-r--r--r-- 14632 libntruprime-20241008/doc/html/speed.html raw
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<style type="text/css">
html{overflow-y:scroll;background-color:#004591}
body{font-family:"Noto Sans","Droid Sans","DejaVu Sans","Arial",sans-serif;line-height:1.5}
tt,code{background-color:#f0f0f0;font-family:"Noto Sans Mono","Droid Sans Mono","DejaVu Sans Mono","Courier New",monospace,sans-serif;font-size:1em;}
pre{margin-left:3em}
p,ul,ol,blockquote,pre{font-size:1.0em;line-height:1.6}
li p{font-size:1.0em}
blockquote p{font-size:1.0em}
h1{font-size:1.5em}
h2{font-size:1.3em}
h3{font-size:1.0em}
h1 a{text-decoration:none}
table{border-collapse:collapse}
th,td{border:1px solid black}
table a{text-decoration:none}
table tr{font-size:1.0em;line-height:1.6em}
table tr{font-size:1.0em;line-height:1.5}
tbody tr:nth-child(12n+1){background-color:#f0ffff}
tbody tr:nth-child(12n+2){background-color:#f0ffff}
tbody tr:nth-child(12n+3){background-color:#f0ffff}
tbody tr:nth-child(12n+4){background-color:#f0ffff}
tbody tr:nth-child(12n+5){background-color:#f0ffff}
tbody tr:nth-child(12n+6){background-color:#f0ffff}
tbody tr:nth-child(12n+7){background-color:#fffff0}
tbody tr:nth-child(12n+8){background-color:#fffff0}
tbody tr:nth-child(12n+9){background-color:#fffff0}
tbody tr:nth-child(12n+10){background-color:#fffff0}
tbody tr:nth-child(12n+11){background-color:#fffff0}
tbody tr:nth-child(12n+12){background-color:#fffff0}
.headline{padding:0;font-weight:bold;font-size:1.0em;vertical-align:top;padding-bottom:0.5em;color:#ffffff;background-color:#004591}
.navt{display:block;box-sizing:border-box;-moz-box-sizing:border-box;-webkit-box-sizing:border-box;margin:0;padding:0;vertical-align:center;font-size:1.0em}
.here{background-color:#004591}
.here{color:#ffffff}
.away{background-color:#004591}
.away a{text-decoration:none;display:block;color:#ffffff}
.away a:hover,.away a:active{text-decoration:underline}
.main{padding:5px}
.main{background-color:#ffffff}
.pagetitle{font-size:1.4em;font-weight:bold}
@media only screen and (min-width:512px) {
.fixed{margin:0;padding:0;width:160px;height:100%;position:fixed;overflow:auto}
.main{margin-left:170px}
}
</style>
<title>
libntruprime: Speed</title>
</head>
<body>
<div class=fixed>
<div class=headline>
libntruprime</div>
<div class="navt away"><a href=index.html>Intro</a>
</div><div class="navt away"><a href=download.html>Download</a>
</div><div class="navt away"><a href=install.html>Install</a>
</div><div class="navt away"><a href=test.html>Test</a>
</div><div class="navt away"><a href=api.html>API</a>
</div><div class="navt away"><a href=cli.html>CLI</a>
</div><div class="navt away"><a href=security.html>Security</a>
</div><div class="navt away"><a href=verification.html>Verification</a>
</div><div class="navt here">Speed
</div><div class="navt away"><a href=internals.html>Internals</a>
</div><div class="navt away"><a href=people.html>People</a>
</div><div class="navt away"><a href=license.html>License</a>
</div></div>
<div class=main>
<div class=pagetitle>libntruprime: Speed</div>
<p>In the following speed table, smaller keygen/enc/dec numbers are better.
The numbers are interquartile means of single-core cycle counts on various microarchitectures.
Overclocking is disabled.</p>
<table>
<thead>
<tr>
<th style="text-align: left;">μarch</th>
<th style="text-align: left;">KEM</th>
<th style="text-align: right;">keypair</th>
<th style="text-align: right;">enc</th>
<th style="text-align: right;">dec</th>
</tr>
</thead>
<tbody>
<tr>
<td style="text-align: left;">Golden Cove (2021)</td>
<td style="text-align: left;">sntrup653</td>
<td style="text-align: right;">569998</td>
<td style="text-align: right;">31437</td>
<td style="text-align: right;">44933</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup761</td>
<td style="text-align: right;">743752</td>
<td style="text-align: right;">35130</td>
<td style="text-align: right;">47191</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup857</td>
<td style="text-align: right;">938327</td>
<td style="text-align: right;">42316</td>
<td style="text-align: right;">61681</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup953</td>
<td style="text-align: right;">1134045</td>
<td style="text-align: right;">45276</td>
<td style="text-align: right;">63881</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup1013</td>
<td style="text-align: right;">1260294</td>
<td style="text-align: right;">45882</td>
<td style="text-align: right;">65517</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup1277</td>
<td style="text-align: right;">1945365</td>
<td style="text-align: right;">58064</td>
<td style="text-align: right;">81528</td>
</tr>
<tr>
<td style="text-align: left;">Zen 3 (2020)</td>
<td style="text-align: left;">sntrup653</td>
<td style="text-align: right;">630180</td>
<td style="text-align: right;">32541</td>
<td style="text-align: right;">45606</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup761</td>
<td style="text-align: right;">841462</td>
<td style="text-align: right;">35311</td>
<td style="text-align: right;">47977</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup857</td>
<td style="text-align: right;">1038697</td>
<td style="text-align: right;">42592</td>
<td style="text-align: right;">60883</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup953</td>
<td style="text-align: right;">1253426</td>
<td style="text-align: right;">47028</td>
<td style="text-align: right;">64965</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup1013</td>
<td style="text-align: right;">1435108</td>
<td style="text-align: right;">46973</td>
<td style="text-align: right;">66213</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup1277</td>
<td style="text-align: right;">2171656</td>
<td style="text-align: right;">60228</td>
<td style="text-align: right;">80954</td>
</tr>
<tr>
<td style="text-align: left;">Zen 2 (2019)</td>
<td style="text-align: left;">sntrup653</td>
<td style="text-align: right;">938965</td>
<td style="text-align: right;">38397</td>
<td style="text-align: right;">60512</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup761</td>
<td style="text-align: right;">1254327</td>
<td style="text-align: right;">41018</td>
<td style="text-align: right;">63308</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup857</td>
<td style="text-align: right;">1602767</td>
<td style="text-align: right;">50833</td>
<td style="text-align: right;">82192</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup953</td>
<td style="text-align: right;">1956955</td>
<td style="text-align: right;">54960</td>
<td style="text-align: right;">86430</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup1013</td>
<td style="text-align: right;">2203462</td>
<td style="text-align: right;">55829</td>
<td style="text-align: right;">88492</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup1277</td>
<td style="text-align: right;">3464035</td>
<td style="text-align: right;">70184</td>
<td style="text-align: right;">108778</td>
</tr>
<tr>
<td style="text-align: left;">Cortex-A72 (2016)</td>
<td style="text-align: left;">sntrup653</td>
<td style="text-align: right;">9582905</td>
<td style="text-align: right;">685284</td>
<td style="text-align: right;">1149001</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup761</td>
<td style="text-align: right;">12759145</td>
<td style="text-align: right;">882618</td>
<td style="text-align: right;">1530800</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup857</td>
<td style="text-align: right;">16122629</td>
<td style="text-align: right;">1077066</td>
<td style="text-align: right;">1924171</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup953</td>
<td style="text-align: right;">19832706</td>
<td style="text-align: right;">1290673</td>
<td style="text-align: right;">2364008</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup1013</td>
<td style="text-align: right;">22573875</td>
<td style="text-align: right;">1431952</td>
<td style="text-align: right;">2668071</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup1277</td>
<td style="text-align: right;">35773394</td>
<td style="text-align: right;">2153211</td>
<td style="text-align: right;">4220444</td>
</tr>
<tr>
<td style="text-align: left;">Skylake (2015)</td>
<td style="text-align: left;">sntrup653</td>
<td style="text-align: right;">692941</td>
<td style="text-align: right;">39847</td>
<td style="text-align: right;">59024</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup761</td>
<td style="text-align: right;">831462</td>
<td style="text-align: right;">41784</td>
<td style="text-align: right;">61793</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup857</td>
<td style="text-align: right;">1128575</td>
<td style="text-align: right;">51224</td>
<td style="text-align: right;">78029</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup953</td>
<td style="text-align: right;">1305503</td>
<td style="text-align: right;">54602</td>
<td style="text-align: right;">82755</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup1013</td>
<td style="text-align: right;">1425447</td>
<td style="text-align: right;">57443</td>
<td style="text-align: right;">88127</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup1277</td>
<td style="text-align: right;">2202685</td>
<td style="text-align: right;">73622</td>
<td style="text-align: right;">108376</td>
</tr>
<tr>
<td style="text-align: left;">Haswell (2013)</td>
<td style="text-align: left;">sntrup653</td>
<td style="text-align: right;">767219</td>
<td style="text-align: right;">44278</td>
<td style="text-align: right;">65223</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup761</td>
<td style="text-align: right;">939803</td>
<td style="text-align: right;">47008</td>
<td style="text-align: right;">69013</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup857</td>
<td style="text-align: right;">1271818</td>
<td style="text-align: right;">58349</td>
<td style="text-align: right;">89379</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup953</td>
<td style="text-align: right;">1488084</td>
<td style="text-align: right;">64012</td>
<td style="text-align: right;">94010</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup1013</td>
<td style="text-align: right;">1680440</td>
<td style="text-align: right;">65535</td>
<td style="text-align: right;">96216</td>
</tr>
<tr>
<td style="text-align: left;"></td>
<td style="text-align: left;">sntrup1277</td>
<td style="text-align: right;">2720370</td>
<td style="text-align: right;">81871</td>
<td style="text-align: right;">122664</td>
</tr>
</tbody>
</table>
<p>Microarchitectures are listed in reverse chronological order of when they were introduced.</p>
<p>In the libntruprime distribution,
<code>command/ntruprime-speed.c</code> measures libntruprime;
<code>benchmarks/*-*</code> is the output of <code>ntruprime-speed</code> on various machines;
and <code>autogen/md-speed</code> extracts the table from those measurements.</p>
<p>The table reports only interquartile means of cycle counts, not the full distribution of cycle counts.
See the full output files
for differences between multiple measurements and the interquartile mean.</p>
<h3><a name="faster">Faster <code>sntrup</code> software</h3>
<p>There has been extensive further work on <code>sntrup</code> software speeds
beyond the current libntruprime speeds.
libntruprime has a policy of <a href="security.html">limiting code size</a>,
but if there are applications that need these speedups
then they can still be considered for inclusion in libntruprime:</p>
<ul>
<li>
<p><code>mult3sntrup761/avx2unsigned</code> in SUPERCOP
from Ming-Shing Chen:
faster multiplications on Intel/AMD.</p>
</li>
<li>
<p><code>invsntrup761/jumpdivsteps</code> in SUPERCOP
from Daniel J. Bernstein, Ming-Shing Chen, Gregor Seiler, and Bo-Yin Yang:
faster inversions on Intel/AMD.</p>
</li>
<li>
<p><a href="https://eprint.iacr.org/2021/826">"OpenSSLNTRU: Faster post-quantum TLS key exchange"</a>
from Daniel J. Bernstein, Billy Bob Brumley, Ming-Shing Chen, and Nicola Tuveri:
faster inversions for batch operations.</p>
</li>
<li>
<p><a href="https://eprint.iacr.org/2022/930">"Multi-Parameter Support with NTTs for NTRU and NTRU Prime on Cortex-M4"</a>
from Erdem Alkim, Vincent Hwang, and Bo-Yin Yang:
faster multiplications on 32-bit ARM.</p>
</li>
<li>
<p><a href="https://eprint.iacr.org/2023/541">"Algorithmic Views of Vectorized Polynomial Multipliers for NTRU and NTRU Prime"</a>
from Han-Ting Chen, Yi-Hua Chung, Vincent Hwang, Chi-Ting Liu, and Bo-Yin Yang:
faster multiplications on 64-bit ARM.</p>
</li>
<li>
<p><a href="https://eprint.iacr.org/2023/604">"Pushing the Limit of Vectorized Polynomial Multiplication for NTRU Prime"</a>
from Vincent Hwang:
faster multiplications on 64-bit ARM and Intel/AMD.</p>
</li>
<li>
<p><a href="https://eprint.iacr.org/2023/1580">"Algorithmic Views of Vectorized Polynomial Multipliers – NTRU Prime"</a>
from Vincent Hwang, Chi-Ting Liu, and Bo-Yin Yang:
faster multiplications on 64-bit ARM.</p>
</li>
<li>
<p><a href="https://eprint.iacr.org/2023/1962">"A Survey of Polynomial Multiplications for Lattice-Based Cryptosystems"</a>
from Vincent Hwang:
faster multiplications on Intel/AMD.</p>
</li>
<li>
<p><a href="https://eprint.iacr.org/2024/644">"Jumping for Bernstein-Yang Inversion"</a>
from Li-Jie Jian, Ting-Yuan Wang, Bo-Yin Yang, and Ming-Shing Chen:
faster inversions on 64-bit ARM.</p>
</li>
</ul><hr><font size=1><b>Version:</b>
This is version 2024.10.08 of the "Speed" web page.
</font>
</div>
</body>
</html>