FractalShield: Oracle-Free Verification with Geometric Cost Escalation for Offline Brute-Force Resistance

franco leon, miguel angel

doi:10.5281/zenodo.19974049

Published February 5, 2026 | Version 2.0

Preprint Open

FractalShield: Oracle-Free Verification with Geometric Cost Escalation for Offline Brute-Force Resistance

franco leon, miguel angel (Researcher)¹

1. Independent Researcher — Fracta-Axis Project

We present FractalShield, a novel layered file-encryption construction that simultaneously achieves:

(i) Oracle-Free Verification (OFV): The attacker cannot determine password correctness without spending the full key-derivation cost per layer.
(ii) Geometric Cost Escalation: Protection levels escalate at 3.5×, 7.5×, and 15.5× the baseline.
(iii) Statistical Indistinguishability: Real versus decoy ciphertext layers are indistinguishable to an adversary.
(iv) Serverless Operation: Fully functional for offline environments.

Standard MAC-protected encryption grants an attacker instant oracle access to key correctness, converting offline brute-force into a pure throughput problem. While memory-hard KDFs slow each attempt, they do not eliminate this oracle. FractalShield eliminates it entirely via internal magic-prefix detection across layers of escalating KDF cost, where decoy layers remain statistically identical to the real payload.

Security Validation & Formal Results

We provide four formal security theorems:

Integrity.
Two-time-pad resistance.
OFV (Oracle-Free Verification).
IND-CCA2 under the Random Oracle Model (ROM).

The framework includes a resolved min-entropy bound ( $H_{\infty} \geq 128$ bits via a four-lemma chain) and full empirical validation through the NIST SP 800-22 battery:

Tests 01–13: 13/13 pass ( $n = 2 \times 1 0^{6}$ bits, 10 independent pairs).
Tests 14–15: 6/8 eligible pairs pass.

Technical Advances (v2.0)

This version introduces cumulative advances over v1.0, transforming previous conjectures into proven results:

Theorem 5.7: PRG under ROM (formerly Conjecture 4.5).
Theorem 5.11: IND-CCA2 under ROM (formerly Open Problem 1.3).
Theorem 6.5: $H_{\infty} \geq 128$ (formerly Open Problem 1.1).
NIST STS Execution: Substantial resolution of Open Problem 1.4.
Refinements: Correction of normalization in Eq. (8'), raw-field $χ^{2}$ adjusted from 1752 to $\approx 245$ ( $p = 0.66$ ), and honest reporting of the Lyapunov spectrum ( $D_{K Y} \approx 9$ , indicating weak chaos and entropy derived from injectivity).

The construction remains KDF-agnostic. All security results are stated with explicit assumptions and open residuals.

Full implementation available at: https://github.com/Fracta-Axis/Fractalyx

Files

fractashield_miguel_franco_v2.pdf

Files (342.1 kB)

Name	Size	Download all
fractashield_miguel_franco_v2.pdf md5:466d3399d69ccdae3c7fc6964ea823ae	342.1 kB	Preview Download

Additional details

Repository URL: https://github.com/Fracta-Axis/Fractalyx
Programming language: Python
Development Status: Active

	All versions	This version
Views	137	72
Downloads	62	30
Data volume	68.4 MB	17.1 MB

FractalShield: Oracle-Free Verification with Geometric Cost Escalation for Offline Brute-Force Resistance

Authors/Creators

Description

Security Validation & Formal Results

Technical Advances (v2.0)

Files

fractashield_miguel_franco_v2.pdf

Files (342.1 kB)

Additional details

Software