XXX-X-XXXX-XXXX-X/XX/$XX.00 © 20XX IEEE
E-university applications:A Privacy-Preserving
Diploma Notarization Platform in Taiwan
Lo-Yao Yeh, Woei-Jiunn Tsaur, Shih-Wei Liao, Cheng-Feng Huang, Jen-Chun Chang, and Ching-
Ching Lin 1 Innovative and Applicable Division, National Center for High-performance Computing, Taichung,
Taiwan 2 Computer Center, National Taipei University, New Taipei, Taiwan
3 Department of Computer Science and Information Engineering, National Taiwan University, Taipei,
Taiwan 4 Network and Security Division, National Center for High-performance Computing, Taichung, Taiwan
5 Department of Computer Science and Information Engineering, National Taipei University, New Taipei,
Taiwan 6 Department of Information Management, National Chi Nan University, Nantou, Taiwan
Abstract—Fake diploma problem is getting worse because
the industry of diploma forgery has been emerging. Someone
could take advantage of counterfeit degrees to find a decent
job. Therefore, the fake diploma problem is urgent to many
different walks of life. The existing anti-forgery methods for
traditional diplomas cannot eradicate the disgraceful behavior
of malicious. In 2016, Blockcerts project based on bitcoin
blockchain is proposed to serve as an unforgeable place for
storing legitimate certificates. However, the verifier needs to
obtain the JSON file from students, which incurs inconvenient
and privacy issue. In this paper, we proposed a practical and
privacy-preserving diploma notarization platform based on
smart contracts in Ethereum blockchain. Combined with the
tailored QR code technique, the proposed platform can get rid
of the JSON file in verification process, which means the
better privacy of digital diploma and the more convenient in
many scenarios. Moreover, the multiple content inspections
for a diploma proposal are another security feature of our
platform to avoid the corruption problem of the single school
administrator. Our platform is adapted to issue the digital
diplomas for elementary schools in Taichung County in
Taiwan.
Keywords: component, formatting, style, styling, insert (key
words)
1. Introduction
In the past decades, the issue of fake diplomas is getting
worse thanks to the progress of photographic processing tools.
Anyone can easily modify a diploma image file to forgery new
diploma. Moreover, the industry of diploma forgery has
prospered for a while [1]. It is reported [2] that some
counterfeit diplomas are used to finding jobs. This problem
will not only ruin the reputation of prestigious universities but
hinder employers from getting talent employees. Therefore,
how to prevent the fake diploma is an imperative task.
In traditional, four kinds of anti-forgery methods have been
adopted including physical one, chemical one, optical one and
embedded digital signature one. Unfortunately, most of above
manners are not good enough to eradicate counterfeit diploma
problem and all of them are inconvenient. First, physical and
chemical one can be imitated in a short period of time [1].
Second, these four ways could incur the inconvenience for
verifiers, because the verification for a certain diploma
requires the real copy of the diploma, which does not fit to the
scenario of job applications. Third, the embedded digital
signature method should be equipped with a chip to store. The
lifespan of a chip is about 10 years and the chip cost is another
practical issue.
Recently, an emerging technology named blockchain [3]
draw attention from academic and industry. Based on
distributed ledger technology, Blockchain enjoys tamper
resistance, decentralized, and durability and robustness
properties. Tons of decentralized applications [8][9][10] are
proposed or working on.
In 2016, MIT media lab has adopted blockchain to build an
anti-forgery diploma platform, named Blockcerts, based on
Bitcoin blockchain. Currently, it has issued about hundreds of
personal certificates for their alumni member and Global
Entrepreneurship Bootcamp students. It is a great idea to take
advantage of blockchain to overcome the fake diploma
problem. However, some improvements could be further
addressed. First, Blockcert needs a JSON file or a credential to
verify, which is inconvenient to receive the JSON file for
employers or other verifiers. Image that you want to verify a
doctor diploma while I am in a clinic. It is impossible to ask
the doctor to give the JSON file to every patient. Second,
adversaries could be inferred from bitcoin transaction records
to realize the bitcoin address of issuers (university), which
cause the privacy issue. Furthermore, the JSON file represents
the real diploma in digital version. It is wired that every
employers can get every employees real diploma, which is
another privacy issue.
In this paper, we propose a privacy-preserving diploma
notarization platform based on smart contracts in Ethereum
blockchain. For better convenience, we elaborately design a
decentralized verification platform with QR code scanning and
44 Int'l Conf. e-Learning, e-Bus., EIS, and e-Gov. | EEE'18 |
ISBN: 1-60132-474-X, CSREA Press ©
integrate Swarm [12], a peer-to-peer storage system, to get rid
of the need of JSON file. A naïve use of traditional QR code is
to redirect a website storing JSON files while a verification
process occurs. However, it totally loses the spirit of
decentralization of Blockchain. Our two-dimensional barcode
can not only redirect to the website, but also embed some
important parameters to ensure that any Swarm node cannot
directly peek the content of certificate and cannot keep the
complete JSON files of any students. In terms of content
validity, our scheme further advocates that the multiple
content inspections are required. Although blockchain
technology embraces the tamper resistance property, the
validity of the content wanted to be stored should be further
confirmed before stacking into the shared ledger. Note that the
procedure of confirming content can be omitted in Bitcoin
blockchain since the all coin in blockchain is generated by
Bitcoin protocol, so the coin is always genuine without the
counterfeit problem. To sum up, our scheme can provide the
following advantages.
(1) Privacy-preserving: our scheme can never deliver the
digital diploma to verifiers without compromising
personal privacy.
(2) Efficient verification: a tailor-made QR code
verification can improve the verification efficiency
without the need of JSON file.
(3) Better content inspection: we utilize the multi-
signature technique for checking content before
storing into blockchain.
(4) High availability, and tamper resistance: an Ethereum-
based blockchain platform can achieve better
availability without the single point of failure issue.
The pro of tamper resistance is inherent from
blockchain technology.
Note that this platform is implemented by national center
for high-performance computing (NCHC) in Taiwan and is
adopted by Taichung regional government to experiment
the blockchain-based diplomat in elementary school.
Moreover, some universities in Taiwan also plan to join
this platform.
The next section introduces some related work. Section III
explains the proposed scheme. In Section IV, the security
and performance evaluation are presented. In Section V,
our system implementation is elaborated. Section VI
concludes the paper.
2. Related work
2.1 Blockchain
Blockchain technology [3] is a kind of distributed ledger
with immutability feature among nodes in a peer-to-peer
network. Based on a consensus protocol, each node can
maintain the same ledger without centralized authority.
Cryptographic hashes and digital signatures ensure the
integrity of transactions in each block.
In 2014, a new kind of blockchain technology, named
Ethereum, is proposed to execute programs in smart contracts,
which enables a generally programmable infrastructure. The
concept of smart contracts can efficiently change state and
store variables compared to Bitcoin blockchain. Smart
contracts are deployed and executed on the blockchain
network and can be used to reach agreements and solve
common problems with minimal trust.
2.2 MIT Blockcert
In 2015, MIT media lab embarked on developing an academic
certificate system [5] on Bitcoin blockchain. Recently, this
system has extended as Blockcerts as the open standard for
blockchain credentials. The design of the architecture is that an
issuer signs a well-structured digital certificate and stores its
hash within blockchain transaction. The output of the
transaction is assigned to the recipient. Their system is
consisted of three modules:
(1)Cert-schema: this module makes a digital certificate in a
form of JSON file.
(2)Cert-issuer: this module creates a transaction in Bitcoin
blockchain.
(3)Cert-viewer: this module to verify and display certificates.
The whole flow is illustrated in Fig. 1
Fig. 1 The flow chart of Blockcert
3. The proposed scheme
3.1 System objectives
(1) Multiple content inspections: a good diploma platform
should guarantee the content validity of a diploma.
Int'l Conf. e-Learning, e-Bus., EIS, and e-Gov. | EEE'18 | 45
ISBN: 1-60132-474-X, CSREA Press ©
(2) Tamper-proof diploma: a digital diploma platform must
ensure that the content of a legitimate diploma cannot be
tampered.
(3) Resistant to single failure problem: a decent diploma
platform can prevent the single failure problem with
minimum maintenance cost.
(4) Efficient verification: the verification time of a digital
diploma should be as soon as possible.
(5) Privacy protection on diploma: A diploma platform should
keep the privacy level as traditional diploma system.
3.2 System Model
Fig. 2 illustrates the architecture of our diploma
notarization platform, which is consisted of the following
roles.
(1) Users: there are three kinds of users in our platform.
(A) Issuer: this role is responsible for launching a
diploma proposal for notarization.
Fig. 2 The architecture of the proposed platform
(B) Endorser: these roles endorse the proposal issued by
an issuer. By this way, the content of a diploma can
be confirmed more than once.
(C) Recipient: this role will receive the credential (JSON)
and QR code from blockchain.
(D) Verifier: anyone can play this role to verify the
recipient’s diploma by the means of uploading JSON
file or scanning QR code.
(2) Web server: a web server is used to send transactions or
receive information to/from blockchain.
(3) Blockchain nodes: several physical computers serve as
blockchain nodes. Currently, our platform has four
blockchain nodes among different places, including
Hsinchu, Taichung, and Tainan in Taiwan.
(4) P2P file sharing system: in order to support QR code, our
platform is equipped with P2P file sharing system to store
partially information for getting rid of the need of JSON
files.
Fig. 3 The data flow of the issue procedure
3.3 Issue Procedure
Here, we explain the procedure details of the proposed
platform. Note that because our platform keeps the blockchain
spirit of decentralized property, our design of QR code is
different from regular one.
Step 1: Issuer Web server: Student information
First, an issuer gets into the web server by inputting the
student information, including name, description, diploma ID,
the list of endorsers, and diploma image etc.
Step 2: According to the student information, the web
server prepares a JSON draft file.
Step 3: Web server Blockchain nodes: JSON draft.
The web server sends the JSON draft by a transaction on
blockchain protocol to a smart contract designed for the
recipient. Basically, the issuer must sign the transaction before
sending.
Step 4: The smart contract (SC) stored in blockchain nodes
checks the validity of the transaction (Tx). Then, the smart
contract can read the addresses of endorsers.
Step 5: SC Endorsers: Endorsement request.
To further ensure the content validity of the diploma, the
smart contract asks the endorsers to sign on the JSON draft. In
our proof-of-concept (PoC) system, we set the number of
endorsers as three, which can be adjusted in the future.
Step 6: An endorser views the JSON draft to understand
the student information. If the content of the diploma proposal
is genuine, the endorser signs on JSON draft.
Step 7: Endorser SC: Endorsement response.
46 Int'l Conf. e-Learning, e-Bus., EIS, and e-Gov. | EEE'18 |
ISBN: 1-60132-474-X, CSREA Press ©
Fig. 4 The data flow of the JSON file verification
If the endorser signs the JSON draft, the file will be
transferred to the smart contract. Otherwise, the negative
response will be sent to the smart contract.
Step 8: The smart contract verifies whether the signed
JSON drafts are correct. If yes, the number of endorsements is
added. As long as the number is enough, the smart contract
can change the status of JSON draft into a complete one. Then,
the smart contract generates the hash value of JSON file, i.e.
BD=SHA256(JSON file), and records the hash into
blockchain.
Step 9: Web server SC: Realize the diploma has been
successfully recorded on blockchain.
The web server develops a program to listen the status of
the smart contract. Then, the web server can understand that
the proposed diploma has been recorded on blockchain.
Step 10: Based on Step 9, the web server can also generate
the complete JSON file. To further enhance the privacy of
JSON file, our platform will extract some parts from the JSON
file and combine them into QR code. Moreover, the partial
JSON file is also encrypted, and stored into Swarm, a peer-to-
peer file sharing system.
Step 11: Web server Recipient: QR code and JSON file
The Recipient can login his/her account to receive the QR
code and JSON file.
3.4 Verify Procedure
In our platform, there are two kinds of verification procedures,
JSON file and QR code verification.
(1) JSON file Verification:
The data flow of JSON file verification is shown in Fig. 4
Step 1: Verifier Web server: JSON file
First, the verifier obtains the JSON file from recipient
(student), and uploads the JSON file to the web server.
Fig. 5 The data flow of the QR code verification
Step 2: After getting the JSON file, the web server
computes the hash value of the uploaded JSON, i.e. UD =
SHA256(uploaded JSON file).
Step 3: Web server nodes: Query the hash value.
The web server queries the hash value BD from blockchain
nodes.
Step 4: Nodes Web server: Respond the hash value.
According to the JSON information, the smart contract
extracts the hash value BD of JSON file previously stored on
blockchain.
Step 5: Compare whether the two hashes BD=UD is
satisfied or not.
Step 6: Web server verifier: True/False.
As long as the two hashes are matched, the web server will
show the content of the diploma to the verifier. Otherwise, the
verification failure message is shown.
(2) QR Code Verification:
The data flow of QR code verification is shown in Fig. 5
Step 1: Verifier Web server: QR code
The verifier obtains the QR code from a recipient (student)
or from a printed diploma.
Step 2: The web server reads the parameters from QR code
URL and realizes the download link of Swarm.
Step 3: Web server Swarm: Query the encrypted partial
JSON file.
The web server queries a Swarm node to gain the
encrypted partial JSON file.
Step 4: Swarm Web server: Respond the encrypted
partial JSON file.
Based on the QR code parameters, the Swarm node can
respond the corresponding files back to the web server.
Step 5: The web server takes the URL parameters of QR
code to perform the following operations. (1) Decrypting the
encrypted partial JSON file into plaintext. (2) Completing the
partial JSON file as the complete one. (3) Computing the hash
value of the complete JSON file, i.e. QD = SHA256(complete
JSON file).
Step 6: Web server nodes: Query the hash value BD.
Int'l Conf. e-Learning, e-Bus., EIS, and e-Gov. | EEE'18 | 47
ISBN: 1-60132-474-X, CSREA Press ©
The web server queries the hash value from blockchain
nodes.
Step 7: Nodes Web server: Respond the hash value.
According to the JSON information, the smart contract
extracts the hash value BD of JSON file previously stored on
blockchain.
Step 8: Compare whether the two hashes BD=QD is held
or not.
Step 9: Web server verifier: True/False.
As long as the two hashes are the same, the web server will
show the content of the diploma. Otherwise, the verification
failure message is shown.
4. Security and performance evaluation
4.1 System Feature
(1) Multiple content inspections: In our platform, the
content validity is ensured by endorsers. Only if all
assigned endorsers are agreed the content of the diploma
proposal, the legitimate diploma can be generated.
(2) Tamper-proof diploma: In our platform, we adopt
blockchain as the underlying protocol to store the
confirmed diploma. Based on the analysis of blockchain
[7], the altering success rate of 2 confirmations is below
10%, 4 confirmations is about less than 1%, and 6
confirmations are lower than 0.1%. In our platform, the
number of 6 confirmations can be generated within 2
minus. Although Ethereum blockchain requires about 10
confirmations [11], our platform can also achieve this
level security within 3 minutes. Therefore, the feature of
tamper-proof diploma can be achieved.
(3) Resistant to single point of failure problem: In our
platform, we setup multiple blockchain full nodes as
well as miners, and every node maintains the same
shared ledger. As a result, the single point of failure
problem can be avoided.
(4) Efficient verification: Compared to MIT Blockcerts
system, our platform can efficiently verify digital
diplomas by QR codes without the need of JSON files,
documents which is infeasible to several scenarios. For
example, to check the diploma of the doctor in a clinic, it
is infeasible to ask the doctor give the JSON file to every
single patient who wants to confirm the qualifications of
the doctor’s degree.
(5) Privacy protection on diploma: In blockchain-based
diploma platform, a JSON file represents a user’s real
diploma. In our platform, an interviewee can never
reveal his/her own real JSON file to all companies.
Therefore, our scheme can preserve a better privacy on
the interviewee’s diploma.
5. System implementation
5.1 System Environment
Our blockchain architecture is based on Ethereum and the
distributed P2P storage Swarm, the smart contracts, and some
off-line programs. Our system is made of four main
components: (i) issue, (ii) endorser, (iii) recipient, (iv)
verification. Moreover, we also build some monitoring tools
for realizing the status of transaction, block and node status.
The consensus algorithm is the current version is PoA for the
sake of performance and energy consumption.
5.2 Brief Introduction of System Implementation
In our platform, some privacy protections are also
implemented in our system. In Swarm, we encrypted the
incomplete diploma file with the hashes of QR code url and a
password phrase we assigned. In QR code implementation, we
do not directly go to the cert page. Instead, we fetch some
codes from QR code url to decrypt the incomplete files in
Swarm. Finally, our platform checks the hashes in blockchain
and the complete diploma files we combined.
5.3 System prototype
(1) Issue: The input of issue phase includes the diploma
name, revocation url, the description of the diploma, the
image of the proposal diploma, the number of endorsers,
and the endorsers’ addresses. Our platform will create a
JSON file containing the above information.
Fig. 6 User interface of issue phase
(2) Endorsers: As long as one of the assigned endorsers has
signed the diploma with their signature, our system will
check the signature in the smart contract. If the result is
positive, the status of the endorser will change from false
to true.
Fig. 7 Tracking information of endorsers
48 Int'l Conf. e-Learning, e-Bus., EIS, and e-Gov. | EEE'18 |
ISBN: 1-60132-474-X, CSREA Press ©
(3) Recipient: If all the endorsers finish their jobs, the
recipient will obtain his/her own diploma. Here, they can
see their diploma information, and get their QR code at
the bottom. The download link of the JSON file is also
shown. The digital document can be checked by our
verification function.
Fig. 8 Information of an issued diploma (certificate)
(4) Verification: In verification part, first we upload the JSON
file, which is obtained by a recipient. And then the system
will compute the hash of the file, than compares the
hashes of JSON file and blockchain. If succeed, the blue
bar will be fulfill. As for QR code verification, the system
will fetch the code from the QR code url, and download
the file from Swarm. After decoding, our platform
combines the decoded file and some parameters from the
QR code url to form a complete JSON file. Finally, our
platform compares the two hashes, queried from
blockchain and computed from the combined file.
Fig. 9 JSON file verification
Fig. 10 QR code verification
(5) Status of Ethereum network: For easier management, we
build up a monitor tool to monitor the health of our
Ethereum network. The information of average block
time, average hash rate, the number of blocks can be
found in the dashboard.
Fig. 11 Status of Ethereum Network
(6) Ethereum explorer: In the explorer, we can immediately
look for the information of transactions and blocks in our
Ethereum chain. The details of block size, time, and used
gas, miner etc. are listed. Moreover, users can witness the
transactions of their diploma information.
Int'l Conf. e-Learning, e-Bus., EIS, and e-Gov. | EEE'18 | 49
ISBN: 1-60132-474-X, CSREA Press ©
Fig. 11 Block information in our Ethereum explorer
Fig. 12 Transaction information in our Ethereum explorer
6. Conclusion
To solve the fake diploma problem, a practical and privacy-
preserving diploma notarization platform is proposed.
Compared to the existing blockchain-based diploma platform,
our scheme originally develops QR code verification with
decentralized manner to enhance the convenience and privacy
protection. Moreover, our platform further considers the
multiple content inspections before storing diploma into
blockchain, which withstands unauthentic contents to be saved
into blockchain. To sum up, the proposed provides the merits
of tamper-proof property, privacy protections on digital
diploma, QR code verification without the need of JSON file,
no single point of failure problem.
ACKNOWLEDGMENT
This work was supported in part by the Ministry of Science
and Technology in Taiwan, MOST 106-3114-E-305-001 and
MOST 106-3114-E-305-002.
REFERENCES
[1] Y. Dai, and S. Su, “A Diploma Anti-Forgery System Based on
Lightweight Digital Signatures,” Inter. Conf. on Comp. Intel. and Sec., pp. 647-651, 2014.
[2] N. Garnet. “Digital right management, copyright, and napster,” ACM
SIGecom Exchanges, v2(2), 2001, pp. 1-5.
[3] S. Nakamoto, “Bitcoin: A peer-to-peer electronic cash system,” Tech.
Rep., 2008. [Online]. Available: Https://bitcoin.org/bitcoin.pdf
[4] Wood, G. Ethereum:A secure decentralised generalised transaction
ledger. Ethereum Project Yellow Paper, 2014.
[5] MIT Media lab, “Digital Certificates Project,”
http://certificates.media.mit.edu/#examples, 2016.
[6] MIT Media lab, “BLOCKCERTS: The Open Standard For Blockchain Credentials,” https://www.blockcerts.org/, 2017.
[7] M. Rosenfeld, “Analysis of hashrate-based double spending,” arXiv prepreint arXiv: 1402.2009, 2014.
[8] S, Alansari, F. Paci, V. Sassone,“ A Distributed Access Control System
for Cloud Federations,” IEEE ICDCS, 2017.
[9] L. LI, J. Liu, L. Cheng, S. Qiu, W. Wang, X. Zhang, and Z. Zhang,
“CreditCoin: A Privacy-Preserving Blockchain-Based Incentive Announcement Network for Communications of Smart Vehicles,” IEEE
Trans. Intell. Trans. Syst., Eary access, 2017.
[10] Z. Li, J. Kang, R. Yu, D. Ye, Q. Deng, and Y. Zhang, “Consortium Blockchain for Secure Engery Trading in Industrial Internet of Things,”
IEEE Trans. Indust. Inform., Eary access, 2017.
[11] V. Buterin, “On Slow and Fast Block Time,” Ethereum Blog,
https://blog.ethereum.org/2015/09/14/on-slow-and-fast-block-times/,
2015.
[12] V. Tron, A. Fischer, D. a. Nagy, Z. Felfoldi, N. Johson, “Swarm: Swap,
Swear, and Swindle incentive system for Swarm,” Ethersphere Github, 2016.
50 Int'l Conf. e-Learning, e-Bus., EIS, and e-Gov. | EEE'18 |
ISBN: 1-60132-474-X, CSREA Press ©