{"id":51578789,"url":"https://github.com/systemslibrarian/crypto-lab-ascon","last_synced_at":"2026-07-11T03:32:26.226Z","repository":{"id":367296228,"uuid":"1214709633","full_name":"systemslibrarian/crypto-lab-ascon","owner":"systemslibrarian","description":"Browser-based Ascon demo — NIST Lightweight Cryptography Standard (FIPS SP 800-232, 2025). Ascon-AEAD128 encrypt/decrypt with constant-time tag verification, Ascon-Hash256 with avalanche analysis, side-by-side comparison against AES-GCM and ChaCha20-Poly1305. Designed for IoT and embedded constraints. No backends. No external crypto libraries.","archived":false,"fork":false,"pushed_at":"2026-06-25T10:33:05.000Z","size":134,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-25T12:14:06.896Z","etag":null,"topics":["aead","ascon","authenticated-encryption","crypto-lab","cryptography","embedded","fips-800-232","hash-function","iot","lightweight-cryptography","nist","sponge-construction"],"latest_commit_sha":null,"homepage":"https://systemslibrarian.github.io/crypto-lab-ascon/","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/systemslibrarian.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-04-19T00:05:14.000Z","updated_at":"2026-06-25T10:33:09.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/systemslibrarian/crypto-lab-ascon","commit_stats":null,"previous_names":["systemslibrarian/crypto-lab-ascon"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/systemslibrarian/crypto-lab-ascon","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/systemslibrarian%2Fcrypto-lab-ascon","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/systemslibrarian%2Fcrypto-lab-ascon/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/systemslibrarian%2Fcrypto-lab-ascon/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/systemslibrarian%2Fcrypto-lab-ascon/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/systemslibrarian","download_url":"https://codeload.github.com/systemslibrarian/crypto-lab-ascon/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/systemslibrarian%2Fcrypto-lab-ascon/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":35350133,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-07-11T02:00:05.354Z","response_time":104,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aead","ascon","authenticated-encryption","crypto-lab","cryptography","embedded","fips-800-232","hash-function","iot","lightweight-cryptography","nist","sponge-construction"],"created_at":"2026-07-11T03:32:25.762Z","updated_at":"2026-07-11T03:32:26.221Z","avatar_url":"https://github.com/systemslibrarian.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# crypto-lab-ascon\n\n## What It Is\nBrowser-based demo of Ascon, the NIST Lightweight Cryptography Standard (FIPS SP 800-232, 2025). It implements all three standardized algorithms — Ascon-AEAD128 authenticated encryption, Ascon-Hash256, and Ascon-XOF128 — from the specification using real bitwise arithmetic with no external crypto libraries. All 64-bit operations use BigInt for precision. The sponge construction, S-box, and linear diffusion layer are implemented directly from the spec and verified against official KAT vectors. The interactive sponge exhibit renders the actual 320 bits of live state — every square is a real bit — so you can watch the permutation diffuse the state toward ~50% density rather than trusting a decorative bar.\n\n## Exhibits\n1. **The Sponge Construction** — the live 320-bit state, steppable per round *and per layer* (add-constant → S-box → linear diffusion) with the bits each step touched flashing gold; a four-step AEAD walkthrough driving the exact production functions, with ordering guardrails that teach instead of failing silently; and an **S-box microscope** — highlight any of the 64 bit-columns in the live grid and toggle the 5 inputs of the real bitsliced `sbox()` code (no lookup table exists to consult).\n2. **The Avalanche** — two copies of the permutation whose inputs differ in exactly one bit, painting their XOR each round: one bit becomes ~160 of 320 in 3–4 rounds. Round constants cancel in the XOR, so every lit square traces back to the seed bit.\n3. **AEAD Encryption — Live** — encrypt/decrypt/tamper with your own key, nonce, AD and plaintext, plus **shareable lesson links** that freeze a scenario into a URL for classrooms.\n4. **Break It Yourself — Nonce Reuse** — encrypt two messages under the same nonce and recover one from the other with XOR alone, no key required; includes the duplex-sponge nuance (the leak runs through the first differing block, unlike a pure stream cipher), which is pinned down by a unit test.\n5. **Ascon-Hash256** — hashing plus a single-bit avalanche test over the digest.\n6. **Ascon-XOF128** — a hash with a volume knob: drag the output length and watch the prefix property hold; compare against Hash256 to see algorithm-level domain separation.\n7. **Comparison table** — Ascon vs AES-GCM vs ChaCha20-Poly1305.\n8. **Why Ascon for IoT?** — the constrained-device scenario that motivated the standard.\n9. **Benchmark — honestly** — race this BigInt build against your browser's native `crypto.subtle` AES-GCM and SHA-256, and lose by ~2–3 orders of magnitude, which is exactly the point being taught.\n10. **Check Yourself** — a five-question quiz where every answer is verifiable by doing something in the exhibits above.\n\n## When to Use It\n- Understanding why NIST needed a lightweight standard beyond AES.\n- Teaching sponge-based cryptography vs block/stream ciphers.\n- Comparing side-channel resistance profiles in constrained devices.\n- Evaluating Ascon for IoT and embedded deployments.\n- Not for high-throughput server encryption where AES-GCM hardware acceleration is available.\n- Do NOT use this BigInt-based browser build as production crypto — it is a teaching demo, not a hardened native implementation.\n\n## Live Demo\n\n**[systemslibrarian.github.io/crypto-lab-ascon](https://systemslibrarian.github.io/crypto-lab-ascon/)**\n\nRun Ascon-AEAD128 encryption and Ascon-Hash256 in the browser and watch the interactive sponge exhibit render all 320 bits of live state, where every square is a real bit diffusing toward ~50% density as the permutation runs.\n\n## What Can Go Wrong\n- 128-bit keys provide a smaller long-term margin than AES-256.\n- BigInt in browsers is slower than native 64-bit C/Rust implementations.\n- Ascon has less historical cryptanalysis depth than AES, even as a finalized NIST standard.\n- Nonce reuse breaks the AEAD guarantees, as with any nonce-based authenticated cipher.\n\n## Real-World Usage\n- NIST FIPS SP 800-232 was finalized in 2025 after the Lightweight Cryptography competition.\n- Ascon was selected in February 2023 from 57 original submissions.\n- Early adoption targets include automotive in-vehicle networks, RFID authentication, and industrial IoT sensors.\n- Further targets include smart-card communications and embedded firmware verification pipelines.\n\n## How to Run Locally\n\n```bash\ngit clone https://github.com/systemslibrarian/crypto-lab-ascon\ncd crypto-lab-ascon\nnpm install\nnpm run dev\n```\n\n## Related Demos\n- [crypto-lab-aes-modes](https://systemslibrarian.github.io/crypto-lab-aes-modes/) — AES modes and AEAD for comparison with lightweight crypto.\n- [crypto-lab-aegis-gate](https://systemslibrarian.github.io/crypto-lab-aegis-gate/) — high-performance AES-based AEAD.\n- [crypto-lab-chacha20-stream](https://systemslibrarian.github.io/crypto-lab-chacha20-stream/) — ARX stream cipher used in lightweight contexts.\n- [crypto-lab-babel-hash](https://systemslibrarian.github.io/crypto-lab-babel-hash/) — modern hash functions including sponge-based SHA3.\n- [crypto-lab-hash-zoo](https://systemslibrarian.github.io/crypto-lab-hash-zoo/) — hash constructions including Merkle-Damgård and sponge.\n\n## Build \u0026 Verify\n```bash\nnpm install\nnpm test          # 25 unit tests, incl. the full official NIST AEAD + Hash + XOF KAT vector files\nnpm run build\nnpm run test:a11y # Playwright: functional smoke tests + axe-core WCAG A/AA scan (build first)\nnpm run dev       # local dev server\n```\nCorrectness is the headline: `test/kat-full.test.ts` runs every vector in the official `LWC_AEAD_KAT_128_128.txt` and `LWC_HASH_KAT_128_256.txt` files through encrypt, decrypt, and hash; `test/xof.test.ts` does the same for `LWC_XOF_KAT_128_512.txt` plus the prefix property; and `test/permutation.test.ts` checks `p12` against the ascon-c reference output. `test/roundtrip.fuzz.test.ts` adds randomized round-trip, single-bit-tamper, and full block-boundary (length 0–40) coverage, and `test/nonce-reuse.test.ts` pins down the exact leak structure the nonce-reuse exhibit teaches. The e2e suite exercises every exhibit against the production build and gates on zero axe-core WCAG A/AA violations in both themes. The GitHub Pages deploy is gated on all of it, so neither a broken implementation nor an accessibility regression ever ships.\n\n## Performance\nThis implementation optimizes for legibility, not throughput: all 64-bit operations use `BigInt`, which V8 boxes on the heap. Measured ~1.7 MB/s for AEAD and ~0.5 MB/s for hashing in Node — fine for an interactive demo, but native C/Rust Ascon (using machine 64-bit words) runs orders of magnitude faster, and `crypto.subtle` AES-GCM on AES-NI hardware reaches multiple GB/s. The point of Ascon is small code and state on constrained devices, not raw speed on a desktop CPU.\n\n---\n\n*One of 120+ browser demos in the [Crypto Lab](https://crypto-lab.systemslibrarian.dev/) suite.*\n\n*\"So whether you eat or drink or whatever you do, do it all for the glory of God.\" — 1 Corinthians 10:31*\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsystemslibrarian%2Fcrypto-lab-ascon","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsystemslibrarian%2Fcrypto-lab-ascon","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsystemslibrarian%2Fcrypto-lab-ascon/lists"}