sign |
2024614 cycles |
1867708 cycles |
1.08 |
ML-DSA-65 verify |
565192 cycles |
551173 cycles |
1.03 |
ML-DSA-87 keypair |
899030 cycles |
872509 cycles |
1.03 |
ML-DSA-87 sign |
2542452 cycles |
2349579 cycles |
1.08 |
ML-DSA-87 verify |
926170 cycles |
879687 cycles |
1.05 |
This comment was automatically generated by workflow using github-action-benchmark.
There was a problem hiding this comment.
⚠️ Performance Alert ⚠️
Possible performance regression was detected for benchmark 'Arm Cortex-A72 (Raspberry Pi 4) benchmarks (no-opt)'.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 1.03.
| Benchmark suite | Current: 5110e63 | Previous: 334c7a2 | Ratio |
|---|---|---|---|
ML-DSA-44 keypair |
320126 cycles |
307872 cycles |
1.04 |
ML-DSA-44 sign |
1233790 cycles |
1140862 cycles |
1.08 |
ML-DSA-44 verify |
349626 cycles |
337492 cycles |
1.04 |
ML-DSA-65 sign |
2024614 cycles |
1867708 cycles |
1.08 |
ML-DSA-87 keypair |
899030 cycles |
872509 cycles |
1.03 |
ML-DSA-87 sign |
2542452 cycles |
2349579 cycles |
1.08 |
ML-DSA-87 verify |
926170 cycles |
879687 cycles |
1.05 |
This comment was automatically generated by workflow using github-action-benchmark.
This commit adds a config variation test to CI to test the alternative constant time functions (when no inline asm is available). To do so, first a MLD_CONFIG_FILE configuration option is introduced allowing to define a custom configurtion file. This option is then used in a workflow to include a config that has MLD_CONFIG_NO_ASM set. Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu>
…config.h Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu>
5110e63 to
2da7a4f
Compare
hanno-becker
left a comment
There was a problem hiding this comment.
Some spurious TODOs left, but otherwise LGTM
Based on pq-code-package/mldsa-native#371. Signed-off-by: dkostic <dkostic@amazon.com>
Based on pq-code-package/mldsa-native#371. Signed-off-by: dkostic <dkostic@amazon.com>
) ML-DSA constant-time hardening for caddq, poly_chknorm, decompose Based on pq-code-package/mldsa-native#371.
This PR adds constant-time value barriers to 3 functions:
caddq,poly_chknorm,decompose.The same approach as in mlkem-native is followed: If available, by default value barriers are implemeted using an empty inline asm block which marks the target value as clobbered. If inline assembly is not available (e.g., on Windows), we XOR with the value of a volatile global that's set to 0 (as proposed by Bernstein here).
CBMC proofs are added for the added auxilary functions and the proofs of
caddq,poly_chknorm,decompose. A config variation test is added to CI to test the volatile global optblocker config option.Performance impact is considerable (up to 20% when using link-time optimization).