{"ID":2838537,"CreatedAt":"2026-06-01T04:54:23.091178241Z","UpdatedAt":"2026-06-01T04:54:23.091178241Z","DeletedAt":null,"paper_url":"https://arxiv.org/abs/2511.17118","arxiv_id":"2511.17118","title":"Constant-Size Cryptographic Evidence Structures for Regulated AI Workflows","abstract":"Regulated AI workflows (such as clinical trials, medical decision support, and financial compliance) must satisfy strict auditability and integrity requirements. Existing audit-trail mechanisms rely on variable-length records, bulky cryptographic transcripts, or ad-hoc schemas, suffering from metadata leakage, irregular performance, and weak alignment with formal security notions.This paper introduces constant-size cryptographic evidence structures, a general abstraction for verifiable audit evidence in regulated AI workflows. Each evidence item is a fixed-size tuple of cryptographic fields designed to (i) bind strongly to workflow events and configurations, (ii) support constant-size storage and uniform verification cost per event, and (iii) compose cleanly with hash-chain and Merkle-based audit constructions. We formalize a model of regulated AI workflows, define syntax and algorithms for evidence structures, and prove security properties (evidence binding, tamper detection, and non-equivocation) via game-based definitions under standard assumptions (collision-resistant hashing and EUF-CMA signatures).We present a generic hash-and-sign construction using a collision-resistant hash function and a standard signature scheme, and show how to integrate it with hash-chained logs, Merkle-tree anchoring, and trusted execution environments. We implement a prototype library and report microbenchmarks on commodity hardware, demonstrating that per-event overhead is small and predictable. This work aims to provide a foundation for standardized audit mechanisms in regulated AI, with implications for clinical trial management, pharmaceutical compliance, and medical AI governance.","short_abstract":"Regulated AI workflows (such as clinical trials, medical decision support, and financial compliance) must satisfy strict auditability and integrity requirements. Existing audit-trail mechanisms rely on variable-length records, bulky cryptographic transcripts, or ad-hoc schemas, suffering from metadata leakage, irregula...","url_abs":"https://arxiv.org/abs/2511.17118","url_pdf":"https://arxiv.org/pdf/2511.17118v2","authors":"[\"Leo Kao\"]","published":"2025-11-21T10:28:07Z","proceeding":"cs.CR","tasks":"[\"cs.CR\"]","methods":"[]","has_code":false}