Course evaluation 2024

[dbosk]

• Only minor things in the course evaluation. Only 7/52 answered (13.5%), at the time. [Edit: That turned out to be the final count as well.]

From the kursnämnd:

Good things

• Good assignments, fun.
• Cryptanalysis was fun.
• AES was good to get hands-on experience.
• Cryptopals is fun ans useful.
• Optional assignments are good.
• Good to not have to do everything.
• Douglas did good work motivating why this is needed. Why needed in real world.
• Interactive lecture on BankID etc was good to showcase how to do it. It's a good example of what should be done, so should keep it.
• Good with guest lectures, particularly Martin/Must.
• Good with hybrid lectures, helpful for some of the students who really needed it (don't live in Stockholm).

Improvements

• Grading should better reflect ILOs. Very easy to get an A or a B.
• If you get B in another assignment you get an A in the course.
• Much harder to get an A in cryptopals.
• Must have better guidelines for the TAs, should also discuss how deep knowledge of algorithm we expect.
• INL1Quiz wasn't that good for assement, difficult, some questions were a bit confusing. Particularly for a multiple-choice questions. Confusing even after having attended all the lectures. What should we evaluate and why? What do we expect the students to know from the lectures?
• One option is to make it more formative. Break it up and have it related to the lectures.
• Should have feedback for the students for wrong answers on INL1Quiz.
• INL1Oral was different depending on the examiner. Should be more consistent.
• Seminars were positive, but a bit out of place compared to the rest of the course. Somewhat crypto-realted, somewhat soft skills related. Some questions the cards asked weren't related. (VSD seminar.)
• Lecture slides should be posted before the lectures. Students annotate on the slides during the lectures.
• E-voting lecture was good, but should be more related to the course. More cryptosystems. (Perhaps add another seminar just after it that focus on the crypto systems.)
• Hard to understand the the grading criteria page on Canvas.
• (From year before) The seminars: Don't know what they're supposed to learn. Don't know what they had learned.

To work on

• [ ] #75

This will affect the grading rubrics for the assignments, which should be synced with the TAs. This would also contribute to clarifying why the students should have the seminars.

• [ ] #76

Maybe make it of more formative nature, with one part after each lecture. That includes adding feedback to the questions so that the students can learn, and know what they need to learn more.

• [ ] #77

For instance, turns out that we don't cover protocol design to a great enough extent. In essence, we teach small pieces here and there, but the students are left to piece it together mostly on their own. We should do that part better.

• [ ] #79
• [ ] #78

But otherwise the theory of that is probably better suited for the Foundations of Crypto course.

[dbosk]

From the LEQ:

• Workload: Most on 12-14 hours/week. The extremes at 3-5 and 36-38. Should be 20 hours/week.

• Rather good learning experience. Couldn't see difference between genders (too few women filled the survey). The international students had lower on fair assessment.

Best aspects of the course

"You could chose 2/4 optional assignments to get a better grade, so you could chose the ones you're most interested in."

"I enjoyed the cipher part with Douglas the most."

"Most activities were fun, engaging and challenging (e.g., AES, Cryptanalysis, Cryptopals). It is great that there are optional assignments and that not all of them are required to get an A."

"the ciphertext assignment was superfun and I liked it a lot."

"Deadline flexibility for assignments. Mandatory and optional assignments."

Suggested improvements

"Include more post-quantum crypto."

"It would have been nice to get an introduction to AES. I feel like the part about substitution cyphers could be much more condensed."

"The seminars seemed a bit out of place, even though they are great for group discussions."

"Seminars did not feel appropriate"

"The questions of the INL1Quiz did not correctly assess the knowledge of the students, given they were slightly confusing. It was also not explicit from the beginning what the required grade to pass the quiz would be."

"It also seems to be quite easy to get an A in the course, as just doing the AES presentation gives you a B (instead of an E) and adding another assignment on top can easily bump your grade to A."

"Quiz was too hard"

"The structure was nice, i think that the flipped classroom is a good idea but some mandatory assignment before like the ones on the seminar would've been nice."

"Update slides on Canvas!"

Advice for future students

"Continuous working is key."

"If the grading system remains, just do the AES presentation and the side channels assignment, as those are the quickest ones that will get you an A."

"Cryptopals is fun"

"INL1Written was okay-ish"

[dbosk]

This should be the same as the first comment.

Date: Tue, 16 Apr 2024 14:05:24 +0200 From: Rafael Oliveira rmfseo@datasektionen.se To: dbosk@kth.se, "dog@kth.se" dog@kth.se Cc: Masterrepresentant Cybersäkerhet master-cys@datasektionen.se Subject: TCYSM Feedback on DD2520 Applied Cryptography MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=utf-8

Hej Daniel, Douglas,

As you requested during the meeting today, I am sending this e-mail to provide the feedback I brought up and which should more or less match what we discussed.

Do keep in mind, however, that these are bullet points meant to guide an oral exposition, so they might be too straightforward without making explicit some caveats or nuances or explaining context in full detail.

I am, of course, more than available to answer any questions you may have or to clarify anything you feel is confusing.

Positive Aspects

• Most assignments were very interesting, engaging, challenging, and appropriate for the course contents (e.g., cryptanalysis, implementation of AES, cryptopals)
• An assortment of different optional exercises allows students to choose what they want to focus on, while still allowing for high grades without requiring all of them to be solved
• Douglas was always passionate about the course contents and did his best to motivate why each topic was interesting and relevant in the real world
• Daniel’s interactive “lecture” for designing real-world cryptosystems is a good way to showcase example lines of thought when developing new solutions and epitomizes what the course is about
• Deferring to several guest lectures to teach the topics they are experts in allows for more diverse and specialized knowledge (including the guest lecture from MUST to exemplify real-world critical applications of cryptosystems)
• Some lectures being hybrid was helpful to some students who appreciated the flexibility, especially those who are not from Stockholm

Negative Aspects

• Grading should perhaps be adjusted to better reflect student achievement of intended learning outcomes (e.g., easy to get an A when presenting AES which guarantees a final grade of B and makes it so it is only needed to get a B in another optional assignment to finish with a final grade of A) — specifically, getting an A in the AES presentation did not represent an effort proportional to getting an A in other assignments (such as cryptopals), especially since the AES implementation itself was a mandatory assignment
• INL1Quiz was not well-adjusted for a pass/fail exercise and did not correctly assess student knowledge - not necessarily due to an inherent difficulty, but because some questions were confusing, ambiguous, or allowed for different (valid) lines of reasoning that cannot be adequately conveyed in multiple choice answers (though it was good that the passing grade was lowered from 8/10); moreover, only 2/10 of the questions (Roberto’s) included feedback that allowed students to learn from their mistakes
• INL1Oral was allegedly very different depending on the examiner, with each focusing on different aspects and Sonja being overall more demanding; regardless of which approach is chosen, it should be uniform and consistent for all students
• Although the seminars were positive for constructive group discussion, they felt a bit out of place with regard to the rest of the course
• Lecture slides should be posted prior to the lecture (even if immediately before it starts) so that students can keep up at their own pace and annotate the PDF as note-taking; for some lectures, PDFs from previous years were provided but were not up-to-date so many slides were missing or changed

Suggestions

• Although Douglas’s e-voting lecture is extremely interesting, it should maybe be somewhat more focused on cryptosystems rather than only at the end, so that it aligns better with the course contents
• Perhaps rethink how the seminars fit into the course’s vision, particularly the way they are currently organized
• Re-organize the grading criteria page on Canvas, as it is currently a bit confusing at first glance and makes it harder for new students to understand how they will be evaluated

Thank you again for attending the meeting!

Best regards,

Rafael Oliveira

TCYSM Student Rep, Studienämnden

[dbosk]

Kursanalys DD2520 - Applied Cryptography.pdf