From 9d2202877174c141dce60c8cd0cd34a3f5201298 Mon Sep 17 00:00:00 2001
From: Eric Mertens <emertens@gmail.com>
Date: Tue, 30 Sep 2025 21:01:56 -0700
Subject: [PATCH] Simplify the constant table

---
 Ascon.cry | 28 ++++++----------------------
 1 file changed, 6 insertions(+), 22 deletions(-)

diff --git a/Ascon.cry b/Ascon.cry
index b624d40..6a0ac64 100644
--- a/Ascon.cry
+++ b/Ascon.cry
@@ -64,7 +64,7 @@ private
   * Single round of the Ascon-p permutation parameterized by the round
   * constant.
   */
-  round : State -> [64] -> State
+  round : State -> [8] -> State
   round S ci = pL (pS (pC S ci))
 
   // 3.1. Internal State
@@ -96,32 +96,16 @@ private
   * The constant-addition layer 𝑃𝑐 adds a 64-bit round constant cᵢ to 𝑆₂
   * in round 𝑖, for i ≥ 0, 𝑆₂ = 𝑆₂ ⊕ cᵢ.
   */
-  pC : State -> [64] -> State
-  pC [S0, S1, S2, S3, S4] ci = [S0, S1, S2 ^ ci, S3, S4]
+  pC : State -> [8] -> State
+  pC [S0, S1, S2, S3, S4] ci = [S0, S1, S2 ^ zext ci, S3, S4]
 
   /**
   * Table 5. The constants constᵢ to derive round constants of the Ascon
   * permutations
   */
-  Const : [16][64]
-  Const =
-      [ 0x000000000000003c
-      , 0x000000000000002d
-      , 0x000000000000001e
-      , 0x000000000000000f
-      , 0x00000000000000f0
-      , 0x00000000000000e1
-      , 0x00000000000000d2
-      , 0x00000000000000c3
-      , 0x00000000000000b4
-      , 0x00000000000000a5
-      , 0x0000000000000096
-      , 0x0000000000000087
-      , 0x0000000000000078
-      , 0x0000000000000069
-      , 0x000000000000005a
-      , 0x000000000000004b
-      ]
+  Const : [16][8]
+  Const = [0x3c, 0x2d, 0x1e, 0x0f, 0xf0, 0xe1, 0xd2, 0xc3,
+           0xb4, 0xa5, 0x96, 0x87, 0x78, 0x69, 0x5a, 0x4b]
 
   // 3.3. Substitution Layer pS