Every standard password-based encryption scheme shares a structural weakness: after the key-derivation function completes, a MAC check provides an instantaneous binary oracle (correct or incorrect) at the cost of a single hash evaluation (approx. 1 microsecond). Memory-hard KDFs slow each attempt but do not eliminate this oracle. We present FractalShield-Argon2id, a concrete instantiation of the FractalShield framework using Argon2id (RFC 9106, PHC winner 2015, ten years of public cryptanalysis) as the cryptographic core. The construction simultaneously achieves: Oracle-Free Verification (OFV): The adversary cannot determine password correctness without spending the full multi-layer KDF cost per attempt. Geometric Cost Escalation: Attacker cost is Cbase * (2N - 1) per attempt (7x / 15x / 31x at Levels 1/2/3), measured as 6. 4x / 13. 2x / 26. 8x empirically. The gap reflects Argon2id's internal lane parallelism reducing wall-clock time without reducing memory work, which is the security-relevant quantity (Omega (m) per thread, proved in the parallel ROM). Statistical Layer Indistinguishability: All N ciphertext layers are computationally indistinguishable from uniform without the correct key. Replay Resistance: Resolving Open Problem 3 (OP3). Serverless Offline Operation. All four abstract security theorems of FractalShield (Integrity, IV Uniqueness, OFV, IND-CCA2 under ROM) inherit directly to this instantiation. We additionally resolve OP3 (replay-attack mitigation) and partially resolve OP6 (constant-time comparison, verified at 5*10⁵ samples, timing spread < 1%). A complete reference implementation and test vectors are provided.
miguel angel franco leon (Thu,) studied this question.