MICKAI®
Article · 12 July 2026

Evidence must outlive the cryptography that sealed it: a post-quantum audit doctrine

Long-lived AI records survive by staying verifiable after their sealing cryptography is superseded, using post-quantum signatures, hash-chaining, algorithm identifiers and a defined re-signing path.

Evidence must outlive the cryptography that sealed it: a post-quantum audit doctrine
Author
Micky Irons
Published
12 July 2026
Follow Micky Irons
LinkedInX
sovereign aipost-quantum cryptographyaudit ledgerfips 204evidence integrity

Post-quantum audit doctrine: evidence must stay verifiable after its sealing cryptography is broken, because a signature trusted today can be forged once quantum computers mature.

Why this matters in 2026: the records AI systems generate now, medical decisions, financial approvals, defence logs, must remain provable for decades. Adversaries already harvest sealed data to decrypt it later, and standards bodies have finalised the post-quantum signatures that will outlast today's mathematics. A record sealed with a scheme that quantum computers can break is not durable evidence; it is a liability waiting for the machine that discredits it. The doctrine below is the governing principle that ties the whole post-quantum cluster together.

What does it mean for evidence to outlive its cryptography?

It means a record stays independently verifiable long after the algorithm that first signed it is deprecated, because verification never depends on any single scheme.

Cryptographic guarantees have shelf lives. A signature is a promise about the future, and that promise fails the day its algorithm is broken. Evidence that must last decades therefore cannot bind its credibility to one scheme. It must carry its own chain of proof so that any future verifier can check it without trusting the tool, the vendor or the mathematics that created it. The design goal is not a stronger padlock but a record that can be re-proven for as long as anyone might reasonably contest it.

Evidence must outlive the cryptography that sealed it: a post-quantum audit doctrine, illustration 1

Which post-quantum standards sign the audit ledger?

FIPS 204 (ML-DSA) and FIPS 205 (SLH-DSA) sign the audit ledger; FIPS 203 (ML-KEM) only encapsulates keys and never signs anything.

The distinction is not pedantry. FIPS 203, ML-KEM, protects confidentiality by encapsulating keys. It produces no signature and proves nothing about who wrote a record or when. Only FIPS 204, ML-DSA, and FIPS 205, SLH-DSA, produce the signatures that seal an audit ledger. ML-DSA is the lattice-based default; SLH-DSA is a conservative hash-based alternative, so a weakness discovered in one family does not collapse the entire chain. Treating encapsulation as if it were signing is the most common and most dangerous error in post-quantum planning.

Evidence must outlive the cryptography that sealed it: a post-quantum audit doctrine, illustration 2

What threatens long-lived evidence, and which control answers each?

Four threats dominate: a quantum computer forging signatures, an algorithm being deprecated, the vendor disappearing, and a key being lost; each maps to one control.

Threat to long-lived evidenceConsequenceDoctrine control
Quantum computer forges the signatureOld seals become forgeable and evidence turns repudiablePost-quantum signatures under FIPS 204 and 205 over a hash-chained ledger
Algorithm is deprecatedVerifiers reject the original schemeAlgorithm identifiers plus a defined re-signing path
Vendor disappearsNo service left to check or reissue proofsOffline verifiability on operator-owned hardware
Key is lostSigning authority cannot be reproducedHardware-attested identity bound to the audit chain

Each row is a single sentence a reviewer can act on. No threat is left to hope, and no control depends on a supplier still being in business when the record is finally challenged.

Evidence must outlive the cryptography that sealed it: a post-quantum audit doctrine, illustration 3

How does a re-signing path keep old records valid?

A re-signing path wraps existing evidence in a fresh post-quantum signature while preserving the original hash chain, so nothing is rewritten and history stays intact.

Algorithm identifiers stamp every entry with the scheme that sealed it, so a verifier always knows which mathematics to apply. When a scheme is later deprecated, the re-signing path over-signs the existing chain with a current post-quantum signature rather than reissuing the records themselves. The originals are never edited, the old identifiers remain in place, and the new signature vouches for everything beneath it. That is the difference between renewing trust and destroying the very continuity that makes a record credible.

Evidence must outlive the cryptography that sealed it: a post-quantum audit doctrine, illustration 4

Why does sovereignty decide whether evidence survives?

Because verification tied to a vendor's servers dies when the vendor does; sovereign evidence verifies offline on operator-owned hardware, outside any provider's control.

The US CLOUD Act can compel a US-based provider to produce data regardless of where its servers physically sit, so evidence held in another party's cloud is never fully under the operator's control. Public services such as ChatGPT, Copilot and Gemini are the right choice for open, low-sensitivity work; for records that must survive decades and hostile scrutiny, verification cannot rest on infrastructure the operator cannot see. Mickai is a Sovereign Intelligence Operating System, a SIOS, that runs offline on operator-owned hardware behind a zero-egress inbound perimeter, with hardware-attested identity bound to the audit chain and cross-model consensus across 50 brains, 25 domain and 25 operational. Its design is protected by 104 filed UK patent applications and 2,340 claims owned by Mickai LTD (Companies House 17166618), filed and patent pending.

How does this doctrine tie the post-quantum cluster together?

It is the governing principle beneath every other control: signatures, encapsulation, offline verification and re-signing all keep evidence checkable after its first cryptography fails.

Read alone, each control looks like a technical choice. Read together, they answer one question: will this record still convince a sceptic once the scheme that sealed it is history? Every other page in this cluster is an implementation of that single test.

Evidence that cannot be verified once its original cryptography is broken is not evidence; it is a claim awaiting the machine that will discredit it.

Frequently asked questions

Do I need to re-sign records that are already signed?

Not by rewriting them. A re-signing path over-signs the existing hash chain with a current post-quantum signature, so the original entries and their algorithm identifiers stay intact. Trust is renewed while history is preserved, which is exactly what a court or auditor expects.

Does FIPS 203 sign my audit trail?

No. FIPS 203, ML-KEM, is a key-encapsulation mechanism that protects confidentiality and never produces a signature. Signing the ledger is the job of FIPS 204 (ML-DSA) and FIPS 205 (SLH-DSA). Confusing the two leaves records encrypted but unprovable.

What happens to my evidence if our security vendor goes out of business?

If verification depends on that vendor's servers, the proofs die with it. Under this doctrine, evidence verifies offline on operator-owned hardware, so a record stays checkable even when the vendor, the service and the network are all gone. Survivability is a design property, not a support contract.

Is post-quantum signing required by regulation yet?

Not universally, but the direction is set. DORA has been in force since January 2025 and NIS2 covers essential and important entities, while the EU AI Act's high-risk Annex III obligations were deferred by the Digital Omnibus from 2 August 2026 to 2 December 2027. Long-lived evidence should be sealed for the rules that will apply across its whole life, not only today's.

How long should long-lived evidence stay verifiable?

For as long as anyone might reasonably contest it, which for medical, financial and defence records can mean decades. That horizon, not today's threat model, sets the cryptography: evidence is sealed for the algorithms expected to hold across its whole life, with a re-signing path ready for the day they no longer do.

Subscribe
Get every new Mickai article by email.

Long-form essays on sovereign AI from Micky Irons. One email per article. No tracking, no marketing, no third parties. Every email includes a one-click unsubscribe link.

Prefer RSS? Subscribe at /articles/feed.xml.

Originally published at https://mickai.co.uk/articles/evidence-must-outlive-the-cryptography-that-sealed-it. If you operate in a regulated sector or want sovereign AI on your own hardware, the audit form on mickai.co.uk is the entry point.
More articles