New f1600x4

[bwesterb]

Instead of using intrinsics and full unrolling, this uses a
four-round unrolled version adapted from the one I wrote for
Cloudflare's CIRCL library:

github.com/cloudflare/circl/simd/keccakf1600

This is about 10-20% faster on my notebook. We'd better check whether that's also true for other systems as well before merging.

[thomwiggers]

This also means it no longer works on Windows.

[thomwiggers]

This doesn't compile with MSVC

[bwesterb]

I don't have a windows machine available to me. What is the error?

[thomwiggers]

MSVC has completely different syntax; there is not a chance to write assembly code that works for both Windows and gnu-style assemblers without going to a portable assembler like NASM.

[bwesterb]

peachpy (which I used to generate the assembler, see f1600x4.py) does support nasm as output.

[thomwiggers]

Could you not generate microsoft assembly as .asm files? Then those could be used on Windows (with a nmake Makefile (see PQClean) or you could consider contributing an appropriate CMakeList.txt).

[bwesterb]

Unfortunately peachpy doesn't support microsoft asm. It can directly generate the windows object file. It can also generate nasm. What would we prefer? @joostrijneveld

[thomwiggers]

with the file having .S (capital letter) now this probably also needs to be updated?

[bwesterb]

We wouldn't want to ignore the file itself, right? The .s is generated form the .S when compiling.

[thomwiggers]

ah you're not running peachpy in Make of course.

[bwesterb]

Indeed. Try to keep dependencies to compile to a minimum.

[bwesterb]

@thomwiggers Any suggestions how to advance this? (Given you are facing the same troubles with Kyber & Dilithium.)

[thomwiggers]

The Kyber/Dilithium AVX2 implementations are simply marked as not supported on Windows. It would still be a shame to drop Windows support from this otherwise mostly (bar VLAs) portable plain-C implementation.