Impossibility of perfectly-secure one-round delegated quantum computing for classical client

Blind quantum computing protocols enable a client, who can generate or measure single-qubit states, to delegate quantum computing to a remote quantum server protecting the client’s privacy (i.e., input, output, and program). With current technologies, generations or measurements of single-qubit states are not too much burden for the client. In other words, secure delegated quantum computing is possible for \almost classical” clients. However, is it possible for a \completely classical” client? Here we consider a one-round perfectly-secure delegated quantum computing, and show that the protocol cannot satisfy both the correctness (i.e., the correct result is obtained when the server is honest) and the perfect blindness (i.e., the client’s privacy is completely protected) simultaneously unless BQP is in NP. Since BQP is not believed to be in NP, the result suggests the impossibility of the one-round perfectly-secure delegated quantum computing.