摘要： 分析了现有网上签名方案，提出一种基于双重二方共享机制的容侵网上签名方案，即在应用服务器(AS)与密钥服务器(SS) 以双方公钥密码算法共享密钥的基础上，引入了密钥服务器与密钥共享服务器(SSS) 共享密钥的机制。方案可以使在应用服务器与密钥服务器相互认证的同时，实现密钥服务器与密钥共享服务器之间的相互认证，从而进一步加强了系统的容侵性能。

关键词: 入侵容忍；双重二方共享机制；网上签名服务

Abstract: After the existing schema are analyzed, a new intrusion-tolerant digital signature system for Web scheme based on the double two-party secret sharing arithmetic is proposed. A new mechanism is proposed that secret server (SS) shares a secret with secret sharing server (SSS), while application server(AS) shares a secret with secret server.This design achieves not only the mutual authentication between the application server(as) and the secret server, but also the mutual authentication between the secret server and the secret sharing server. As the result of new mechanism, the proposed system has good intrusion-tolerant ability.

Key words: Intrusion-tolerant; Double two-party secret sharing mechanism; Digital signature service on Web