Multivariate public key cryptography is one of the main candidates for post-quantum cryptography. Rainbow, an improved (multi-layer) version of unbalanced oil and vinegar (UOV), is one of the most famous multivariate signature schemes that is a promising candidate for NIST standardisation. At INDOCRYPT 2017, Beullens and Preneel introduced a new variant LUOV of UOV. Their idea is to generate a UOV scheme over the binary field L = F 2 and then lift it into a bigger field K = F 2 r and hence dramatically reduce the public key size. In this study, the authors first theoretically deduce the choice for the subfield L (which is different from F 2 ) which results in smaller signature sizes (up to 40%). Moreover, they extend the idea to Rainbow and theoretically yield the optimal choice for the subfield L over which a Rainbow is generated before being lifted to K. As a result, they can reduce the public key size of the obtained Rainbow scheme up to at least 36%.

中文翻译：

---

为LUOV选择子字段，为Rainbow选择提升字段

多元公共密钥密码学是后量子密码学的主要候选者之一。Rainbow是不平衡的油和醋（UOV）的改进（多层）版本，是最著名的多元签名方案之一，是NIST标准化的有希望的候选人。在2017年的INDOCRYPT上，Beullens和Preneel推出了UOV的新变体LUOV。他们的想法是在二进制字段L = F 2上生成UOV方案，然后将其提升到更大的字段K = F 2 r中，从而显着减小公钥的大小。在这项研究中，作者首先从理论上推断出子字段L（与F 2不同）的选择，这会导致签名尺寸更小（最多40％）。此外，