Consider changing padding rule for RPX

[bobbinth]

Currently, padding rule for RPX is the same as for RPO, which works as follows:

• If the number of input elements to is divisible by 8, the first capacity register is initialized to 0.
• If the number of input elements is not divisible by 8, the first capacity register is initialized to 1, and the input is padded with 1 and some number of 0's needed to make the total input length divisible by 8.

An alternative approach could work as follows:

• Always initialize the first capacity register by $n \mod 8$ where $n$ is the number of input elements.

The downside of this approach is that we degrade the security a little (by 3 bits?).

The benefit is that hashing long strings of elements becomes easier in the VM. For example, by doing u32divmod.8 swap add.1 we can compute both the value to initialize the capacity register to and the number of absorption steps we need to perform for a string of a given length.

One potential issue to consider is that an empty string and a string of 8 zeros will hash to the same value - but this is the case for RPO as well.

[bobbinth]

Closed by #236.