This work addresses three fundamental challenges in long-term post-quantum cryptography: (1) constructing secure one-time signatures (OTS) in the standard model, thereby establishing their existence; (2) rigorously separating classical binding from collapse-binding, clarifying foundational security requirements for post-quantum hash functions and commitment schemes; and (3) achieving unconditional security relative to classical oracles. Methodologically, the paper introduces “permutably pseudorandom permutations” (PPRPs), a novel primitive combining indistinguishability obfuscation, the Learning With Errors (LWE) assumption, and fully-domain trapdoor one-way permutations—thereby circumventing reliance on the random oracle model. Key contributions include: the first OTS scheme secure in the standard model; the first provable separation between classical and collapse-binding; and the first OTS construction simultaneously achieving unconditional security (against classical adversaries with oracle access) and post-quantum security. Collectively, these results advance the theoretical frontiers of post-quantum signatures, commitments, and hash functions.

One-shot signatures (OSS) were defined by Amos, Georgiou, Kiayias, and Zhandry (STOC'20). These allow for signing exactly one message, after which the signing key self-destructs, preventing a second message from ever being signed. While such an object is impossible classically, Amos et al observe that OSS may be possible using quantum signing keys by leveraging the no-cloning principle. OSS has since become an important conceptual tool with many applications in decentralized settings and for quantum cryptography with classical communication. OSS are also closely related to separations between classical-binding and collapse-binding for post-quantum hashing and commitments. Unfortunately, the only known OSS construction due to Amos et al. was only justified in a classical oracle model, and moreover their justification was ultimately found to contain a fatal bug. Thus, the existence of OSS, even in a classical idealized model, has remained open. We give the first standard-model OSS, with provable security assuming (sub-exponential) indistinguishability obfuscation (iO) and LWE. This also gives the first standard-model separation between classical and collapse-binding post-quantum commitments/hashing, solving a decade-old open problem. Along the way, we also give the first construction with unconditional security relative to a classical oracle. To achieve our standard-model construction, we develop a notion of permutable pseudorandom permutations (permutable PRPs), and show how they are useful for translating oracle proofs involving random permutations into obfuscation-based proofs. In particular, obfuscating permutable PRPs gives a trapdoor one-way permutation that is emph{full-domain}, solving another decade-old-problem of constructing this object from (sub-exponential) iO and one-way functions.