Long-term credentials like academic titles are increasingly being used in a digital format. Often, paper diplomas, secured by special paper and seals are used as unsecured scans when communicating online. However, forging unsecured scans of paper diplomas is easy and an increasing problem. A range of different approaches are being discussed in scientific literature and are also partially available on the market. These approaches to secure long-term credentials by cryptographic means offer different strengths and weaknesses regarding a range of requirements like authenticity and usability.
However, revocable long-term credentials like university diplomas face a specific challenge: Credentials remain valid even when the institution ceases to exist. Therefore, credentials need to be verifiable even when the institution no longer exists, but they also need to be revocable by the issuing institution in case of error or plagiarism. At the same time, data protection laws provide the credential holders with the right to be forgotten. How can a credential be verifiable independently from the institution and at the same time revocable? How can it be ensured that the revocation notice cannot get lost when the institution might cease to exist? At the same time, access to the credential and possibly its revocation notice needs to be limited.
In the first part, this thesis evaluates existing open and proprietary approaches ranging from qualified electronic signatures and e-apostilles to verified credentials for self-sovereign identities.
The second part discusses and defines a set of requirements for a framework that meet the requirements of revocable long-term credentials. A design proposes a framework based on a combination of qualified electronic seals, a smart contract on a blockchain and an online server. A prototype is being built according to that specification.
Finally, the chosen approach is evaluated by presenting and discussing it at several conferences at government hearings, standards organizations, and academic institutions. A range of questions occurred in that context and are discussed in the third part of this study.
It is concluded that decentralized ledger technology can be a useful tool to verify long-term credentials that remain valid even when the issuing institution does not exist anymore. Determining who should have access to the revocation information depends on the specific use-case and the retroactive effect of revocations. The legitimate interest of those who should be informed about a revocation needs to be balanced with the right to be forgotten by the credential holder of the revoked credential that is no longer used. Smart contracts on a blockchain can model a good balance here, provide the revocation information where justified and hide it in other cases. Self-sovereign identity (SSI) could – in theory – support some rights of the credential holder further. A credential holder could prove a credential without disclosing her name, for example. However, SSI wallets have less usability and are not widely used yet. Particularly they do not yet ensure reliable identification of the credential holder without the disclosure of the name of the credential holder.
The proposed solution is an open solution that can be adopted by many issuing institutions by sharing a smart contract and can provide the possibility of cross-verification of credentials with a minimal decentralized governance structure as being found, for example, at the Bloxberg academic blockchain.