← Latest papers
⚛️ quantum physics

On Best-Possible One-Time Programs

This paper establishes the impossibility of generic best-possible one-time programs, then introduces and constructs "testable" one-time programs for arbitrary quantum functionalities in the classical oracle model by leveraging generalized Single-Effective-Query security and stateful quantum indistinguishability obfuscation.

Original authors: Aparna Gupte, Jiahui Liu, Luowen Qian, Justin Raizes, Bhaskar Roberts, Mark Zhandry

Published 2026-03-03
📖 6 min read🧠 Deep dive

Original authors: Aparna Gupte, Jiahui Liu, Luowen Qian, Justin Raizes, Bhaskar Roberts, Mark Zhandry

Original paper licensed under CC BY 4.0 (http://creativecommons.org/licenses/by/4.0/). This is an AI-generated explanation of the paper below. It is not written or endorsed by the authors. For technical accuracy, refer to the original paper. Read full disclaimer

The Big Picture: The "One-Time Use" Dream

Imagine you have a magical, super-secret recipe for the world's best chocolate cake. You want to sell this recipe to a baker, but you have a strict rule: They can use the recipe exactly once. After they bake one cake, the recipe must vanish forever. They shouldn't be able to copy it, memorize it, or bake a second cake.

In the world of cryptography, this is called a One-Time Program (OTP). The goal is to give someone a "black box" that does a specific job (like baking a cake or signing a document) one time, and then self-destructs so no one can learn how it works or use it again.

For a long time, scientists thought this was impossible without special hardware (like a tamper-proof chip). Then, they thought maybe quantum physics (the physics of tiny particles) could save the day because quantum states can't be copied. But recent research showed that even with quantum physics, you can't perfectly stop someone from "peeking" at the recipe multiple times using a trick called a "gentle measurement."

This paper asks a very deep question: If we can't make a perfect one-time program, what is the absolute best we can possibly do?


Part 1: The Bad News (The "Perfect" Dream is Dead)

The authors first tried to find a "Universal Best-Possible Compiler." Think of this as a magical machine that takes any secret recipe and turns it into a one-time program that is as secure as mathematically possible.

The Result: They proved this machine cannot exist.

The Analogy:
Imagine two different types of magic boxes:

  1. Box A (The Constant Box): No matter what you put inside, it always spits out the same red marble.
  2. Box B (The Secret Box): It looks like Box A from the outside, but inside, it actually changes the marble based on what you put in.

The problem is that to a computer, Box A and Box B look identical. You can't tell them apart just by looking at the outside.

However, to make a "perfect" one-time program:

  • For Box A, the best security is to just hand the user a red marble and say, "Here, eat this." (Because the output never changes).
  • For Box B, the best security is to give them a complex machine that actually calculates the marble.

If you try to build a "Best-Possible Compiler" that works for both, it gets confused. It has to act like a simple marble for Box A, but a complex machine for Box B. But since the computer can't tell the difference between the two boxes, it can't know which behavior to choose. If it chooses the wrong one, it breaks the security.

Conclusion: You cannot build a generic "best possible" one-time program for everything. The math simply doesn't allow it.


Part 2: The Good News (The "Testable" Compromise)

Since the "Perfect" dream is dead, the authors asked: "Can we find a specific type of one-time program where we can achieve the best possible security?"

They introduced a new concept called Testable One-Time Programs.

The Analogy:
Imagine you give a baker a recipe, but you also give them a magic mirror.

  • The recipe is the "program."
  • The magic mirror is a "reflection oracle."

Here is how it works:

  1. The baker uses the recipe once to bake a cake.
  2. If they try to use the recipe a second time, the magic mirror checks: "Did you mess with the recipe? Is it still in its original, pristine state?"
  3. If the recipe has been touched or copied, the mirror shatters, and the recipe stops working.
  4. If the recipe is still perfect, the mirror lets them try again (but the security rules say they shouldn't need to).

Why is this special?
The "Testable" requirement forces the program to be in a very specific, clean state (a "pure state"). This removes the confusing "mixed up" scenarios that broke the "Perfect" compiler in Part 1.

The Result:
The authors proved that for these Testable programs, we can achieve the "Best Possible" security. They created a new security standard called SEQ (Single Effective Query).

  • SEQ means: "You can get the answer once. If you try to get the answer again, the system will notice you tried to 'undo' your first attempt and will reject you."

It's like a vending machine that gives you a soda. If you try to put the soda back in and ask for another one, the machine realizes you are trying to cheat and locks up.


Part 3: The Future (How to Build This in the Real World)

The paper shows that "Testable One-Time Programs" work perfectly if we have a "Magic Oracle" (a theoretical, perfect computer that everyone trusts). But we don't have those in real life yet.

So, the authors proposed a new tool called Stateful Quantum Indistinguishability Obfuscation (Stateful Quantum iO).

The Analogy:

  • Standard Obfuscation: Hiding the code of a program so no one can read it.
  • Stateful Obfuscation: Hiding the code of a program that changes its mind over time.

Imagine a spy who has a secret notebook.

  • Normal Spy: The notebook always says the same thing.
  • Stateful Spy: The notebook writes a new secret every time you ask a question, and then burns that page.

The authors showed that if we can build this "Stateful Spy Notebook" (Stateful Quantum iO), we can automatically build the "Testable One-Time Programs" we need.

They also showed that this "Stateful Spy Notebook" might be possible to build using current math assumptions (like the difficulty of solving certain puzzles), even without magic hardware.


Summary of the Takeaways

  1. The "Perfect" is Impossible: You cannot build a universal "Best Possible" one-time program for every single type of software. The math proves it's impossible because some programs look identical but need to behave differently to be secure.
  2. The "Testable" is Possible: If we restrict ourselves to programs that can "check themselves" (Testable One-Time Programs), we can achieve the highest level of security possible.
  3. The Path Forward: To build this in the real world, we need to develop a new type of encryption called Stateful Quantum Obfuscation. This is a program that hides its secrets while allowing it to change its internal state (like burning a page after reading it).

In a Nutshell:
We can't make a "perfect" one-time program for everything. But, if we design our programs to be "self-checking" (Testable), we can make them as secure as physics allows. The key to building this in the real world is inventing a new kind of "shapeshifting" encryption that protects programs that change over time.

Drowning in papers in your field?

Get daily digests of the most novel papers matching your research keywords — with technical summaries, in your language.

Try Digest →