The security of these systems depends entirely on the computational hardness of inverting the one-way function. If an efficient algorithm were discovered to invert the function, the entire security model would collapse. This dependency on computational hardness (rather than mathematical impossibility) distinguishes cryptographic security from information-theoretic security.

KERI's Approach

KERI leverages one-way functions as the foundational cryptographic primitive for establishing autonomic trust basis - a trust model that requires no external authorities or infrastructure. The protocol's security architecture depends on one-way functions in multiple critical ways:

Self-Certifying Identifiers

KERI uses one-way functions to create self-certifying identifiers (SCIDs) where the identifier is cryptographically derived from the controller's public key. The derivation process follows:

Seed → Private Key → One-Way Function → Public Key → One-Way Function → Identifier

This double application of one-way functions ensures:

1. The private key cannot be derived from the public key
2. The original key material cannot be derived from the identifier
3. The identifier is cryptographically bound to the controlling key pair
4. Universal uniqueness is guaranteed through cryptographic entropy

The one-way property means that while anyone can verify that a signature was created by the private key corresponding to the identifier, no one can work backwards from the identifier to discover the private key.

Cryptographic Digests and SAIDs

KERI extensively uses cryptographic hash functions (a specific type of one-way function) to create digests and Self-Addressing Identifiers (SAIDs). A digest is defined as a "verifiable cryptographic commitment" created through a collision-resistant hash of content.

The one-way property of hash functions enables:

• Content addressing where data is referenced by its digest
• Tamper evidence since any change to content produces a different digest
• Compact commitments where a fixed-size digest commits to arbitrary-size data
• Privacy preservation where digests can be shared without revealing underlying data

Critically, KERI establishes that "a verifiable cryptographic commitment (such as a digital signature) to the digest of data is cryptographically equivalent to a commitment to the data itself." This equivalence property, enabled by the one-way nature of hash functions, allows ACDC credentials to use compact SAID references instead of embedding full data while maintaining cryptographic integrity.

Pre-Rotation Security

KERI's revolutionary pre-rotation mechanism depends fundamentally on one-way functions for its security properties. In pre-rotation, the controller commits to the next set of rotation keys by publishing the cryptographic digest of those keys rather than the keys themselves.

The one-way property provides:

• Forward security: Current key compromise cannot reveal pre-rotated keys
• Post-quantum protection: Even quantum computers cannot efficiently invert the hash function to discover hidden keys
• Commitment binding: The controller cannot change the pre-rotated keys after commitment
• Verification capability: Anyone can verify that revealed rotation keys match the prior commitment

This approach transforms key rotation from a vulnerability (where compromised keys can be used to rotate to attacker-controlled keys) into a security feature (where unexposed pre-rotated keys enable recovery even after compromise).

Key Derivation from Seeds

The KERI specification describes using one-way functions to derive cryptographic keys from seeds (also called bran) and salts. A seed is "a cryptographic string used as a primary input for creating key material for an autonomic identifier."

The derivation process:

High-Entropy Seed + Salt → One-Way Function → Private Key → One-Way Function → Public Key

The one-way property ensures:

• Seed protection: Public keys can be shared without exposing the seed
• Deterministic generation: The same seed always produces the same keys
• Hierarchical derivation: Multiple keys can be derived from a single seed
• Backup simplicity: Only the seed needs to be backed up, not individual keys

Cryptographic Strength Requirements

The KERI glossary defines cryptographic strength as the degree of resistance to attack, with 128 bits of entropy cited as the minimum for secure one-way functions. This strength requirement ensures that even with substantial computational resources, inverting the function remains infeasible.

For cryptonyms (cryptographic pseudonymous identifiers), the specification requires derivation "via a one-way cryptographic function with a sufficiently high degree of cryptographic strength (e.g., 128 bits)." This ensures that cryptonyms provide both universal uniqueness and computational security against inversion attacks.

Practical Implications

Security Foundation

One-way functions provide the irreplaceable security foundation for KERI's autonomic trust model. Unlike administrative trust (which depends on organizational security) or algorithmic trust (which depends on consensus mechanisms), autonomic trust depends solely on the computational hardness of inverting one-way functions. This creates a security model that:

• Requires no trusted third parties for identifier verification
• Remains secure even if all infrastructure is compromised
• Provides end-verifiable proofs that anyone can validate
• Scales efficiently since verification is computationally cheap

Use Cases in KERI Ecosystem

Identifier Generation: Controllers generate AIDs by deriving identifiers from key pairs using one-way functions, creating self-certifying identifiers that prove control authority through signatures.

Content Addressing: ACDC credentials use SAIDs (self-addressing identifiers) where the identifier is the digest of the content, enabling compact references and tamper detection.

Key Event Logs: KELs use hash chaining where each event includes the digest of the previous event, creating tamper-evident logs through one-way function composition.

Witness Receipts: Witnesses sign digests of key events rather than the full events, enabling compact receipts while maintaining cryptographic binding.

Delegation Commitments: Delegators commit to delegated identifiers using digests, enabling verifiable delegation without exposing delegation details prematurely.

Trade-offs and Limitations

Computational Assumptions: Security depends on the assumption that no efficient algorithm exists to invert the one-way function. Advances in mathematics or quantum computing could potentially weaken this assumption, though KERI's pre-rotation mechanism provides some post-quantum protection.

Irreversibility: The one-way property means that if the original input (seed, private key) is lost, it cannot be recovered from the output. This places responsibility on controllers to securely backup seeds and implement recovery mechanisms.

Collision Resistance: While one-way functions prevent inversion, they must also be collision-resistant (hard to find two inputs producing the same output). KERI uses cryptographically strong hash functions like Blake3 and SHA-256 that provide both properties.

Performance Considerations: While computing one-way functions is "easy" in polynomial time, it still requires computational resources. KERI's architecture minimizes the number of hash operations required for verification to maintain performance at scale.

Integration with KERI Security Model

One-way functions enable KERI's zero-trust, end-verifiable security architecture. Because verification only requires computing one-way functions (which is efficient) rather than inverting them (which is infeasible), any party can independently verify:

• Identifier derivation: That an identifier correctly derives from a public key
• Digest commitments: That revealed data matches prior digest commitments
• Hash chain integrity: That KEL events form a valid hash chain
• Pre-rotation bindings: That rotation keys match pre-rotation commitments

This verification capability, enabled by the asymmetric computational complexity of one-way functions, forms the foundation of KERI's claim to provide "ambient verifiability" - the ability for anyone, anywhere, at any time to verify identifier control authority without depending on trusted infrastructure.