An intrusion-resilient signature scheme with provable security is presented in this paper. The scheme has a stronger security than a forward secure signature scheme and a key-insulated signature scheme. It satisfies that signatures in other time periods are secure even after arbitrarily many compromises of base and signer, as long as the compromises do not happen simultaneously. Furthermore, the intruder cannot generate signatures pertaining to previous time periods, even if she compromises base and signer simultaneously to get their secret information. The scheme has a nice average performance. There is no cost parameter for key generation time, base (user) key updating time, base (user) key refresh time, signing time, verifying time, signature size, public key size, and base (user) storage size having a complexity more than O(logT) in this scheme. At last, this scheme is proven secure in the random oracle model, assuming CDH problem is hard.