摘要 |
The present invention relates to an intrusion−tolerant digital certificate distribute system and a distribute method.The system includes a task distributor,k arithmetic units,m combiners and a subkey distributor.The steps of distributing CA(Certificate Authority)keys include:a private key d is represented into the sum of t subkeys d<sb>ij </sb>and a subkey c<sb>a </sb>by the subkey distributor,t<k;the distributor distributes randomly these k x i subkeys into k arithmetic units,I subkeys per arithmetic unit;a set of c<sb>a </sb>and the equation combination thereof are acquired,and are prememoried into m combiners according to the security conditions of these combiners.The process of distributing certificates includes:the task distributor sends certificates to be signatured into k arithmetic units;the arithmetic units compute the ascending power M<sp>dji,</sp>and provide I computed results to the combiners;these combiners find one matching equation combination by compare these results with the prememoried equation combinations of c<sb>a</sb>,and then a corresponding c<sb>a </sb>is acquired;the result R is acquired by multiplying the corresponding ascending power M<sp>dji,</sp>and then M<sp>ca </sp>is determined;the digital signature S=M<sp>d </sp>is computed,and the certificates are generated finally.
|