Exploratory Security Rationale and Tentative Parameter Mapping for a Fractal Spectral Construction
Felix Sagaz
Subject: Exploratory Security Rationale and Tentative Parameter Mapping for a Fractal Spectral Construction
Dear PQC Community,
Following the preprint "Quantum Cryptography from the Logical-Fractal Framework", I would like to present an exploratory security rationale for a fractal spectral construction and a tentative mapping of its parameters to standard post-quantum security notions.
The purpose of this note is not to claim a completed cryptographic proof, but to identify the structural ingredients that may support further analysis: key encoding, spectral public data, inversion difficulty, and parameter scaling.
SECRET SPACE AND OPERATOR MODEL
Let G_L = (V_L, E_L) denote the level-L Sierpinski gasket graph, with a number of nodes:
N(L) = (3/2) * (3^L - 1) + 3
The secret key is modeled as a Boolean assignment over the nodes:
S \in {+1, -1}^N(L)
The public object is a self-adjoint operator of the form:
H_QF(S) = -\Delta_F + R_logic(S)
where -\Delta_F is a fractal Laplacian and R_logic(S) is a secret-dependent local perturbation encoding the private Boolean structure.
PUBLIC DATA REPRESENTATION
To obtain reproducible output across hardware platforms, the public key consists of M QUANTIZED eigenvalues of H_QF(S). Each eigenvalue is scaled and truncated to an integer representation:
PK_k = floor( \lambda_k * 10^8 )
This quantization is intended to remove floating-point ambiguity and ensure deterministic serialization of the public data.
INVERSION PROBLEM AND SECURITY INTUITION
An adversary is given the quantized spectral data \Lambda_M = {\lambda_1, ..., \lambda_M}, and the task is to infer the secret vector S.
Preliminary numerical studies suggest that the spectral statistics of the Sierpinski gasket may deviate from standard random-matrix universality classes, potentially exhibiting forms of level-repulsion or rigidity not captured by classical ensembles. If such behavior persists at larger scales, it could contribute to the ill-conditioning of the inverse problem and to a highly non-convex reconstruction landscape. However, these observations remain exploratory, and establishing their asymptotic validity is an open research question.
At present, this should be regarded as a HARDNESS HYPOTHESIS rather than a proof. A proper cryptographic treatment would still require:
A formal problem statement.
A reduction or hardness argument.
A collision and ambiguity analysis.
An empirical study against algebraic, spectral, optimization, and learning-based attacks.
SECURITY ESTIMATION
The secret space has cardinality |K| = 2^N(L).
As a very coarse baseline, a generic exhaustive search over the secret space would cost on the order of 2^N(L) classical operations, while a generic quantum search would suggest a Grover-type scaling of approximately 2^{N(L)/2}.
This is only a BASELINE HEURISTIC. It should not be interpreted as a complete security proof, because the effective security of a cryptosystem depends on whether there exist structural shortcuts, leakage from the spectrum, statistical distinguishers, or faster specialized attacks.
Thus, the most defensible provisional estimate is:
Security estimate approx. N(L)/2 bits
(as a generic-search benchmark, subject to further validation).
TENTATIVE PARAMETER MAPPING
The following values are presented as illustrative examples for exploratory analysis. (Note: SK = Secret Key, PK = Public Key).
NIST LEVEL 1 (Target: AES-128)
Fractal Level (L): 5
Nodes N(L): 366
Eigenvalues (M): 64
Generic Quantum Benchmark: 183 bits
SK Size: 46 bytes
PK Size: 512 bytes
NIST LEVEL 3 (Target: AES-192)
Fractal Level (L): 6
Nodes N(L): 1095
Eigenvalues (M): 128
Generic Quantum Benchmark: 547 bits
SK Size: 137 bytes
PK Size: 1024 bytes (1 KB)
NIST LEVEL 5 (Target: AES-256)
Fractal Level (L): 7
Nodes N(L): 3282
Eigenvalues (M): 256
Generic Quantum Benchmark: 1641 bits
SK Size: 410 bytes
PK Size: 2048 bytes (2 KB)
These values show that, at least at the level of raw key length, the construction can scale beyond standard quantum security targets with an extremely small Public Key footprint. However, the true cryptographic relevance depends on whether the inversion problem remains resistant under more refined attack models.
RESEARCH QUESTIONS
The most important open questions are:
How much secret information is actually leaked by the quantized spectrum.
Whether the inverse map exhibits stable ambiguity or hidden injectivity.
Whether the problem can be reduced to a known hard problem.
Whether specialized solvers outperform generic search in practice.
Accordingly, the appropriate next step is a systematic study of the spectral inversion landscape, including numerical experiments, distinguisher tests, and complexity estimates.
CLOSING
I present this construction as a candidate framework for further post-quantum investigation, not as a finalized security claim. I would welcome feedback on the formalization of the inverse problem, the realism of the parameter mapping, and the robustness of the spectral encoding under known attack strategies.
Best regards,
Enrique Vidal Silvente
Felix Sagaz
Thank you for the detailed and constructive questions. Below I provide a consolidated response addressing all points in a single continuous explanation, since many of the issues are interrelated and concern the definition of the inversion problem, the leakage model, the role of the fractal structure, and the current empirical status of the proposal. The construction is intended to define a concrete inversion problem based on the map S → Λ_M, where S is a Boolean vector and Λ_M consists of the first M quantized eigenvalues of the operator H_QF(S). The primary security goal is the hardness of recovering S from Λ_M. A secondary acceptable goal is that finding any S′ producing the same quantized spectrum is also hard, since quantization and graph symmetries may introduce collisions. Distinguishing valid spectra from random ones is not the main objective but serves as a diagnostic: if distinguishing is easy, inversion is unlikely to be hard. No higher‑level cryptographic primitive is claimed at this stage; the proposal focuses on the raw inversion problem.
Because the spectrum is deterministic, some information leakage is unavoidable. The working assumption, based on preliminary numerical observations, is that the eigenvalues encode global spectral effects of the perturbation R_logic(S), rather than simple local correlations with individual bits. However, a full leakage analysis is still required. This includes estimating entropy H(Λ_M), conditional entropy H(S | Λ_M), collision and near‑collision rates, and sensitivity of eigenvalues to local bit flips. Known sources of potential leakage include graph automorphisms, sign symmetries, and quantization‑induced collisions. These effects are not yet fully classified, and the construction should be considered exploratory until these measurements are available.
The construction has not yet been systematically tested against specialized inversion strategies such as spectral perturbation methods, continuous relaxations of S ∈ {±1}^N, gradient‑based optimization, simulated annealing, QUBO/Ising solvers, lattice‑style linearizations, or machine‑learning‑assisted reconstruction. These attack classes are explicitly part of the planned evaluation. At present, the hardness assumption is heuristic and not supported by reductions. Similarly, although preliminary experiments did not reveal simple linear correlations between low‑lying eigenvalues and individual bits, this does not rule out more subtle leakage. A perturbative analysis of eigenvalue shifts under single‑bit flips is ongoing.
The map S → Λ_M is not assumed to be injective. Quantization and structural symmetries may introduce collisions or near‑collisions. The intended security goal is that all preimages remain hard to find. Correctness in a cryptographic protocol is not yet specified because the construction is still at the level of a raw one‑way function candidate. The parameter mapping in the note uses N(L)/2 as a provisional quantum security estimate based on Grover’s bound, but this is only a placeholder. A large keyspace alone does not imply security if structural shortcuts exist. Meaningful security requires lower bounds on attack cost, evidence against specialized solvers, and a formal leakage analysis. These components are not yet complete, so the parameter table should be interpreted as illustrative rather than as a security claim.
The fractal structure is used because the Sierpinski gasket exhibits non‑standard spectral properties, including deviations from classical random‑matrix universality, fractal localization of eigenfunctions, and irregular scaling of spectral gaps. These differences between hierarchical and subdivision spectral classes are documented in recent numerical work (DOI: https://doi.org/10.5281/zenodo.19128033), which shows that the two families of fractals produce distinct universality behaviors under fractional operators. However, these observations are numerical and not yet formalized into a cryptographic hardness property. A key open question is whether the fractal structure yields inversion difficulty beyond that of ordinary sparse graphs or random regular graphs.
Quantization at 10^8 is intended to remove floating‑point inconsistencies while preserving enough structure for reproducibility, but the stability of the construction under quantization remains an open issue. Collision rates as a function of L, M, and precision must be measured empirically.
Current empirical evidence at the proposed parameter sizes is limited. Experiments at L = 5, 6, and 7 are in progress. No reconstruction attacks have yet succeeded at these sizes, but no benchmark datasets or scripts have been published. Small‑scale tests show non‑convexity in the inversion landscape, but this is not conclusive. A reproducible benchmark suite is planned so that others can test inversion strategies independently.
In summary, the central open question is whether the map S → Λ_M defines a meaningful one‑way function with resistance to known inversion strategies, or whether it is simply a large structured search space. At present, the construction is exploratory, and the parameter table should not be interpreted as a post‑quantum security estimate until leakage, inversion hardness, and attack models are formalized more precisely. Feedback on these aspects is welcome and will help guide the next steps in evaluating the construction.