This work investigates the fundamental limits of implementing one-sided output secure function evaluation (SFE) in the non-asymptotic quantum setting under resource constraints and允许 constant error. It addresses scenarios where only one party (Bob) learns the output while the other party’s (Alice’s) input remains strictly private. Method: We analyze correctness and privacy requirements within a finite-dimensional quantum model, leveraging conditional entropy to quantify distributed randomness efficiency and deriving lower bounds via reductions to oblivious transfer (OT) variants. Contribution/Results: We establish that any correct and private SFE protocol necessarily enables Bob to fully extract the function value—a first such characterization in the non-asymptotic quantum regime. We further prove a tight lower bound on the number of OT instances required for any nontrivial SFE, grounded in conditional min-entropy. These results expose intrinsic resource bottlenecks in quantum secure computation and provide both theoretical limits and a novel analytical framework for lightweight secure protocol design.

One-sided output secure function evaluation is a cryptographic primitive where the two mutually distrustful players, Alice and Bob, both have a private input to a bivariate function. Bob obtains the value of the function for the given inputs, while Alice receives no output. It is known that this primitive cannot be securely implemented if the two players only have access to noiseless classical and quantum communication. In this work, we first show that Bob can extract the function values for all his possible inputs from any implementation of a non-trivial function that is correct and preserves the privacy of Bob's input. Our result holds in the non-asymptotic setting where the players have finite resources and the error is a constant. Then we consider protocols for secure function evaluation in a setup where the two players have access to trusted distributed randomness as a resource. Building upon the first result, we prove a bound on the efficiency of such cryptographic reductions for any non-trivial function in terms of the conditional entropies of the trusted randomness. From this result, we can derive lower bounds on the number of instances of different variants of OT needed to securely implement a given function.