Blockchain ensuring academic integrity with a degree verification prototype

The first result demonstrates the successful deployment of a hybrid blockchain network composed of multiple dockerized nodes in a VPS environment. Each node operates independently, communicating through port 5000 configured on the blockchain, achieving a P2P network and a distributed blockchain system²⁴. highlighted improvements in scalability, agility and extensibility by developing a cloud network emulation platform with Docker. The use of Docker containers highlights improved performance and efficient approach compared to virtual machines²⁵. Besides²⁶, highlights implementing blockchain in environments that simulate real situations for research, given that real networks are complex. This offers a valuable perspective for our study with blockchain in VPS, emphasizing the need for efficient and flexible tools in virtualized environments. Similarly, by having five restricted nodes for five users or entities and a sixth node dedicated to public queries, a scenario is configured in which, according to²⁷, private blockchains limit access exclusively to authorized nodes, enabling greater control and efficiency; on the other hand, public blockchains, being freely accessible, guarantee transparency, and consequently a hybrid blockchain is formed that integrates both approaches through a strategic combination of security and visibility.

The second result shows the blockchain successfully implemented, and only the indexes, timestamps, block hash and hash of the previous block are observed, but no further data is shown for each block, this is due to maintain the privacy of the other data, but making public the transactions performed over time. This resembles the information provided by stock exchanges, where details such as the time and volume of individual transactions, known as ‘the tape’, are publicly disclosed, although the identity of the parties involved is not disclosed²⁸. In addition, anonymity and privacy on the blockchain is attractive to many IoT applications and services, especially those that need to maintain the confidentiality of identities and privacy^29,30,31 .

In the third result, specific blocks of a blockchain with a predefined structure are shown (Fig. 2). The initial block, known as the “genesis block,” is linked to the next block through the hash of the previous block (Fig. 8). This hash is a unique identifier that is generated from the data of the previous block. The hash of the previous block ensures the integrity of the blockchain. If the content of a block is modified, the hash of the previous block is also modified, making the blockchain inconsistent and invalid³² . Blocks seven and eight (Fig. 9) illustrate the recording and signing of data. In block seven, the ‘record’ section contains specific data, such as a college degree. This application underscores the utility of the blockchain as a distributed database, capable of storing information in an orderly and immutable manner^16,33. On the other hand, the blockchain, noted for its decentralized ledger and robust security, emphasizes non-repudiation as a crucial aspect of its security³⁴. In this context, the methodology implemented in block eight is aligned with the principles mentioned above. It not only allows for establishing a verifiable approval for the records in block seven, but also ensures the precise identification of the participant who makes the signature. Thus, it is guaranteed that the signer is valid and has the required authority, thus strengthening the integrity and trust that are inherent to the blockchain system.

The fourth result demonstrates the scope and effectiveness of a professional title supported by blockchain technology. This title can be verified by scanning an embedded QR code, which adds an additional layer of trust to the information supporting the document. In addition, the added value of this methodology is significant, as it considerably complicates the possibility of falsification of the title, both by internal and external agents to the institution. In addition, trust in professional relationships can be strengthened thanks to the benefits derived from the implementation of blockchain, such as security in data transfer, traceability, standardization of daily procedures, the promotion of a collaborative environment and the reduction of operating costs³⁵. According to³⁶, this technology is key to protecting digital assets, allowing their use without fear of data loss and keeping them up to date at a reduced cost. According to³⁷, tedious credential verification processes highlight the need for an automated system powered by Blockchain technology, which reduces this time from days to seconds and minimizes the administrative burden.

The performance evaluation reflects significant efficiency in the operation of the blockchain system, with acceptable latency times and moderate resource usage. The results particularly highlight the low latency in block replication (0.02 s) and in the Byzantine consensus process (0.12 s), which is crucial for maintaining synchronization between nodes in distributed environments. The times obtained compare favorably with previous research. For example, a study by 36 reports higher latencies in blockchain systems designed for public networks, where consensus processes such as Proof of Work (PoW) can take several seconds or even minutes due to computational complexity. In contrast, the implementation presented here, based on a simplified consensus for private networks, significantly reduces these times. The use of Byzantine consensus in the developed system has proven to be efficient in validating transactions, achieving a time of 0.12 s per operation. According to³⁸, Byzantine fault-tolerant consensus algorithms such as Practical Byzantine Fault Tolerance (PBFT) are ideal for private networks, as they balance efficiency and security by avoiding the computational overhead typical of other mechanisms such as PoW. The system’s resource consumption is low, allowing its implementation in infrastructures with hardware limitations. Compared to public systems based on Ethereum or Bitcoin, which require high CPU and RAM consumption due to intensive mining, this private system offers a scalable and efficient solution. Also³⁹ affirms the importance of efficiently managing resources in private blockchain networks. This is consistent with studies by⁴⁰, which highlight that efficient replication is a key indicator of reliability in distributed blockchain systems. Furthermore, the system’s ability to handle multiple simultaneous transactions and signatures suggests that it is scalable for more complex applications or networks with a larger number of nodes.

Compared with recent schemes, PBAG introduces a privacy-preserving authentication protocol through updated global commitments, achieving efficiency and anonymity in IoV environments⁴¹. ESP2CS uses Ethereum as a middleware to enable secure communications and payments in IoV, standing out for real-time data editability⁴². Although this work is primarily aimed at title management, there are conceptual similarities with the PBAG and ESP2CS approaches, allowing for points of comparison despite the different application contexts. PBAG, designed for IoV environments, focuses on efficient authentication and privacy preservation in vehicular networks using blockchain. On the other hand, ESP2CS leverages Ethereum as middleware in IoT environments, standing out for enabling secure communications and payments, as well as providing real-time data editability. This paper adapts blockchain capabilities, such as smart contracts and authentication schemes, to the realm of securities management, addressing challenges such as traceability, authenticity and information integrity. Although the direct correlations with PBAG and ESP2CS may seem low, the work demonstrates how these technologies can be extended beyond their original applications, developing innovative solutions in a different domain. This underscores the flexibility and versatility of blockchain as a technological tool to solve speciDic problems in diverse contexts.

Proof-of-Learning, for its part, combines incentives based on game theory to encourage honest behavior and ensure collaborative security in decentralized networks⁴³. The proposed model, designed for a private network with a public query node, prioritizes integrity and traceability by employing a mechanism based on the data hash, rather than the block hash. This ensures that data hashes remain confidential, while block hashes remain public to reinforce transparency. Associating an authority’s signature with the full data hash eliminates the dependency on indexes or block hashes, allowing secure queries from the public node without compromising privacy or system reliability. This approach stands out as an efficient and robust solution for academic credential management, leveraging the stability of private networks with the accessibility of a public node.

Security analysis

The design of a blockchain system should not only focus on functionality and performance, but also on ensuring an adequate level of security to prevent vulnerabilities and mitigate potential risks. In this work, key security requirements have been integrated into the design of the scheme, with the objective of ensuring both secure operation and reliability of the proposed services. These aspects are detailed below.

To ensure confidentiality, robust cryptographic algorithms such as AES-256 are used to protect sensitive data and private keys used in authentication and transaction signing. This ensures that only authorized parties can access the information. In addition, encrypted transactions add an additional layer of protection, ensuring that data transmitted within the system is safeguarded from unauthorized access.

Data integrity is another key component of the scheme. For this purpose, cryptographic hash functions such as SHA-256 are used, which are collision resistant and allow any modification to the data to be detected. The system design ensures that each block in the chain includes the hash of the previous block, thus guaranteeing the immutability of the stored information. This mechanism is reinforced by digital signatures that verify that the transactions have not been altered during transmission.

Authentication of network participants is performed by means of a scheme of public and private keys, using technologies such as ECDSA (Elliptic Curve Digital Signature Algorithm). This not only validates the identity of users, but also ensures that only legitimate entities can initiate transactions, minimizing the risk of fraudulent activity in the system.

In terms of availability, the design contemplates measures against denial-of-service (DDoS) attacks. This includes limiting the number of transactions processed per second, as well as implementing prioritization mechanisms based on commission rates. In addition, the system is designed in a distributed manner, replicating nodes to avoid single points of failure that could compromise its operation.

The scheme is also aligned with proactive security best practices. Regular audits and penetration tests are proposed to identify and mitigate vulnerabilities before they can be exploited. Additionally, the system integrates continuous monitoring that detects network anomalies, such as unauthorized transactions or coordinated attack attempts, enabling a rapid response to potential incidents.