Design and Performance Evaluation of a Hybrid Blockchain Credential Verification Architecture for Universities

Authors

  • Nelson Lungu* Electrical and Electronics Engineering, University of Zambia, Lusaka, Zambia. Author
  • Simon Tembo Electrical and Electronics Engineering, University of Zambia, Lusaka, Zambia. Author
  • Kadonsi Kaziya Psychology, Sociology and Special Education, University of Zambia, Lusaka, Zambia. Author
  • Kamamayo Mulele Mufuzi ZCAS University, Lusaka, Zambia. Author
  • Moonga Shamwiinga Electrical and Electronics Engineering, University of Zambia, Lusaka, Zambia. Author
  • Ngula Walubita Information Communication Technology, Kapasa Makasa University, Chinsali, Zambia. Author

Keywords:

Blockchain, credential verification, learning institutions, social engineering, large language models.

Abstract

Learning institutions are increasingly vulnerable to the theft of sensitive information facilitated by the sophisticated capabilities of Large Language Models (LLM) in social engineering attacks. The LLMs are usually aided by the use of social engineering through pretexting, impersonation, and even document-forgery activities. This research focuses on developing a hybrid Blockchain login information verification system that combines permissioned ledger governance with public rooting to ensure tamper evidence and fast revocation propagation, while keeping credentials off-chain. The system is designed for operational verification in learning institutions. It focuses on low-latency API verification, auditable issuance, and secure private information disclosure. Performance is measured by using queuing-based workload modeling and benchmarking parameters to compare the efficiency and security of centralized verification systems against permissioned-only ledgers. The system uses a hybrid model under baseline and adversarial traffic, modelled on LLM-driven phishing attacks. Results show reduced peak verification latency relative to permissioned-only designs, while preserving stronger integrity than centralised systems. The integration of identity management, effective dispute handling, and robust incident response mechanisms is a proof of concept.

 

References

[1] Yli-Huumo, J., Ko, D., Choi, S., Park, S., & Smolander, K. (2016). Where is current research on blockchain technology?—a systematic review. PloS one, 11(10), e0163477. doi: 10.1371/journal.pone.0163477.

[2] Han, W., Zhu, J., Zhang, C., Zhang, Z., Mei, Y., & Wang, L. (2025). Phish-Master: Leveraging Large Language Models for Advanced Phishing Email Generation and Detection. Applied Sciences, 15(22), 12203. doi: 10.3390/app152212203.

[3] Vishwanath, A., Herath, T., Chen, R., Wang, J., & Rao, H. R. (2011). Why do people get phished? Testing individual differences in phishing vulnerability within an integrated, information processing model. Decision Support Systems, 51(3), 576-586. doi: 10.1016/j.dss.2011.03.002.

[4] Dhamija, R., Tygar, J. D., & Hearst, M. (2006, April). Why phishing works. In Proceedings of the SIGCHI conference on Human Factors in computing systems (pp. 581-590). doi: 10.1145/1124772.1124861.

[5] Lin, T., Capecci, D. E., Ellis, D. M., Rocha, H. A., Dommaraju, S., Oliveira, D. S., & Ebner, N. C. (2019). Susceptibility to spear-phishing emails: Effects of internet user demographics and email content. ACM Transactions on Computer-Human Interaction (TOCHI), 26(5), 1-28. doi: 10.1145/3336141.

[6] Turkanović, M., Hölbl, M., Košič, K., Heričko, M., & Kamišalić, A. (2018). EduCTX: A blockchain-based higher education credit platform. IEEE access, 6, 5112-5127. doi: 10.1109/ACCESS.2018.2789929.

[7] Alammary, A., Alhazmi, S., Almasri, M., & Gillani, S. (2019). Blockchain-based applications in education: A systematic review. Applied Sciences, 9(12), 2400. doi: 10.3390/app9122400.

[8] Thomopoulos, G. A., Lyras, D. P., & Fidas, C. A. (2024). A systematic review and research challenges on phishing cyberattacks from an electroencephalography and gaze-based perspective. Personal and Ubiquitous Computing, 28(3), 449-470. doi: 10.1007/s00779-024-01794-9.

[9] Tornblad, M. K., Jones, K. S., Namin, A. S., & Choi, J. (2021, September). Characteristics that predict phishing susceptibility: a review. In Proceedings of the human factors and ergonomics society annual meeting (Vol. 65, No. 1, pp. 938-942). Sage CA: Los Angeles, CA: SAGE Publications. doi: 10.1177/1071181321651330.

[10] Alsharnouby, M., Alaca, F., & Chiasson, S. (2015). Why phishing still works: User strategies for combating phishing attacks. International Journal of Human-Computer Studies, 82, 69-82. doi: 10.1016/j.ijhcs.2015.05.005.

[11] Zheng, Z., Xie, S., Dai, H., Chen, X., & Wang, H. (2017, June). An overview of blockchain technology: Architecture, consensus, and future trends. In 2017 IEEE international congress on big data (BigData congress) (pp. 557-564). Ieee. doi: 10.1109/BigDataCongress.2017.85.

[12] Androulaki, E., Barger, A., Bortnikov, V., Cachin, C., Christidis, K., De Caro, A., ... & Yellick, J. (2018, April). Hyperledger fabric: a distributed operating system for permissioned blockchains. In Proceedings of the thirteenth EuroSys conference (pp. 1-15). doi: 10.1145/3190508.3190538.

[13] Dinh, T. T. A., Wang, J., Chen, G., Liu, R., Ooi, B. C., & Tan, K. L. (2017, May). Blockbench: A framework for analyzing private blockchains. In Proceedings of the 2017 ACM international conference on management of data (pp. 1085-1100). doi: 10.1145/3035918.3064033.

[14] Han, M., Li, Z., He, J., Wu, D., Xie, Y., & Baba, A. (2018, September). A novel blockchain-based education records verification solution. In Proceedings of the 19th annual SIG conference on information technology education (pp. 178-183). doi: 10.1145/3241815.3241870.

[15] Schardong, F., & Custódio, R. (2022). Self-sovereign identity: a systematic review, mapping and taxonomy. Sensors, 22(15), 5641. doi: 10.3390/s22155641.

[16] Ferdous, M. S., Chowdhury, F., & Alassafi, M. O. (2019). In search of self-sovereign identity leveraging blockchain technology. IEEE access, 7, 103059-103079. doi: 10.1109/ACCESS.2019.2931173.

[17] Yang, X., & Li, W. (2020). A zero-knowledge-proof-based digital identity management scheme in blockchain. Computers & Security, 99, 102050. doi: 10.1016/j.cose.2020.102050.

[18] Xu, J., Xue, K., Tian, H., Hong, J., Wei, D. S., & Hong, P. (2020). An identity management and authentication scheme based on redactable blockchain for mobile networks. IEEE Transactions on Vehicular Technology, 69(6), 6688-6698. doi: 10.1109/TVT.2020.2986041.

[19] Downs, J. S., Holbrook, M. B., & Cranor, L. F. (2006, July). Decision strategies and susceptibility to phishing. In Proceedings of the second symposium on Usable privacy and security (pp. 79-90). doi: 10.1145/1143120.1143131.

[20] Benenson, Z., Gassmann, F., & Landwirth, R. (2017, April). Unpacking spear phishing susceptibility. In International conference on financial cryptography and data security (pp. 610-627). Cham: Springer International Publishing. doi: 10.1007/978-3-319-70278-0_39.

[21] Tariq, A., Haq, H. B., & Ali, S. T. (2022). Cerberus: A blockchain-based accreditation and degree verification system. IEEE Transactions on Computational Social Systems, 10(4), 1503-1514. doi: 10.1109/TCSS.2022.3188453.

[22] Olea, C., Christensen, A., Fazio, L., Cutting, L., Lieb, M., Phelan, J., ... & Tucker, H. (2025, May). Evaluating Phishing Email Efficacy. In Proceedings of the 2025 Computers and People Research Conference (pp. 1-8). doi: 10.1145/3716489.3728437.

[23] Rama Reddy, T., Prasad Reddy, P. V. G. D., Srinivas, R., Raghavendran, C. V., Lalitha, R. V. S., & Annapurna, B. (2021). Proposing a reliable method of securing and verifying the credentials of graduates through blockchain. EURASIP Journal on Information Security, 2021(1), 1-9. doi: 10.1186/s13635-021-00122-5.

[24] Nousias, N., Tsakalidis, G., Michoulis, G., Petridou, S., & Vergidis, K. (2022). A process-aware approach for blockchain-based verification of academic qualifications. Simulation Modelling Practice and Theory, 121, 102642. doi: 10.1016/j.simpat.2022.102642.

[25] Mikroyannidis, A., Third, A., & Domingue, J. (2025). Blockchain-based decentralised micro-accreditation for lifelong learning. Interactive Learning Environments, 33(3), 2201-2215. doi: 10.1080/10494820.2024.2401485.

[26] Miers, I., Garman, C., Green, M., & Rubin, A. D. (2013, May). Zerocoin: Anonymous distributed e-cash from bitcoin. In 2013 IEEE symposium on security and privacy (pp. 397-411). IEEE Computer Society. doi: 10.1109/SP.2013.34.

[27] Hong, S., & Kim, H. (2020). Vaultpoint: A blockchain-based ssi model that complies with oauth 2.0. Electronics, 9(8), 1231. doi: 10.3390/electronics9081231.

[28] Jayatilaka, A., Arachchilage, N. A. G., & Babar, M. A. (2024). Why people still fall for phishing emails: An empirical investigation into how users make email response decisions. arXiv preprint arXiv:2401.13199. doi: 10.14722/usec.2024.23072.

[29] Haber, S., & Stornetta, W. S. (1990, August). How to time-stamp a digital document. In Conference on the Theory and Application of Cryptography (pp. 437-455). Berlin, Heidelberg: Springer Berlin Heidelberg. doi: 10.1007/BF00196791.

[30] Boneh, D., Lynn, B., & Shacham, H. (2001, November). Short signatures from the Weil pairing. In International conference on the theory and application of cryptology and information security (pp. 514-532). Berlin, Heidelberg: Springer Berlin Heidelberg. doi: 10.1007/3-540-45682-1_30.

Downloads

Published

2026-03-09

Issue

Vol. 3 No. 3 (2026)

Section

Articles

How to Cite

Design and Performance Evaluation of a Hybrid Blockchain Credential Verification Architecture for Universities. (2026). World Journal of Multidisciplinary Studies, 3(3), 1-9. https://wasrpublication.com/index.php/wjms/article/view/247