Security Overview

How AcadCert protects credentials and keys.

Signing model

Every credential is signed with RSA-4096. This gives you three guarantees:

AuthenticityThe credential came from the institution that claims to have issued it.
IntegrityThe document hasn’t been modified since it was signed. A single changed byte breaks the signature.
Non-repudiationThe institution can’t deny having issued the credential.

RSA-4096 provides ~140 bits of security strength, resistant to current and near-future cryptanalysis.

Key management

Each institution gets its own keypair. Private keys never leave the server unencrypted.

  • Private keys encrypted at rest with AES-256-GCM and a unique salt per institution
  • Decrypted only in memory during signing, never written to disk in plaintext
  • Master encryption key validated on startup — system refuses to run with weak secrets
  • Key rotation supported without invalidating historical credentials (old public keys are preserved)
  • Keys are never exposed to issuers or students

How signing works internally

Issuers don’t touch the keys. The signing flow:

  1. Issuer uploads a PDF and picks a student
  2. System validates the issuer’s authority and the file
  3. Institution’s private key is decrypted in memory
  4. Document is hashed (SHA-256) and signed (RSA-4096)
  5. Key is wiped from memory, signature and metadata stored

A compromised issuer account alone cannot generate valid credentials — the signing keys are never accessible to users.

Four-layer verification

Every verification (on AcadCert or VeriCert) runs four independent checks:

1Cryptographic integrity

Signature matches the document using the correct public key.

2Issuing authority

The institution authorised the issuer at the time of issuance.

3Revocation status

The credential hasn’t been revoked or superseded.

4Timestamp proof

An independent authority confirms when the document was signed.

If any check fails, the credential is flagged as invalid. No partial passes.

Threat model

Compromised issuer accountCan’t sign anything — keys are encrypted and only accessible to the system.
Database breachPrivate keys stay protected by AES-256-GCM. Attacker needs the master key, stored separately.
Document tamperingAny modification breaks the cryptographic signature. Verification fails instantly.
Insider misuseAudit logs track every credential operation with issuer identity and timestamp.
Weak secretsSystem validates all cryptographic secrets on startup and refuses to run with insufficient key strength.

Verification through VeriCert is public and doesn’t require a student account. Employers, institutions, and any third party can check any credential independently.

Privacy policy·Terms of service