A Semidecentralized PKI System Based on Public Blockchains with Automatic Indemnification Mechanism

Gwan Hwan Hwang, Tao Ku Chang*, Hung Wen Chiang

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

2 Citations (Scopus)


The PKI framework is a widely used network identity verification framework. Users will register their identity information with a certification authority to obtain a digital certificate and then show the digital certificate to others as an identity certificate. After others receive the certificate, they must check the revocation list from the CA to confirm whether the certificate is valid. Although this architecture has a long history of use on the Internet, significant doubt surrounds its security. Because the CA may be attacked by DDoS, the verifier may not obtain the revocation list to complete the verification process. At present, there are many new PKI architectures that can improve on the CA's single point of failure, but since they still have some shortcomings, the original architecture is still used. In this paper, we proposed a semidecentralized PKI architecture that can easily prevent a single point of failure. Users can obtain cryptographic evidence through specific protocols to clarify the responsibility for the incorrect certificate and then submit the cryptographic evidence to the smart contract for automatic judgment and indemnification.

Original languageEnglish
Article number7400466
JournalSecurity and Communication Networks
Publication statusPublished - 2021

ASJC Scopus subject areas

  • Information Systems
  • Computer Networks and Communications


Dive into the research topics of 'A Semidecentralized PKI System Based on Public Blockchains with Automatic Indemnification Mechanism'. Together they form a unique fingerprint.

Cite this