What problem does this paper attempt to address?

The problem that this paper attempts to solve is whether it is possible to construct a secure group - homomorphic encryption scheme in the quantum computing environment. Specifically, the paper focuses on whether there exists an (Abelian) group - homomorphic encryption scheme based on IND - CPA (indistinguishability under chosen - plaintext attack) security in the presence of quantum attackers. ### Background and Problem Description of the Paper 1. **Importance of Group - Homomorphic Encryption**: - Group - homomorphic encryption is an important building block in modern cryptography and is widely used in areas such as CCA2 - secure encryption and secure multi - party computation. - In practical applications, group - homomorphic encryption schemes are the basis for many important applications, such as electronic voting, private information retrieval, and multi - party computation. 2. **Threats from Quantum Computing**: - With the development of quantum computing, many existing group - homomorphic encryption schemes will become insecure when quantum computers mature, mainly because Shor's algorithm can efficiently solve the discrete logarithm problem and the large - integer factorization problem. - At present, no group - homomorphic encryption scheme that can resist quantum attacks has been found yet. 3. **Research Questions**: - The paper aims to explore whether a secure group - homomorphic encryption scheme can be constructed in the quantum computing environment. - Specifically, the paper proves that in the presence of quantum attackers, it is impossible to implement an (Abelian) group - homomorphic encryption scheme that satisfies IND - CPA security. ### Main Contributions 1. **Basic Impossibility Results**: - It is proved that in the quantum world, if the plaintext space and the ciphertext space form an Abelian group, then it is impossible to construct a secure group - homomorphic encryption scheme. - This result not only confirms the insecurity of existing schemes but also indicates that all future group - homomorphic encryption schemes will inevitably be insecure in the quantum world. 2. **Quantum Attacks**: - By reducing the break of IND - CPA security to an abstract subgroup membership problem (SMP) and using Watrous' quantum algorithm to solve SMP, the effectiveness of quantum attacks is proved. - The probability problem of sampling generators under an arbitrary distribution is discussed, and new results on finding generators of δ - covering subgroups under an arbitrary distribution are given. 3. **Impact on Fully Homomorphic Encryption**: - A general sufficient condition is provided to explain which homomorphic encryption schemes may be affected by quantum attacks. - The impact of this result on existing fully homomorphic encryption schemes is discussed, and it is pointed out that this is an open problem. ### Conclusion Through strict mathematical proofs, the paper shows the impossibility of constructing a secure group - homomorphic encryption scheme in the quantum computing environment. This result is of great significance for research in the field of cryptography, especially providing an important theoretical basis for designing future encryption schemes resistant to quantum attacks.