2nd Int’l Conference on Advanced Information & Communication
Technology (ICAICT 2020), 28-29 November 2020, Dhaka,
DistB-CVS: A Distributed Secure Blockchain based
2020 2nd International Conference on Advanced Information and Communication Technology (ICAICT) | 978-0-7381-2323-3/20/$31.00 ©2020 IEEE | DOI: 10.1109/ICAICT51780.2020.9333523
Online Certificate Verification System from
Bangladesh Perspective
Mahmudul Hasan∗ , Anichur Rahman∗ , and Md. Jahidul Islam‡
Department of Computer Science and Engineering
Mawlana Bhashani Science and Technology University and Green University of Bangladesh
mahmudulhasan2020@gmail.com∗ anis.mbstu.cse@gmail.com† and jahidul.jnucse@gmail.com‡
Abstract—During the academic career, students achieve nu-
merous academic credentials. These educational credentials are
offered by the student while applying for a job or scholarship.
Therefore, the goal of this paper is to propose a theoretical
blockchain-based certificate verification system on the cloud that
can offer a potential solution for academic certificate issuing
and verification where cryptocurrencies are banned. By this
regarding in this research, we address the Blockchain (BC)
technology for solving these problems. This BC can be capable
of providing immutability and publicly verifiable transactions.
Moreover, these properties of BC are used to generate the digital
academic credential, which is anti-counterfeited can be verified
easily in a little time. In addition, the proposed “DistB-CVS”
showed that cryptocurrencies banned country could leverage the
BC technology. It satisfies all the requirements necessary for a
modern academic certificate verification system. Furthermore, it
tries to close the holes and difficulties in the existing systems to
verify academic certificate authenticity.
Keywords—Blockchain (BC), Authentication, Verification, Pri-
vate Blockchain, and Certificate Verification (CV).
I. I NTRODUCTION
The educational institute issue certificates to students who
have full filled graduation requirements. However, a certifi-
cate is a document of evidence that a person completes an
informative course. Usually, the educational institution issues
a paper-based certificate because a digital certificate cannot
fully replace a paper-based certificate. Moreover, technology
becomes more advanced and cheaper, as the counterfeit cer-
tificate increases in rapid numbers. It threatens the integrity
of the certificate owner and the academic institute that issued
the certificate [1]. In addition, Ezell [2] believes that more
than 5000 diploma mills operating worldwide and issuing over
200,000 counterfeit certificates annually. Now, the fabrication
of certificates becomes a billion-dollar industry.
Therefore, certificate verification has become an essential
task. As certificates are so valuable, people are counterfeiting
documents often. A global survey finds that most applicants
are falsifying their skills for a job application. Further, a study
observed that most applicants lied about their academic certifi-
cate and job experience [3]. Employers need fresh graduates,
who offer their academic certificates for jobs. Employers verify
the certificate to ensure the graduate is valid. Therefore, the
employer makes the candidate waiting for their certification to
978-0-7381-2323-3/20/$31.00 ©2020 IEEE
460
Bangladesh.
be verified by their universities. However, the currently used
systems are manual so that they are time-consuming. Those
time-consuming systems suffer both employer and graduate
students. Sometimes it becomes burdens for job-seeking grad-
uates and costing money. Also, the process becomes expensive
and difficult when several hundred certificates need to verify
by a company. According to the Association of Certified Fraud
Examiners [4], academic certificate scam costs employers
approximately $600 billion every year. Hence, BC technology
can be an excellent solution for certificate verification.
Recently, BC is considered a disruptive innovation that
could change the banking and commerce sectors. However,
it was introduced in 2008 as the core mechanism for the
Bitcoin and executed in 2009 [5]. On the other hand, Bitcoin,
considered as the first digital currency, has delighted in an
enormous accomplishment with the capital market arriving at
1.1 billion dollars in 2016 [6]. The first and popular BC-based
application would be Bitcoin, but BC’s unique features make
it valuable not only in cryptocurrencies but also in many other
fields. But, Only a few numbers of educational institutes using
BC technology, and most of them applying it to validate and
share academic certificates. Blockcerts is an open standard
for applications that issues and verifies BC-based certificate,
developed by The MIT Media Lab Learning [7]. Moreover,
CertChain [8] is a BC-based certificate management platform
that authenticates certificate and solves the problem of the
Counterfeit certificate. In addition, OpenCerts [9] solves the
problem of Counterfeit certificate by using the Ethereum BC.
Academic institutes can issue the digital certificate and publish
it onto the BC by using the OpenCerts system.
Although all of the solution systems we have discussed
above provide a good solution for removing the problem of
counterfeit certificates, still some problems remain unsolved.
Further, the verification system like Blockcerts does not ver-
ify if the public keys are owned by the legitimate issuing
institution or not [10]. Moreover, those systems are not self-
sufficiency. Furthermore, the cost of issuing and revocation
is too high, every time issuing certificate or revocation its
costs. Finally, cryptocurrencies are illegal in several countries,
including Bangladesh. Those countries are unable to utilize all
of the above systems.
 In this paper, the authors discuss some challenges above.
To solve those discussed challenges, the authors propose a
BC-based certificate verification system model in the cloud-
database. Moreover, the proposed certificate verification sys-
tem aims to take advantage of BC technology. The summarized
main contributions of this paper are:
• We have proposed BC-based DistB-CVS architecture that
a proper solution for those countries where cryptocurren-
cies are banned.
• A consensus algorithm has proposed, which improves the
block verification mechanism.
• Finally, the authors enhance security by adopting a multi-
signature scheme.
The rest of the paper has been organized the paper as
pursues: we analyze and discuss related works in Section II.
Section III provides the proposed “DistB-CVS” architecture,
and we also discuss how the proposed architecture can func-
tion in. After that, results and discussions are presented in
Section IV. In addition, we finish up the work in Section V
with the significance and future development.
II. R ELATED W ORKS
Roehrs et al. (2017) proposed BC technology in the
healthcare domain [11]. Their proposal connecting different
providers to build a centralized view, uniting patients scattered
health records and promoting interoperability. Swati et al.
applied the BC technology in the travel industry [12], where
BC enhanced data security [13] among the network and offered
fraud-proof hotel and airline bookings during traveling. In
another article, [14], Tse et al. introduced BC technology in the
food supply chain. Again, Nguyen et al. presented a survey of
a much variant consensus BC algorithm method that allows a
new block to be linked to another block with a verified network
[15]. In another similar work, Koens et al. discussed what the
BC thing is and how to use it in [16]. They have tried to answer
the following several questions. The first question is, do you
need to use BC. In this study, [17], Aras et al. talked about
BC and its applications. According to this survey, the authors
also talked about two types of BC - one public BC and the
other private BC. Then, Dasgupta et al. focused on security
issues based on BC technology properly [18]. The authors
highlighted some cyberattacks in the vulnerable system, and
give some future initiatives and tips about BC issues for next-
generation researchers as well. The main focus of this paper
is the use of BC technology in the education domain. Hence,
this paper aims to use BC on certification verification.
Several researchers applied BC in the education domain,
especially in certificate verification. Cheng et al. proposed
a great way of verifying the digital certificate through BC
technology efficiently in [19]. First, they create a digital
certificate, and then a QR-code generates based on the digital
certificate. QR-Code helps to verify the particular graduate in
the BC-based distributed database. Curmi et al. focused the
verification, issuing process of academic certificates based on
461
BC technology in [20]. They show the registration process
for both student and faculties staff for respective institutions.
Ghazali et al. (2018) proposed a model for graduation cer-
tificate verification through a decentralized approach BC in
[21]. They enhanced the verification process and able to avoid
the problems of the existing methods. They gave immense
knowledge about academic certificate verification and authen-
tication. In [22], Chen et al. proposed a model for a public and
efficient certificate audit system based on BC technology. They
named their excellent data structure “CertOper”, which helps
to save the traceability and public audit in the BC properly. The
University of Nicosia was the first higher education institution
that stored academic certificates on the Bitcoin BC. They also
the first university that accepts Bitcoin for tuition for any
degree program.
In summary, there is more application of BC technology in
the certificate verification system. But most of the applications
use cryptocurrency-based public Blockchains like bitcoin or
ethereum. In which there are still a few problems, such as extra
costs, low scalability rate, dependency on unknown resources
for mining. But, the proposed system uses cloud-based private
consortium BC, and the nodes are trusted. Also, this paper
ensured data authentication by the multi-signature scheme and
introduced a proper revocation system.
III. P ROPOSED “D IST B-CVS” A RCHITECTURE FOR
C ERTIFICATE V ERIFICATION VIA O NLINE
BC is a decentralized infrastructure model. It has been
successfully used in trading cryptocurrencies like Bitcoin and
DASH. It has proven that the characteristics of decentraliza-
tion, transparency, immutability, and traceability. However, the
authors propose an architecture, which is depicted in Fig. 1.
Then, the key aspects of architecture can be divided into five
layers, listed as follows:
• Infrastructure layer
• Data layer
• Network layer
• Consensus layer
• Application and Presentation layer
A. Infrastructure Layer
1) Private Blockchain: A private BC is an access control
network governed by an individual entity. Besides, it provides
the privacy and permissions required by the institute. In the
proposed system, the authors use private BC. The trusted
members from the institute are the authenticated nodes of our
Private BC that takes part in the consensus and creating the
block. Private BC are faster, more efficient, and more cost-
effective than public BC, which require a lot of time and
energy to validate transactions.
2) Cloud Database: A cloud database is a typical database
with some extra features like cloud computing, backup, scal-
ing, high availability, security, patching, and health monitoring.
In the presented system, authors built the BC in a NoSQL
database like MongoDB, Apache CouchDB, etc. NoSQL is
 Fig. 1. Proposed “DistB-CVS” Architecture

a database management system that uses the non-relational 4) Digital Multi-signature: In modern cryptocurrencies, the
approach for storage and retrieval of data. NoSQL database digital signature is a core cryptographic fundamental for autho-
is flexible, scalable, high-performance, and highly functional. rizing transactions. Ethereum uses ECDSA and Bitcoin uses
Moreover, NoSQL helps us built BC with JSON and script secp256k1 with the ECDSA algorithm. This system utilizes
language. the digital signature to collect votes from the nodes to confirm
the new block, as illustrated in Fig. 2.
B. Data Layer
1) Data Block: The data we store in the BC store within the
data-block of the block. There are two fundamental ways of
BC data storage solutions: off-chain and on-chain. However,
the authors use an on-chain approach to store data in the
BC. Moreover, the clear advantage of this method is that
even in the event of an attack, the data can be recovered and
resynchronized.
2) Timestamp: The usage of a timestamp as proof of
integrity. Each block contains a Unix time timestamp. Besides,
timestamp serving as a source of validating block hash. A
timestamp is accepted as valid if:
• Be less than 2 hours in the future from servers current
time.
Fig. 2. Digital Multi-signature Process
• Be greater than the median timestamp of the past 11
blocks.
5) Revocation List: Certificates may sometimes be revoked
3) Hash Function: A secure hash function has four main when the student’s personally identifiable information changes
characteristics these are: and inaccuracy in achievement. In our system, we use an in-
• A hash function needs to have a fixed or specific output. chain revocation list. There are some protocols to update the
It doesn’t matter how many times you input the same revocation list. Those are:
data; the result is always the same.
• Only the certificate issuer can revoke the certificate.
• A hash function must be computationally efficient.
• The receiver can request for revoked the certificate.
• A hash function must have the properties of Collision
Resistance. • The revocation list must be verified and signed by the
nodes.
• The output of a hash function must be one way.

462
C. Network Layer
1) Dissemination Mechanism : In the present system, the
dissemination mechanism described how the information sends
to nodes, which information is shared with the verification
application users, and how the information is shared. Fur-
thermore, the dissemination mechanism connected with two
audiences, one is nodes of the network, and another is the
verification application users. Moreover, the nodes of the
network get full information about the certificate to verify the
information on the certificate.
2) Peer-to-Peer Network: The peer-to-peer network is the
backbone of the BC network. The computer is connected to
the peer-to-peer network called a node. Moreover, every node
in the peer-to-peer network is the same level as all other nodes.
Nodes can come in many forms, but there is no central node
that is an authority. Every node in the network stored a copy
of the BC data.
3) Authentication Mechanism: The authentication process
permits users to do their role in the system. In this proposed
system, users must log in with their user id and password.
Also, an algorithm is proposed for block validation in this
layer. After that, the algorithm uses a consensus mechanism
to validate the block. Steps of the algorithm given below:
Step 1: Take input information about Certificate
information(Certinf o ), Public key of the
issuer(P Kissuer ), Hash of the block (HashB ),
Signature of the issuer (Signatureissuer ) into a
function called BlockCheck().
Step 2: ApprovedNode is initialized to zero ( approvedNode
= 0 ). Here approvedNode is the nodes of the
Blockchain network.
Step 3: hashCert is initialized to Hash of the Certinf o
(hashCert = HASH(Certinf o )). Here hashCert
is the calculated hash of certificate information for
comparison with block hash(HashB ) by the nodes.
Step 4: signatureHash initialized to decrypt
of Signatureissuer and P Kissuer
(signatureHash =DECRY P T ((Signatureissuer ),
(P Kissuer )). Here Signatureissuer is the hash
of the data that issuer signed with Private kay.
signaturehash is also for comparison with block
hash(HashB ) for checking the authenticity of the
issuer.
Step 5: Now, for all nodes of the Blockchain, DistB-CVS
check the block hash is equal to hash of certificate
information. If any node gets, hashes are equal, then
check the signature hash with block hash. if both
comparisons satisfy the node then approvedNode is
increased by one (i.e approvedNode= approvedNode
+ 1). and satisfied node singed the block with their
private key.
Step 6: If the approvedNode is greater than the half of total
active miner nodes (approveNode> N/2 ) i.e. half of
463
the Blockchain nodes approve the validity of block
then the block approved and add to the Blockchain.
Algorithm 1: Proposed Algorithm for Block validation
Process
Input: Certinf o , P Kisser , HashB , Signatureissuer
Output: Block valid or not
1 Function BlockCheck():
2 approvedN ode ← 0
3 hashCert ← HASH(Certinf o )
4 signatureHash ←DECRYPT(Signatureissuer , P Kissure )
5 for allActiveNode i ← 0 to n do
6 if HashB == hashC ert then
7 if HashB == signatureHash then
8 approvedN ode ← approvedN ode + 1
9 signaturenodei ←ENCRYPT(HashBC , SKnodei )
10 end
11 end
12 end
13 if approvedNode > N/2 then
14 return valid
15 end
16 else
17 return invalid
18 end
D. Consensus Layer
The consensus layer is the most essential and necessary
layer for any BC, and it contains a consensus algorithm.
1) Proof-of-Work: Proof-of-Work is the first and the most
dominant consensus algorithm in the BC network. In the
proposed system, the author proposes Proof-of-Work as a
systems consensus algorithm. Proof-of-Work is used as the
consensus algorithm in popular cryptocurrencies. Furthermore,
Proof-of-Work’s main advantages are the low impact of a stake
in mining possibilities and anti-DOS attacks defense. In the
proposed system, the issuer acts as a miner, and other nodes
check the validity of the block.
E. Application & Presentation Layer
The verification applications are responsible for verifying
the authenticity and integrity of the certificates issued before.
1) Verification Application: The verification applications
retrieve the information through the API, then the system
verifying information by comparing it with the checking
information of the receipt. Moreover, the main component
functions of the authentication application as follow:
• Input the block id and the digital certificate
• The interaction with BC through API
• The logic of the verification
 Fig. 3. Flow Diagram of Certificate Verification System
2) Issuing Application: The issuing applications are re-
sponsible for the main business logic, which includes the
certificates, applying, correcting, revocation, and issuing. It
stores the hash of the certificate to BC by APIs. Furthermore,
the main component functions of the issuing application such
as follow:
• Login function
• Privilege control
• Multi-signature function
• Auditing the certificate
• Revoking the certificate
• Administration page to maintain the data, the privilege,
and more.
F. Process
The working processes of the system developed in this paper
are as follows:
Step 1: At firsts, graduate students apply for the certificate.
Step 2: The system sends the request to the university author-
ity.
Step 3: The authority granted a certificate by a node with its
digital signature. Also, the certificate revocation list
updates or creating send for approval.
Step 4: All those nodes verify the certificate, the revocation
list, and give their signatures. Last, all the verified
data add to the BC.
Step 5: BC informs the system’s success or failure status. If
the action is successful, the BC responds with the
block id and hash of the block that stores the data.
Step 6: The system sends the student the digital certificate and
the block id.
464
Step 7: Now, the student able to share the certificate with the
3rd party. When applying for a job, a graduate simply
sends the block id and the digital certificate to the
target companies.
Step 8: The companies send inquiries to the system and are
informed if the block id and the digital certificate are
valid or not.
Step 9: The BC confirms the companies or the 3rd party that
the certificate is valid or not.
IV. R ESULTS A NALYSIS AND D ISCUSSIONS
In this section, the authors have evaluated the performance
of the presented architecture with different parameters like
throughput and response time variation efficiently. The authors
program a demo private blockchain using JavaScript ES5 with
a computer Intel(R) Core(TM) i7, CPU-2.50 GHz, 8 GB of
RAM, Win 10, 64-bit OS. The authors use MongoDB cloud-
database MongoDB Atlas as the core database. The authors
compare the proposed model with existing models Bockcerts
and OpenCerts.
First of all, in Fig. 4 displays core and proposed file
operation. The graph shows the file operation efficiently, based
on response time and the file size no. Then, as the number
of files increases, the response time increases as well, and
it performed adequately in the system. Also, the authors
noticed this graph because the presented model can transfer
a substantial file than the actual core-based system, free from
various attacks.
Again, the throughput has determined depending on the
number of requests, as shown in Fig. 5. Also, it shows the com-
parisons of the throughput between the existing certification
model and the proposed “DistB-CVS”. Then, when the number
of requests for documents is lower, we have noticed that

Fig. 4. Response Time Variation
Fig. 5. Throughput Comparison (“DistB-CVS” Model vs. Existing Model)
the throughput is almost similar to each other. But when the
number of requests increases, the throughput increases as well.
After performing a certain time, due to strong authentication
and privacy, we have also observed that the proposed “DistB-
CVS” architecture effectively shows much better performance
than the existing model performance.
V. C ONCLUSION
In this paper, the authors using the BC approach proposed a
“DistB-CVS” architecture for the online certificate verification
system. This study has also presented a workflow diagram
for successful certificate verification and authentication to
provide the emerging advantages for the exploiters. Addi-
tionally, the multi-signature schema increases data security.
The model recommended for using BC technology without
crypto-currency may be a model. In the future, more options
will be appropriately appended to the proposed architecture
for the graduate in the various stages such as undergraduate,
postgraduate and others. Finally, we will more efficiently
evaluate the performances of our architecture presented in
numerous parameters.
R EFERENCES
[1] S. C. Z. Chen and X. Sun, “Anti-counterfeit authentication system of
printed information based on a logic signing technique.”
[2] A. Ezell, “Diploma mills and counterfeit operations,” College and
University, vol. 94, no. 3, pp. 39–46, 2019.
[3] J. R. Clark, “The perfect resume,” Air medical journal, vol. 36, no. 1,
pp. 13–15, 2017.
465
[4] A. of Certified Fraud Examiners, Report to the nations on occupational
fraud and abuse: 2016 global fraud study. Association of Certified
Fraud Examiners, 2016.
[5] S. Nakamoto, “Bitcoin: A peer-to-peer electronic cash system,”
Manubot, Tech. Rep., 2019.
[6] G. Hileman, “State of blockchain q1 2016: Blockchain funding overtakes
bitcoin,” CoinDesk, New York, NY, May, vol. 11, 2016.
[7] P. Schmidt, “Blockcerts—an open infrastructure for academic credentials
on the blockchain,” MLLearning (24/10/2016), 2016.
[8] J. Chen, S. Yao, Q. Yuan, K. He, S. Ji, and R. Du, “Certchain: Public
and efficient certificate audit based on blockchain for tls connections,”
in IEEE INFOCOM 2018 - IEEE Conference on Computer Communi-
cations, 2018, pp. 2060–2068.
[9] OpenCerts, accessed may 25, 2020. [Online]. Available:
https://opencerts.io/
[10] M. Baldi, F. Chiaraluce, M. Kodra, and L. Spalazzi, “Security analysis
of a blockchain-based protocol for the certification of academic creden-
tials,” arXiv preprint arXiv:1910.04622, 2019.
[11] A. Roehrs, C. A. da Costa, and R. da Rosa Righi, “Omniphr: A
distributed architecture model to integrate personal health records,”
Journal of biomedical informatics, vol. 71, pp. 70–81, 2017.
[12] V. Swati and A. S. Prasad, “Application of blockchain technology
in travel industry,” in 2018 International Conference on Circuits and
Systems in Digital Enterprise Technology (ICCSDET). IEEE, 2018,
pp. 1–5.
[13] A. Rahman, M. J. Islam, F. A. Sunny, and M. K. Nasir, “DistBlockSDN:
A Distributed Secure Blockchain based SDN-IoT Architecture with NFV
Implementation for Smart Cities,” In Progress: International Conference
on Innovation in Engineering and Technology (ICIET), vol. 23, p. 24,
IEEE, 2019.
[14] D. Tse, B. Zhang, Y. Yang, C. Cheng, and H. Mu, “Blockchain appli-
cation in food supply information security,” in 2017 IEEE International
Conference on Industrial Engineering and Engineering Management
(IEEM). IEEE, 2017, pp. 1357–1361.
[15] G.-T. Nguyen and K. Kim, “A survey about consensus algorithms used
in blockchain.” Journal of Information processing systems, vol. 14, no. 1,
2018.
[16] T. Koens and E. Poll, “What blockchain alternative do you need?” in
Data Privacy Management, Cryptocurrencies and Blockchain Technol-
ogy. Springer, 2018, pp. 113–129.
[17] S. T. Aras and V. Kulkarni, “Blockchain and its applications–a detailed
survey,” International Journal of Computer Applications, vol. 180, no. 3,
pp. 29–35, 2017.
[18] D. Dasgupta, J. M. Shrein, and K. D. Gupta, “A survey of blockchain
from security perspective,” Journal of Banking and Financial Technol-
ogy, vol. 3, no. 1, pp. 1–17, 2019.
[19] J.-C. Cheng, N.-Y. Lee, C. Chi, and Y.-H. Chen, “Blockchain and smart
contract for digital certificate,” in 2018 IEEE international conference
on applied system invention (ICASI). IEEE, 2018, pp. 1046–1051.
[20] A. Curmi and F. Inguanez, “Blockchain based certificate verification
platform,” in International Conference on Business Information Systems.
Springer, 2018, pp. 211–216.
[21] O. Ghazali and O. S. Saleh, “A graduation certificate verification model
via utilization of the blockchain technology,” Journal of Telecommuni-
cation, Electronic and Computer Engineering (JTEC), vol. 10, no. 3-2,
pp. 29–34, 2018.
[22] J. Chen, S. Yao, Q. Yuan, K. He, S. Ji, and R. Du, “Certchain: Public
and efficient certificate audit based on blockchain for tls connections,” in
IEEE INFOCOM 2018-IEEE Conference on Computer Communications.
IEEE, 2018, pp. 2060–2068.