Course evaluation tilkry26

[dbosk]

Things that didn't work as intended

• More work than anticipated to develop the parts I took over from Douglas.
• Nuking the Canvas pages just before course start wasn't particularly helpful either ...
• Both of the above delayed the publication of some assignments: Cryptanalysis and INL1Quiz parts.
• IT introducing MFA requirement delayed results into LADOK.

Results

91 registered (including reregistered, 80 without):

• 24.5% missing results (in LADOK).
• Grade distribution: 31% A, 12% B, 0% C, 2% D, 29% E, 23% not done (in Canvas).

LAB1

In terms of impopularity:

tilkry26 LAB1 missing submissions:
     75 Optional: Secure multi-party computation (C, B, A)
     65 Optional: Cryptopals (C, B, A)
     56 Optional: Side channels (C, B, A)
     20 Mandatory: AES presentation
     17 Mandatory: Cryptanalysis of Ciphertexts
     15 Mandatory: Implement AES (Kattis Problem)
      9 MANDATORY Lab (20, 26/2): Introduction to ProVerif  (Karl and Jesper)  ON CAMPUS
      6 MANDATORY Seminar (4, 5/2): Impact considerations around crypto systems (Sonja)  ON CAMPUS
      4 MANDATORY Seminar (29, 30/1): usability (Sonja)  ON CAMPUS

Nothing else worth noting here, worked fine.

INL1

Only 62% has P on this module:

tilkry26 INL1 grades:
     30 F
     57 P


tilkry26 INL1 Fs:
      2 INL1Quiz Non-Cryptographic Attacks
      3 INL1Quiz Randomness
      3 INL1Quiz Secure Multi-Party Computation
      4 INL1Quiz Asymmetric Cryptography
      4 INL1Quiz Hash functions
      5 INL1Quiz Zero-Knowledge Proofs
      9 INL1Quiz Ciphers


tilkry26 INL1 missing submissions:
     26 INL1Quiz Secure Multi-Party Computation
     24 INL1Quiz Non-Cryptographic Attacks
     23 INL1Quiz Randomness
     21 INL1Quiz Zero-Knowledge Proofs
     19 INL1Oral
     18 INL1Quiz Asymmetric Cryptography
     16 INL1Written Peer Review
     15 INL1Written Final
     10 INL1Quiz Hash functions
      7 INL1Quiz Ciphers

I should revise the difficulty of some of the questions and how they relate to the lecture contents. Some students require too many attempts, although for the majority of the students it's fine (up to 4 attempts):

tilkry26 INL1 INL1Quiz Asymmetric Cryptography:
     26 student(s) needed  1 attempt(s)
     26 student(s) needed  2 attempt(s)
      9 student(s) needed  3 attempt(s)
      4 student(s) needed  4 attempt(s)
      2 student(s) needed  5 attempt(s)
      3 student(s) needed  6 attempt(s)
      1 student(s) needed  7 attempt(s)

tilkry26 INL1 INL1Quiz Ciphers:
      4 student(s) needed  1 attempt(s)
     11 student(s) needed  2 attempt(s)
     11 student(s) needed  3 attempt(s)
      4 student(s) needed  4 attempt(s)
      4 student(s) needed  5 attempt(s)
      7 student(s) needed  6 attempt(s)
      1 student(s) needed  7 attempt(s)
      9 student(s) needed  8 attempt(s)
      2 student(s) needed  9 attempt(s)
      4 student(s) needed  10 attempt(s)
      5 student(s) needed  11 attempt(s)
      1 student(s) needed  13 attempt(s)
      1 student(s) needed  14 attempt(s)
      1 student(s) needed  15 attempt(s)
      2 student(s) needed  19 attempt(s)
      1 student(s) needed  29 attempt(s)
      1 student(s) needed  34 attempt(s)
      2 student(s) needed  37 attempt(s)

tilkry26 INL1 INL1Quiz Hash functions:
      2 student(s) needed  1 attempt(s)
     18 student(s) needed  2 attempt(s)
     14 student(s) needed  3 attempt(s)
     18 student(s) needed  4 attempt(s)
      4 student(s) needed  5 attempt(s)
      4 student(s) needed  6 attempt(s)
      5 student(s) needed  7 attempt(s)
      3 student(s) needed  8 attempt(s)
      1 student(s) needed  10 attempt(s)
      1 student(s) needed  12 attempt(s)
      1 student(s) needed  15 attempt(s)
      1 student(s) needed  18 attempt(s)
      1 student(s) needed  25 attempt(s)

tilkry26 INL1 INL1Quiz Non-Cryptographic Attacks:
     24 student(s) needed  1 attempt(s)
     26 student(s) needed  2 attempt(s)
      9 student(s) needed  3 attempt(s)
      4 student(s) needed  4 attempt(s)
      1 student(s) needed  5 attempt(s)
      1 student(s) needed  6 attempt(s)
      1 student(s) needed  7 attempt(s)

tilkry26 INL1 INL1Quiz Randomness:
     27 student(s) needed  1 attempt(s)
     26 student(s) needed  2 attempt(s)
      6 student(s) needed  3 attempt(s)
      1 student(s) needed  4 attempt(s)
      4 student(s) needed  5 attempt(s)
      1 student(s) needed  6 attempt(s)
      1 student(s) needed  9 attempt(s)

tilkry26 INL1 INL1Quiz Secure Multi-Party Computation:
     28 student(s) needed  1 attempt(s)
     21 student(s) needed  2 attempt(s)
      8 student(s) needed  3 attempt(s)
      3 student(s) needed  4 attempt(s)
      1 student(s) needed  5 attempt(s)
      1 student(s) needed  6 attempt(s)
      1 student(s) needed  10 attempt(s)

tilkry26 INL1 INL1Quiz Zero-Knowledge Proofs:
     16 student(s) needed  1 attempt(s)
     17 student(s) needed  2 attempt(s)
     10 student(s) needed  3 attempt(s)
     15 student(s) needed  4 attempt(s)
      3 student(s) needed  6 attempt(s)
      2 student(s) needed  7 attempt(s)
      1 student(s) needed  8 attempt(s)
      1 student(s) needed  13 attempt(s)
      1 student(s) needed  31 attempt(s)

Summary of Written Student Feedback in Evaluation

The full evaluation: tilkry26-eval-full.pdf.

What Worked Well

Students consistently praised the practical, hands-on assignments (AES implementation, Cryptopals challenges, ProVerif lab) as engaging and relevant. The flexible deadline structure with soft deadlines and the June lab week was widely appreciated, particularly for students managing thesis work or other courses simultaneously. Hybrid lecture delivery (simultaneous in-person and online via Zoom) was positively received. The clear grade requirements tied to specific assignments and the inclusive classroom atmosphere (reflected in Q5 mean of 4.7) were also highlighted.

What Can Be Developed

The dominant complaint was poor course organization, specifically:

• Canvas page described as messy, contradictory, and difficult to navigate
• Assignments and quizzes released late or without announcements
• Grading criteria were confusing and unclear — multiple students explicitly stated they did not understand how the final grade was calculated
• Administrative failures (late booking announcements for lab presentations, erroneous peer review assignments)

Additional concerns included quiz quality (questions felt misaligned with lectures), seminar relevance to cryptography, and large lab groups causing long waiting times.

Notable Contradictions

One clear contradiction emerges: students praised the clear grade requirements (Q9), while simultaneously several others complained the grading formula was incomprehensible (Q10). This likely reflects different student experiences with the Canvas organization rather than a genuine disagreement about the grading system itself, suggesting the information existed but was poorly communicated or hard to locate.

Future development

My current ideas for improving the course:

• To connect the seminars better to the content, have them early and have lab assignments that require their integration. Also try to reconnect to those topics in some of the more applied lectures.
• Remove older grading criteria #112
• Add reflection assignments after each lecture, add peer review and discuss ambiguities at the start of the next lecture. (There are many challenges with this.)
• Review how to distribute lab time slots. Someone wrote "Smaller groups, labs was mostly waiting. Almost no time for help or present. 3 times I had 2+ hours queue."
• Continue work on connecting the parts: "I feel like the content of the course and what you actually do is very decoupled. You essentially don't have to attend the lectures in order to get a good grade and it generally feels very scattered. One day you learn about MPC, another day you learn randomization and LFSR. I still don't really understand most of the techniques used because I never had to."
• Lab: implement the digital postbox #110
• Lab: use TLS with mutual authentication #107
• Add concrete lab/material on KDFs #104
• Lab/reading on TLS and Kerberos #103
• Computational hardness #101
• Lab ideas: Randomness #100
• Use block modes #99
• Test prerequisites #96
• Introduce tools and libs along the way #91
• Lab on FHE #90

[dbosk]

From link meeting

Good aspect

• Practical assignments were good.
• Cryptanalysis is easy in theory, but more difficult in practice good.
• Good with several optional assignments. Gave good opportunity to learn more.
• It was good to split the big quiz into several. Some problems with some of the quizzes. Some questions had a lot of options. Not everything could be found in the slides.

Improvements

• Some contradictory Canvas info, mandatory or not mandatory AES presentation.
• Clarify what had to be presented, some assignments didn't.
• Some overlap with the Overview Course in the beginning.
• Sidechannels peer review was cancelled late.
• Difficulty was uneven between the assignments. CryptoPals take a lot more time to get the same contribution towards the grade.
• The seminars fit better in DD2302 seminars.
• Add a test of rerequisites (Test prerequisites #96).