Cipher Phrasing: My New Technique Novel Amplification of Encryption

© 2026 Ashtar Ventura A.K.A. そにいたん A.K.A. admin@笑.wtf

ALL RIGHTS RESERVED

Cipher phrasing is a technique i thought of for multi-layer full-disk encryption in which the cryptographic algorithm used at each layer is not fixed, not stored, and not recoverable from the encrypted device. Instead, it is derived at mount-time from a secret passphrase — the cipher phrase — that exists only in the user’s memory.

The user defines a pool of candidate ciphers and a pool of candidate hash functions. At every mount, the cipher phrase is fed into a SHA-256 derivation function that deterministically assigns one cipher and one hash to each layer. Change a single character of the phrase, and the entire layout changes — every layer gets a different algorithm, a different hash, a different structure.

Nothing about this layout is written anywhere. Not to the encrypted device. Not to a config file. Not to a log. Not to the kernel. It exists for the duration of the mount operation, in locked memory, and is wiped the moment it is no longer needed.

The derivation is simple and auditable:

The "C" and "H" domain separators ensure that even if a single phrase is used for both, the cipher selection and hash selection are entirely independent rotations.

---

The Problem It Solves

Every existing approach to full-disk encryption has a configuration problem.

LUKS (the dominant Linux standard) stores an on-disk header containing the cipher name, key size, hash algorithm, and magic bytes. Anyone with physical access to the drive immediately knows the complete configuration — and, crucially, immediately knows that the drive is encrypted and what it is encrypted with. The header is intentionally identifiable by design.

Plain dm-crypt (headerless mode) solves the header problem. There are no magic bytes, no metadata, no signature. The entire device surface is ciphertext indistinguishable from random noise. But the parameters — cipher, key size, hash — must still be supplied at mount time, and in any practical system they come from somewhere: a script, a config file, shell history, a sudoers entry, a person’s notes. That somewhere is an attack target.

Multi-layer encryption stacks multiple plain dm-crypt passes. Each layer has its own passphrase, its own cipher, its own hash. The key math works out beautifully — multiple independent secrets multiply the attacker’s workload — but the algorithm assignment at each layer is still a piece of configuration that lives somewhere. An adversary who recovers that configuration, even without a single passphrase, now knows the complete structure of your defences.

Cipher phrasing eliminates this entirely. There is no configuration to recover. The structure of the encryption exists only in the user’s memory. An adversary can gain possession of the device, image it, study it for years, know exactly which tool was used, know the full set of candidate algorithms — and still not know which algorithm is at which layer, because that information does not exist anywhere outside the user’s head.

---

How Hard Is It to Break?

Let’s be concrete. Consider a modest configuration:

• 10 encryption layers
• 3 candidate ciphers (AES, Serpent, Twofish — all in the default pool)
• 4 candidate hash functions (SHA-256, SHA-512, Whirlpool, RIPEMD-160)
• 4 independent passphrase groups via multipass (different passphrase for different layer ranges)
• Each passphrase is a strong diceware phrase — approximately 100 bits of entropy

The layout space alone

With 3 ciphers and 4 hashes, there are 12 possible (cipher, hash) combinations per layer. Over 10 layers: 12¹⁰ ≈ 61 billion possible layouts. No property of the ciphertext distinguishes the correct layout from any other — every wrong guess produces output that looks exactly like every other wrong guess: noise.

The passphrase space

Four independent passphrase groups of ~100 bits each. “Independent” is the key word: the attacker cannot find group 1 and use that to narrow the search for group 2. The search spaces multiply:

Four groups, four separate exhaustive searches, no shortcut between them.

Combined

The total search space is the product of the layout space and all passphrase group spaces:

What about quantum computers?

Grover’s algorithm is the main quantum threat to symmetric encryption. It provides a quadratic speedup — halving the effective bit-strength of a key. So a 100-bit passphrase becomes effectively 50-bit against a quantum attacker. But:

• Grover does not parallelise across independent keys. Each passphrase group must be broken separately. The quadratic speedup applies individually to each one, but the groups still multiply.
• Grover has no special advantage against the layout space. Testing a layout candidate requires decrypting all 10 layers and checking for a valid filesystem — there is no fast distinguisher, no oracle, no shortcut. Each wrong layout looks identical to every other wrong layout.
• Grover’s speedup against the layout reduces 2^37 to 2^18.5 — a factor of roughly 400,000 — which barely registers against the passphrase costs.

Post-quantum total search cost:

Component	Cost
Passphrase group 1 (Grover)	2^50
Passphrase group 2 (Grover)	2^50
Passphrase group 3 (Grover)	2^50
Passphrase group 4 (Grover)	2^50
Groups are independent — multiply	2^200
Layout space (Grover)	×2^18
Per-iteration cost (10 layer decryptions)	×10
Total post-quantum lower bound	>2^218

What does 2^218 actually mean?

A computer the mass of the observable universe, running at one operation per Planck time (the shortest physically meaningful unit of time, approximately 5.4 × 10⁻⁴⁴ seconds), running continuously for the entire current age of the universe, would complete approximately 2^234 operations.

That is less than a fraction of what it would take to break this configuration.

Not “less if you’re lucky.” Not “less on average.” Less. Guaranteed. By over 16 orders of magnitude in favour of the defender.

And this is the quantum scenario — against a hypothetical fault-tolerant quantum computer with millions of logical qubits that does not currently exist and may never exist. Against classical hardware the margin is larger by another 100+ bits.

One important caveat: none of this protects a weak passphrase. A passphrase with 30 bits of entropy becomes 15 bits under Grover — breakable in minutes. The security of the system is bounded by its weakest passphrase group. Cipher phrasing and multiple layers multiply the strength of strong passphrases; they do not compensate for weak ones.

---

---

Invention Specification: Cipher Phrasing

Inventor: Ashtar Ventura A.K.A. そにいたん A.K.A. admin@笑.wtf
Date of first conception: 2026
Date of first public implementation: 2026
Reference implementation: abysscrypt
Document type: Technical Invention Disclosure / Prior Art Establishment

---

Abstract

This document describes cipher phrasing, a novel technique for multi-layer full-disk encryption in which the per-layer cryptographic algorithm assignment is itself a secret, derived at runtime from a user-held passphrase and never stored on disk, in any configuration file, or in any on-device structure. Combined with headerless plain dm-crypt, a device protected with cipher phrasing is entirely indistinguishable from random noise to any observer who does not hold all secrets — including an adversary who knows which tool was used, knows the full set of candidate algorithms, and has unlimited time to examine the ciphertext. The technique introduces a second independent category of secret alongside traditional key material, multiplying the attacker’s required search space rather than extending it.

---

1. Field of Invention

Cipher phrasing applies to the field of full-disk encryption, specifically to multi-layer plain-mode symmetric block cipher encryption using the Linux device-mapper (dm-crypt) subsystem or equivalent. It is applicable to any system in which multiple encryption passes are applied sequentially to a block device or container file, and in which the selection of cryptographic algorithm at each layer has traditionally been fixed, configured, or stored.

---

2. Background and Prior Art

2.1 LUKS (Linux Unified Key Setup)

LUKS is the dominant full-disk encryption standard on Linux. It stores an on-disk header containing the cipher name, key size, hash algorithm, UUID, and key slots. This header is readable without any passphrase. An adversary with physical access immediately learns:

• Which cipher is in use
• The key size and hash algorithm
• That the volume is LUKS-encrypted (the magic bytes LUKS\xba\xbe are in the header)
• The number of active key slots

LUKS volumes have identifiable header metadata by design. There is no plausible deniability about the existence or nature of the encryption.

2.2 Plain dm-crypt (headerless mode)

Plain dm-crypt applies block-level encryption with no on-disk header. The entire device surface is ciphertext; there is no magic number, no metadata, no key slot, no signature of any kind. All parameters — cipher, key size, hash, sector offset — are supplied at mount time and never persisted. A plain dm-crypt volume is computationally indistinguishable from a device filled with random data by any test that does not involve decryption with the correct key.

Plain dm-crypt eliminates header leakage but creates a new problem: the user must remember every parameter exactly, or store them somewhere outside the device. In common usage, the cipher is fixed, the key size is fixed, the hash is fixed — these become known quantities that represent a static, predictable configuration.

2.3 Multi-layer encryption

Multi-layer encryption applies multiple independent dm-crypt passes sequentially, each with its own passphrase, cipher, and key derivation. Each layer’s key must be independently recovered; the work factors multiply rather than add. This is a significant security improvement over single-layer encryption.

In all known prior multi-layer implementations, the cipher and hash at each layer are either:

• Fixed and identical across all layers — predictable
• Specified per-layer on the command line — visible in shell history, process listings, and system logs
• Stored in a configuration file — an additional attack target

In every case, the per-layer algorithm assignment is configuration data that lives somewhere recoverable. An adversary who obtains that configuration — without a single passphrase — knows the complete structure of the encryption.

No prior art is known to the inventor in which the per-layer algorithm assignment in a multi-layer plain dm-crypt stack is treated as an independently derived secret.

---

3. Problem Statement

Given a multi-layer headerless encrypted volume, the following information leakage problems exist in all prior approaches:

1. Configuration disclosure. If an adversary recovers the command line, a config file, a wrapper script, or shell history, they learn the complete per-layer cipher and hash assignment. The brute-force problem reduces to a pure key-material search with a fully known structure.

2. Tool-disclosure amplification. If the adversary identifies which tool was used — from binary artifacts, logs, or the user’s own testimony — and the tool uses fixed or documented defaults, the configuration may be entirely inferred without any additional recovered material.

3. No layout uncertainty for the attacker. Even without the passphrase, knowing the algorithm at each layer allows the adversary to structure their attack optimally — targeting the weakest layer, applying algorithm-specific cryptanalytic techniques, or partitioning the search space by layer.

4. Configuration artifacts outlive the device. Shell history, sudoers entries, scripts, and config files survive wiping of the encrypted volume. A capable adversary may reconstruct the layout from artifacts with no connection to the device itself.

The unsolved problem: how can the per-layer algorithm assignment be kept secret without storing it anywhere, while remaining reliably reproducible by the legitimate user?

---

4. The Invention

4.1 Core concept

Cipher phrasing treats the per-layer cipher and hash assignment as a secret computed in memory at mount time from a user-supplied passphrase — the cipher phrase — using a deterministic derivation function. The mapping is:

• Never written to disk
• Never stored in any configuration file
• Never passed in process arguments
• Never persisted in any form outside the duration of the mount operation
• Computed only at mount time, held in locked memory, wiped immediately after use

The cipher phrase is a second independent secret, entirely separate from the encryption passphrase(s). Losing the cipher phrase makes the volume unrecoverable. Knowing the cipher phrase without the passphrase(s) does not unlock the volume.

4.2 The algorithm pool

The user specifies a pool of candidate ciphers and a pool of candidate hash functions. The reference implementation ships with the following defaults:

The pools may be modified by the user. Neither the pools nor their sizes need to be secret (though they may be). What is secret is which member of each pool is assigned to each layer.

4.3 The derivation function

For each layer N (1-indexed), the cipher and hash indices are derived as:

Where ‖ denotes concatenation and "C" / "H" are single-byte domain separators. The separators ensure that cipher and hash rotation are independent even when a single phrase is reused for both. N is the layer number, encoded as a single byte (extended for large layer counts). The derivation is stateless: each layer’s assignment depends only on the phrase and the layer index, not on any prior layer’s result.

4.4 Two independent phrases

The user may supply:

• A cipher phrase — determines which cipher is used at each layer
• A hash phrase — determines which hash function is used at each layer

If only one phrase is supplied, it is reused for hash derivation with the "H" domain separator providing independence. Supplying separate phrases makes the two layout dimensions independently secret.

4.5 Reproducibility without storage

The derivation is deterministic. The same cipher phrase, the same pool, and the same number of layers always produce the same layout. The user needs only to remember (or securely hold) the cipher phrase. No stored configuration, no lookup table, no on-disk or off-device record of any kind is required for correct reproduction.

---

5. What an Adversary Cannot Determine

An adversary who possesses all of the following:

• Physical possession of the encrypted device
• Complete knowledge of which tool was used
• Complete knowledge of all candidate cipher and hash pools
• The exact number of encryption layers
• The sector offset
• All passphrase groups (in the strongest possible attack model)

…still cannot determine, without the cipher phrase:

• Which cipher is used at any specific layer
• Which hash is used at any specific layer
• The relationship between cipher and hash at any layer
• Whether the pools are in their default or modified state
• Any structural property that distinguishes one layout candidate from another

Without the cipher phrase, the correct layout is one of (len(cipher_pool) × len(hash_pool))^N equally plausible assignments. For a default pool over 10 layers this is approximately 61 billion candidates. No quantum algorithm provides a useful speedup because there is no efficient oracle — testing a layout candidate requires full decryption of all N layers against a known-valid output, and every wrong candidate produces output that is computationally indistinguishable from every other wrong candidate.

---

6. Security Properties

6.1 Three independent secret categories

Category	Secret	What is protected
Layout secret	Cipher phrase	Which cipher is at which layer
Layout secret	Hash phrase (optional)	Which KDF hash is at which layer
Key material	Passphrase(s)	The encryption key at each layer

These categories are orthogonal. Recovering any strict subset provides no advantage in recovering the remainder. An adversary who obtains all passphrases but not the cipher phrase knows none of the layer structure and cannot begin decryption. An adversary who obtains the cipher phrase but no passphrases knows the structure but has no key material.

6.2 Absence of a layout oracle

An oracle is a function that returns a true/false signal for “is this guess correct?” Efficient brute-force attacks are only possible when an oracle exists.

In LUKS: the oracle is “does the header decrypt to a valid LUKS structure?” — one hash comparison, cheap and unambiguous.

In plain dm-crypt with a known layout: the oracle is “does decryption with the known cipher and hash produce a valid filesystem?” — still one hash comparison per passphrase candidate.

In plain dm-crypt with cipher phrasing: the oracle is “does this candidate cipher phrase, applied to produce this layout, combined with this candidate for every passphrase group, decrypt all N layers in the correct order, and produce a valid filesystem at the deepest level?” Every oracle query costs N full-sector block-cipher decryptions in sequence, and the layout dimension must be correct before the passphrase dimension can be evaluated at all. There is no decomposition of this test into independent subtests.

6.3 Total indistinguishability from random noise

A device protected with cipher phrasing and plain dm-crypt presents no information to an observer without the secrets:

• No headers. No magic bytes, no metadata, no key slots, no version markers.
• No configuration. Cipher phrasing stores nothing on disk or in any file.
• Ciphertext indistinguishability. AES-XTS, Serpent-XTS, and Twofish-XTS in plain mode are computationally indistinguishable from a pseudorandom permutation under all known attacks when the key is unknown.
• No wrong-key signal. An incorrect passphrase or incorrect cipher phrase produces a different block device — not an error. There is no checksum, no integrity tag, no decryption-failure signal of any kind.

The device is practically identical to a device filled with random bytes.

6.4 Multiplicative rather than additive security

In conventional multi-layer encryption with a single passphrase, the brute-force cost scales roughly as 2^k — the passphrase entropy — with a small constant multiplier per additional layer. Adding layers under one passphrase is marginally useful at best.

Cipher phrasing, combined with multiple independent passphrase groups, changes the cost structure:

All factors are independent and multiply. There is no shortcut: a correct passphrase guess applied to the wrong layout produces noise indistinguishable from every other wrong guess. The attacker cannot find the layout first and then search passphrases, nor find one passphrase group and use it to narrow the search for another. Every dimension of the search must be completed simultaneously.

---

7. Quantum Resistance Analysis

7.1 Applicable quantum algorithms

Shor’s algorithm breaks integer factorisation and discrete logarithm problems. It does not apply to symmetric ciphers or hash functions. Cipher phrasing uses no asymmetric primitives. Shor’s algorithm is irrelevant.

Grover’s algorithm provides a quadratic speedup for unstructured brute-force search, reducing an N-bit key search from 2^N to 2^(N/2) quantum operations. NIST has certified AES-256 as post-quantum secure on this basis: 2^128 quantum operations remain infeasible by all credible estimates.

7.2 Effect of Grover on cipher phrasing

Passphrase groups: Grover reduces each group’s effective bit-strength by half. However, Grover does not parallelise across independent keys — each group must be broken in a separate Grover search. The groups continue to multiply:

Four groups of 100-bit entropy passphrases: 2^(100/2 × 4) = 2^200.

Layout space: Grover reduces (C×H)^L to (C×H)^(L/2). For default pools over 10 layers this is approximately 2^18 — a reduction from ~61 billion to ~350,000 candidates. This is trivially searchable. However, each candidate requires N full block-cipher decryptions with no fast distinguisher, and this dimension cannot be separated from the passphrase search — they must be correct simultaneously.

Combined post-quantum lower bound:

For 10 layers, default pools, 4 passphrase groups of 100-bit entropy:

7.3 Physical interpretation

2^218 quantum operations.

A computer with the mass of the entire observable universe, executing one operation per Planck time — the smallest physically meaningful time interval, approximately 5.4 × 10⁻⁴⁴ seconds — running continuously for the entire current age of the universe, would complete approximately 2^234 operations.

That is less than 2^218 by a factor of roughly 2^16 — 65,536 times less. Against this configuration, even a universe-scale quantum computer running since the Big Bang would not have finished.

This analysis holds against the quadratic quantum speedup. Against classical hardware the margin is wider by over 100 bits in every dimension.

---

8. Novel Contributions

The following aspects of cipher phrasing are, to the inventor’s knowledge, without precedent in published prior art as of the date of this disclosure:

1. The treatment of the per-layer algorithm assignment in a multi-layer dm-crypt stack as a cryptographic secret derived from a user-held passphrase, rather than as a stored or fixed configuration parameter.

2. The combination of this technique with headerless plain dm-crypt to produce a volume in which nothing on the device surface conveys any information about the cryptographic configuration — not the algorithm, not the key size, not the hash, not the number of layers, not the passphrase structure, not the existence of encryption at all.

3. The SHA-256-based derivation scheme with domain separation ("C" and "H" byte prefixes) enabling independent rotation of cipher and hash assignments from a single shared phrase, with optionally independent phrases for each dimension.

4. The security model in which the layout is an independent secret category alongside passphrase(s), such that recovering any strict subset of secrets provides no advantage in recovering the remainder.

5. The multiplicative interaction between the layout secret space, independent passphrase group spaces, and the absence of any oracle — producing a total attack cost that is the product of all independent search spaces, with no known classical or quantum algorithm capable of decomposing the product efficiently.

---

9. Reference Implementation

The reference implementation is abysscrypt, an open-source C binary for Linux.

• abysscrypt
• License: abysscrypt Source License v1.0 (free for personal/research/educational use; attribution required; commercial and government use requires written permission)
• Language: C11, single source file, no third-party dependencies
• Secret handling: cipher phrase held in mlock()‘d anonymous memory, wiped via explicit_bzero on all exit paths, never written to disk, never passed in argv

The implementation of abysscrypt with Cipher Phrasing has been publicly available since may 2026 and constitutes prior art establishing the earliest known date of the cipher phrasing technique.

---

This document is a public technical disclosure establishing the priority date and inventorship of the cipher phrasing technique. It is published to establish prior art and preserve the inventor’s rights. Reproduction is permitted with attribution to hairetikos. Commercial use of the technique described herein requires written permission.

for anything to exist, there has to be something before it. something cannot arise from nothing. But, what about time? how do we make sense of this?

i propose at least one model;
Eternal Ground ( Ω ) + Fractal Emanation ( C ∞ )

FRACTAL ETERNAL CAUSATION:

TO SUMMARISE:

The Eternal → Infinite Fractal Causation → Present Experience

Problem	How This Model Solves It
Infinite regress	The regress terminates in Ω , but Ω needs no cause (it’s eternal/timeless)
Something from nothing	Nothing ever comes from nothing—everything flows from Ω
**Why is there something? **	Ω doesn’t “begin”—it simply is. The question dissolves.
Causality preserved	Every temporal thing has a cause; only the timeless ground is uncaused
Infinite depth preserved	The fractal structure gives infinite richness without infinite time

---

Visual Representation

                         ┌─────────────────────┐
                         │                     │
                         │    Ω (Timeless)     │  ← Outside time, eternal ground
                         │   The Eternal One   │
                         │                     │
                         └──────────┬──────────┘
                                    │
              ┌─────────────────────┼─────────────────────┐
              │                     │                     │
              ▼                     ▼                     ▼
         ┌────────┐            ┌────────┐            ┌────────┐
         │  C¹ₐ   │            │  C¹ᵦ   │            │  C¹ᵧ   │   ← Primary emanations
         └───┬────┘            └───┬────┘            └───┬────┘
             │                     │                     │
        ┌────┴────┐           ┌────┴────┐           ┌────┴────┐
        ▼         ▼           ▼         ▼           ▼         ▼
      ┌───┐     ┌───┐       ┌───┐     ┌───┐       ┌───┐     ┌───┐
      │C²₁│     │C²₂│       │C²₃│     │C²₄│       │C²₅│     │C²₆│  ← Secondary
      └─┬─┘     └─┬─┘       └─┬─┘     └─┬─┘       └─┬─┘     └─┬─┘
        │         │           │         │           │         │
       ╱ ╲       ╱ ╲         ╱ ╲       ╱ ╲         ╱ ╲       ╱ ╲
      ▼   ▼     ▼   ▼       ▼   ▼     ▼   ▼       ▼   ▼     ▼   ▼
      ·   ·     ·   ·       ·   ·     ·   ·       ·   ·     ·   ·   ← Tertiary... 
      │   │     │   │       │   │     │   │       │   │     │   │
      ▼   ▼     ▼   ▼       ▼   ▼     ▼   ▼       ▼   ▼     ▼   ▼
               ∞ fractal depth continues forever
                              │
                              ▼
                    ┌───────────────────┐
                    │   Present Moment  │  ← Where we experience reality
                    │        NOW        │
                    └───────────────────┘

---

The Ashtar Principle ( A Ω ):

“There exists exactly one timeless, uncaused eternal ground (Ω). All things that exist within time emerge from Ω through infinite fractal chains of causation. Every causal inquiry, pursued to infinite depth, resolves into Ω.”

---

Philosophical Resonances

the model aligns beautifully with several profound traditions:

Tradition	Their Ω	Fractal Emanation
Neoplatonism	The One (τὸ ἕν)	Emanation through Nous → Soul → Matter
Vedanta	Brahman	Brahman → Ātman → Maya (manifestation)
Kabbalah	Ein Sof (אֵין סוֹף)	Sefirot (10 emanations, fractal-like)
Christianity	God as “I AM”	Logos → Creation
Taoism	The Tao	“The Tao gives birth to One, One to Two, Two to Three, Three to all things”
Physics (speculative)	Quantum vacuum / Mathematical structure	Symmetry breaking → forces → particles → atoms → …

Final Fantasy VII

１８：１１

[9]：１１

MIDGAR SECTOR 7 PILLAR WAS AN INSIDE JOB
SHINRA BLAMED “TERRORISTS”

FF7 “WALL MARKET” = WALL STREET NEW YORK
NYC building 7

WTC7 controlled demolition Larry Silverstein 「ｐｕｌｌ　ｉｔ」 Inside Job

have a good day

of course, a kid is a baby goat, back in 1992 they were showing us on the surface-level realm about growing kids in artificial wombs … we can only imagine what goes on in deep underground bases with legal “grey zones”, especially in 2025

https://www.newscientist.com/article/mg13418180-400-japanese-pioneers-raise-kid-in-rubber-womb

those women in the 1990s who reported being abducted by “alien”s and impregnated with “hybrids”? … then abducted again and having the fetus removed?

probably because in 1992 it required months in the biological womb before transferring to artificial womb … early stage of the tech 😉

backup of the page follows below:

Japanese pioneers raise kid in rubber womb

By Peter Hadfield

25 April 1992

Aldous Huxley’s Brave New World came a step closer to realisation earlier
this month when Japanese scientists announced that they have raised a goat
fetus in an artificial womb. The successful ‘delivery’ of the goat, believed
to be the first of its kind in the world, increases the prospects of rescuing
sick human fetuses and treating them in an artificial womb.

Yoshinori Kuwabara, a gynaecologist at Tokyo University’s medical department,
removed the fetus from its mother by Caesarean section after 120 days’ gestation,
about three-quarters of the way to its full term. He placed it in a rubber
womb filled with artificial amniotic fluid, and the kid was delivered 17
days later.

‘A goat fetus is very immature, even at 120 days,’ says Kuwabara. ‘It
corresponds to about the 20th to 24th week of gestation of a human fetus.’

In its second womb, the fetus was fed via a catheter with normal fetal
blood, which was oxygenated and recycled. Nutrients were added to the blood
supply. The sac was filled with a near exact reproduction of natural amniotic
fluid – a mixture of sodium and potassium chlorides, glucose and proteins.
The temperature was kept at a constant 39.5 °C by passing warm water
between two outer layers of rubber.

Creating an artificial womb has been tried before. In 1969, French scientists
managed to keep a sheep fetus alive in one for two days. Kuwabara’s goat
fetus faced two principal dangers. The 42-litre sac is larger than a normal
womb and the fetus had room to be more active than usual. Under these conditions
Kuwabara says the fetus could have taken in too much oxygen, which can be
toxic at high concentrations, or swallowed too much amniotic fluid, leading
to severe fluid retention. To reduce the danger, Kuwabara and colleagues
fed the fetus sedatives to slow down its activity and swallowing.

‘We have two objectives in our research,’ says Kuwabara. ‘One is for
animal models for fetal experimental medicine. The other is for clinical
use, to rescue very immature or sick fetuses.’

One condition Kuwabara says may be treatable by artificial gestation
is hypoplasia of the lungs, in which the lungs fail to mature. The disease
kills around 100 babies a year in Japan. ‘I don’t worry about the ethical
problems. I just want to rescue the fetus where it is impossible to be
rescued by present treatment,’ he says.

Kuwabara believes it may be possible to incubate a goat’s fetus from
as early as 90 days into gestation, and a human fetus from about the 16th
week. The kid, now one month old, is still suffering the after-effects of
the sedatives. It cannot stand or breath by itself. But as the muscle relaxants
wear off it is gaining strength and will soon be able to function properly.
Kuwabara says it is ‘doing well’.