The threat of tapping
This is the 4th year project page for Jesse Pool, and Hubert Sugeng. At the time of writing we were both 4th year undergraduate students in Systems and Computer Engineering (SCE). We have since graduated and more info can be found on the about us page.
This project is devoted to demonstrating a weakness in public key encryption to an active sniffer in the form of a man-in-the-middle style attack, which essentially "taps" the connection of a machine and allows the attacker to view the contents of future encrypted sessions.
This project is now complete. One of the goals of the project was to develop working man-in-the-middle software to demonstrate that this threat is real. This goal has been accomplished. The man-in-the-middle software binaries and source code can be found on the final report's supplementary CD. As well, further topics were discussed on the possibilities of countering and/or detecting this type of attack. Our findings can be read in the final report.
For this project, we are working under XPerts @ SCE which is headed by Professor Pearce at Carleton University in Ottawa, Ontario, Canada.