How to securely distribute student grades?

7 points by plg ↗ HN
I teach a small University class (~ 20 graduate students). We have been told that it's now against the rules to (a) post grades in a public place (e.g. on a website, on an office door), (b) send students their grades over email, etc. It's all about privacy laws.

So I'm asking HNers: can you think of a relatively low friction way for me to distribute grades to my students securely?

My University does have a web-based course management system where I can enter grades, and each student can log-in using their University credentials to look up grades, etc ... but I truly LOATH the system my University has chosen to use. It's slow, it's ugly, it's error prone, yuck yuck yuck.

I could get each student to generate a public/private key pair using GPG, and send me their public key. Then I can send them an email with their grade encrypted. Advantages: it's secure; it would also teach them how to use GPG which I am all in favour of. Disadvantages: it's clunky for me to send 20 separate emails using 20 separate public keys.

HNers: Is there a way I can send a single email to the entire class, with the entire set of grades encrypted in such a way that each student can only decrypt their email and nobody else's?

27 comments

[ 123 ms ] story [ 1463 ms ] thread
Make an excel doc with one column as the log of their student ID #'s and grade in the next column. Include a line at the top for instructions to take the log of their student ID # to find their grade. Label column headings appropriately
nice idea but it would still violate the rules... student ID numbers are no different than names (so says the university)

I could ask each student to send me a password and I could post a symmetric encryption of their grade using their password ...

Is it a programming/math class? Tell them verbally it's their ID * 2, or something easy like that. You will not be breaking the rules and they can still see their grade. Ex: R589390 => R1178780
yeah it's a question of whether the university would still consider posting these altered IDs as private information... after all each student can still decrypt all IDs by dividing them by 2 (since the same encryption rule applies to all students).

I'm thinking the only way to do this is to have a student-specific password, either symmetric or public/private key pair

Tell the student to MD5-hash a text file with one line that looks like this?

ID9999999LastNameFirstNameWHATSMYGRADE

How about this: you ask every student to send you a password word. You hash these passwords, give them the algorithm and send them a list with the hashes with the grades.
yeah I like that one

if my university were paying attention they would complain that sending me the passwords would be insecure... but I suppose each student could hand me a piece of paper

Have them turn it in on an assignment or write it in the signature box on the scantron
There is no need to hash it. Just ask each student to provide a unique identifier that only the student would recognize, then post the raw grades along with the identifiers.
If you set things up properly, you could be granted 20 public keys and one single boilerplate e-mail containing everybody's grades, with each one encoded in their appropriate key.

Everybody would then attempt to decode each cipher, with only one working for any individual private key.

This isn't all that different from your original posting, except that you now only need to send one unique e-mail.

(For Beavis, who's getting an F because he never showed up to class, you might get in trouble with the administration because a simpleton couldn't decode their grade through this or other sophisticated means.)

Use the website the college has provided. This isn't about your convenience or technical judgement (about a system you don't maintain). It's about the students and the rest of the college.

That said, encrypt the each grade with a key derived from the students ID (which is privileged information) and make a webpage to do the decryption for the students. SHA256 ( ID + Salt ) == Key for symmetric encryption.

--former IT college staffer

I think what I'll do is send a list of all grades listed next to the SHA256 hash of their student IDs

They have access to SHA256 so they can privately find their own student ID hash and then look up their grades

The problem with this is if, for example, only one student got a five (and they know who), from which the others could deduce that students hash.
Not that it would be a good idea otherwise, but this doesn't work: any enterprising student can simply hash all possible student IDs and find who's gotten what grade. (SHA256 is fast.)

Yes yes, use bcrypt etc., but that's overkill; I'll post a simpler solution.

You could generate personal URLs for each student, pointing to whatever site/service you choose (for example Pastebin, with an expiry date), then generate QR codes of those URL:s and hand them out on paper notes.
If it's only 20 students, maybe just ask them to come by your office during office hours. Most of my professors would just post grades in the hallway using student IDs, but a few did it this way. It gives you a chance to connect with the students and give some personal feedback. At the graduate level this can be helpful not only for them, but also for you since these students are people you will likely work with later in industry and academia.

If you are not in your office much, then I would just offer the GPG option. Sending 20 e-mails will not take very long. Out of the 20 students, I bet only half of them get their act together and e-mail you a key, so it's really more like 10 emails that you would need to send.

Think low tech, you don't need or want computer software. In class, ask every student to submit a 'handle' (which can be any identifier they want), and a 'grade offset', which is just a random number in the range of grades (say 0-100 for numeric grades). Then you publish an email/webpage/office door posting with a list of handles and corresponding ((grade - offset) mod 101). Figuring out the range of letter grades is a little harder on specifics, but still straightforward. This also allows students an explicit opportunity to not opt in and arrange other methods instead.
Use the university provided method - students have to deal with it anyway, most likely, so you're not saving them any hassle. And however slow and ugly it is, it's already built and (presumably) works.
I agree with this, as a student at a university that also uses a horrible system. Why add complexity with GPG key encryption or some other convoluted method simply for distributing grades? Just use Blackboard and be done with it in my opinion.
@carlosdp exactly. Blackboard is all that is necessary.
I've had professors do many different things, Blackboard is actual okay for checking your grades as a student though it does suck to put grades in.

Another option is set up a website with a login id (student id or something) and have students submit a pin (4-12 chars) and let them use that to login and see their grades (probably should be ssl).

As for your question I don't see how you could send them encrypted, you could make up random ids for each student and only give that student their id then send grades out corresponding to their random ids but that may still violate privacy issues.

SASE over USPS meets all privacy requirements, allows communications to be tailored for each student and uses a proven technology stack to provide robust and reliable delivery regardless of the student's computing platform or internet bandwidth.
Regardless of if you encrypt it or not, to the school it is still going to be against the rules. You are still sending it to their email, which someone else may have access to. If they have access to the computer they may also have access to encryption keys, etc.

Even though it is terrible I would just stick with the schools system.

Ask them to come up with an simple idea.

- If you don't like it they'll have the least grade possible.

- If they do, use it.

Easy.

Also what kind of rule is that lol? Privacy, really?

The sensible answer is clearly just to use Blackboard or whatever; but if you insist, just make each student write some word or passphrase on whatever they hand in. Then publish a list of word/grade pairs.

(A.k.a. you can't solve this without either a pre-shared secret or public-key cryptography; so get yourself a pre-shared secret.)

(Potential pitfall: no matter how many instructions you add, someone is going to write down his bank password.)