**Abstract:** An encryption scheme is called indistinguishable under chosen
plaintext attack (short IND-CPA), if an attacker cannot
distinguish the encryptions of two messages of his
choice. Alternatively there are other variants of this
definition, that all turn out to be equivalent in the classical
case. However in the quantum case, there is a lack of a
comprehensive study of all quantum versions of IND-CPA security
notion. We give an overview of these different variants of
quantum IND-CPA for symmetric encryption schemes. In total, 57
different notions are valid and achievable. We investigate the
relations between these notions and prove various equivalences,
implications, non-equivalences, and non-implications between
these variants. Some of non-implications are left as conjectures
and need further research.

**Permalink:** http://www.ut.ee/~unruh/publications/qindcpa.html