Abstract

One-page abstract for catalogues, publication landing pages, and quick reference.

Cryptographic Provenance for AI Outputs

Sub-title: A PKI-Native Reading of EU AI Act Articles 10/12/13 through eIDAS and ETSI EN 319.

Author: Anton Sokolov, TalTech / Zetes · Date: 2026-05-05 · Status: preprint draft v0.5 · Source: github.com/sapsan14/paper-pki-ai-act

The EU AI Act (Regulation 2024/1689) imposes obligations on integrity, transparency, record-keeping, and human oversight of AI systems — particularly under Articles 10, 12, and 13 of the high-risk regime (Chapter III, Section 2). We argue that a substantial portion of these obligations can be operationalised by reusing the trust infrastructure that PKI engineers already deploy under eIDAS (Regulations 910/2014 and 2024/1183) and ETSI EN 319 102 / 132 / 401 / 411: cryptographic signatures over canonical payloads, X.509 path validation, OCSP/CRL revocation, RFC 3161 timestamps, and policy-driven hash-chained audit ledgers.

We present a reference architecture — the Enterprise Agent Trust Framework (EATF / Aletheia) — positioned as a Trusted AI Evidence Layer that binds AI outputs and governed actions to signed, timestamped Evidence Packages, with optional ML-DSA hybrid signatures (NIST FIPS 204) for post-quantum readiness. We give an Article-by-Article mapping with explicit conformance probability bands and we deliberately confine Article 10 to integrity and provenance rather than ML data quality.

We position the framework as a substrate, not a vertical product, and report on five partner-integration deployments (environmental monitoring, building audit, education, with medical and KYC verticals planned) that ride on the same primitives. The paper is intended for trust architects, PKI practitioners, and AI deployers in the EU, and offers an implementation hypothesis that invites engineering critique.

Keywords: EU AI Act · eIDAS · ETSI EN 319 · PKI · Provenance · RFC 3161 · Post-quantum cryptography · Agent governance.

→ Full preprint text (EN) → Bibliography