INTRUSION-TOLERANT DIGITAL CERTIFICATE DISTRIBUTE SYSTEM AND DISTRIBUTE METHOD

摘要

The present invention relates to an intrusion-tolerant digital certificate distribute system and a distribute method. The system includes a task distributor, k arithmetic units, m combiners and a subkey distributor. The steps of distributing CA(Certificate Authority) keys include: a private key d is represented into the sum of t subkeys dij and a subkey ca by the subkey distributor, tk; the distributor distributes randomly these k x i subkeys into k arithmetic units, I subkeys per arithmetic unit; a set of ca and the equation combination thereof are acquired, and are prememoried into m combiners according to the security conditions of these combiners. The process of distributing certificates includes: the task distributor sends certificates to be signatured into k arithmetic units; the arithmetic units compute the ascending power Mdji, and provide I computed results to the combiners; these combiners find one matching equation combination by compare these results with the prememoried equation combinations of ca, and then a corresponding ca is acquired; the result R is acquired by multiplying the corresponding ascending power Mdji, and then Mca is determined; the digital signature S=Md is computed, and the certificates are generated finally.