This work addresses the prohibitive computational cost of randomized smoothing, which relies on Monte Carlo sampling and hinders deployment in real-time systems. The authors propose a proxy model approach trained with soft-label cross-entropy loss and enhanced by a one-shot conformal calibration technique, reducing robustness radius certification to a single forward pass and enabling efficient, verifiable offline certification. This method achieves the first effective results on challenging datasets such as CIFAR-100 and Tiny ImageNet, with certified accuracy within 0.84 percentage points of fixed-budget Monte Carlo methods. It reduces per-query computation by four orders of magnitude (to 1/10⁴), allowing the training overhead to be amortized after approximately 10⁵ deployments.

Randomized smoothing (RS) uses a smoothed classifier to provide architecture-agnostic certificates of $\ell_2$ classification robustness, but its dependence on per-input Monte Carlo (MC) sampling undermines its use in real-time systems. We argue that this cost is structural rather than fundamental, such that it can be significantly reduced by sharing information across the deployment stream. We introduce RRISE, an RS framework that compresses certification into a single forward pass through a learned surrogate. RRISE trains the surrogate against precomputed MC class-count targets via a soft-label cross-entropy loss and converts surrogate predictions into provably conservative certified radii through a one-time conformal calibration step. The resulting certificate is deployment-verifiable: whenever the calibrated radius is positive, the surrogate's prediction provably matches the smoothed classifier's and the smoothed classifier is constant on a ball of that radius around the input. Across image classification benchmarks, RRISE matches fixed-budget MC certified accuracy within $0.84$ percentage points while replacing up to $10^4$ noisy base-model evaluations per query with a single surrogate forward pass, recouping MC training cost after $\approx 10^5$ deployment queries. On CIFAR-100 and Tiny ImageNet, where the only prior offline-surrogate method collapses, RRISE achieves $1.23$ to $1.91\times$ higher certified accuracy, establishing efficient randomized smoothing as a practical path to certified robustness in repeated-deployment settings.