Friday, June 1, 2012

Stanford Free Crypto Class - Review

The free online cryptography course I attended this April was taught by Stanford professor Dan Boneh. Its infrastructure and organization are provided by coursera company.

The course was everything I expect from an university course. It explains both the theory and its practical consequences. It shows how ciphers work, how to use them, what are their limitations and why they have been designed the way they have been designed.

It also shows typical mistakes in cipher design and implementation. Attacks are demonstrated on real protocols and systems and much more convincing than standard "Bob changes love letter" scenarios.

The most important thing we learned is that a secure cipher has an exact definition and how to use that definition to prove a cipher security. We learned also that cipher security definitions have their limits and that one can securely use a cipher only if he understands its limits.

Two Parts

The course is divided into two parts and only first one was available. The first part gradually builds symmetric ciphers until they are as secure as currently possible. It also contains an introduction into key exchange protocols and asymmetric cryptography.

The second part will contain more about protocols, privacy and electronic signatures. It should be released in fall.

Prerequisites

The course is mostly self contained. Passive knowledge of high school level probability and discreet math is helpful, but not necessary. A motivated high school student with interest in math should be able to pass the course without problems.

However, the cryptography is based on math and the course contains a lot of theory. The course would be very challenging for those who do not like learning math. It is much easier for those who studied math, physics, computer science or other related field.

Of course, if you plan to do also programming assignments, you should have basic understanding of some programming language.

Weekly Demands

The part one had 6 weeks. A set of lectures and homework have been released each week. The lecture is a 2-3 hours long video split into 10-20 minutes long segments. The total running time is usually closer to 3 hours. Subtitles and slide show are available too.

The lecturer assumes that you have the pause and rewind buttons available. He does not make pauses for note taking or thinking, so watching 1 hour log video may easily take more than 1.5 hour.

The stoppable videos turned out to be surprisingly superior over life lectures. I could could stop for quizzes, thinking or whenever I lost concentration and need a break. I could watch the same segment multiple times. As a result, I remembered and understood all their content after I finished with them.

The theoretical part of the homework is mandatory while programming assignments are optional. Each theoretical homework has 9-15 questions and is doable within 2-3 hours. With one notable exception, the programming assignment are doable within 0.5-4 hours.

Note: those are only estimates. I did not measured how much time it really took.

Discussion Forum and IRC

The IRC channel and discussion forum were good enough replacement for normal face to face communication. Both have been active right after lectures release and right before the deadline. They were dead silent in between.

The course staff and the professor participated in discussion forums. They answered more difficult or interesting questions, provided additional learning materials and so on.

I found joining the IRC channel worth the time it took. It provided additional motivation to do and learn more than required by the course. Some people used advanced algorithms to solve assigned problems, so I learned about those algorithms. Others wrote faster solutions then mine was, so I had motivation to spend additional time to optimize my solution.

Complains and Requests

Complains and requests on discussion forums have been taken seriously by the lecturer and the staff. They listened, answered and more importantly have been willing to change certain things.

For example, programming assignments have been mandatory when the course started. As this was not known up front and the first week assignment was very time consuming, the people complained. Programming assignments are now optional.

Organizational Problems

Apparently the work required to put together course like this was bigger than expected. The course was supposed to start in January. It was postponed without promised date and then postponed again. Just when I gave up on it, the course started.

The lecture of week 4 came after week and half, week 5 took also week and half and the last one took two and half weeks. While the first week and half space helped me to get some breathing space during the Easter, the last two and half weeks long gap was too much.

I guess this is going to be less of a problem in next releases. The videos, subtitles and whatever else are already done. Updating them should be less work and easier to predict then having to create an entirely new set.

There was very little communication about those delays. I would prefer to be told about the delay as soon as possible.

Beyond the Course

The course provided enough inspiration to get me occupied for the next year. It also referenced a lot of articles about topics related to cryptography.

Basically, I can come back to it any time I'm bored and immediately find something to do.

Conclusion

I would recommend the course for anyone who has interest in cryptography and enough time to complete it. There is nothing to lose and a lot to gain.

If nothing else, completing the course is a great brain exercise.

1 comments:

inanme said...

Thanks a lot!. i have just signed up.

Post a Comment