This page is no longer being updated and remains online for informational and historical purposes only. The information is accurate as of the last page update.
For questions about page contents, contact the Communications Division.
As Trustee Scholar Mark Lodato ’06 (Hamilton, N.J.) knows, breaking codes isn’t just for hacking into computers; it’s also for protecting them.
Under the guidance of Ismail Jouny, Dana Professor and head of electrical and computer engineering, Lodato explored the vulnerabilities in computer server codes for his honors thesis to improve security against hackers.
Recently, Lodato won the Delaware Valley Engineers Week Council Student Paper Contest in the junior/senior category for work on his thesis.
The goal of his work is to explore ways to undermine the security of different networks without physically breaking in.
Lodato says he used a “timing attack,” that was published in a journal a few years ago, to find holes in certain networks and fix them in a proactive approach.
“When you go to a web site that begins with https:// and you see a padlock icon, your computer is protecting your data through SSL [Secure Sockets Layer],” Lodato says in his paper. “SSL uses RSA [a public-key encryption technology developed by RSA Data Security, Inc.], which in turn uses a secret piece of information, or a key, that only the server knows. What I am studying is an attack on RSA that would compromise SSL in some cases. Specifically, the attacker makes a series of timing measurements and uses them to deduce the server’s secret key.”
Lodato says that most secure sites are protected from the timing attack that he used. For research purposes however, he used it against a server that didn’t have the protection to see how long it took to determine the RSA key that would allow him to compromise the security.
“For one of the experiments I used a server that was in the same room as the computer I was using,” he says. “I was able to attain the code rather quickly. It took longer for a server that was housed in another building.”
Using Lafayette computers specifically set up for the project, he was allowed to compromise certain systems.
“Lafayette doesn’t offer a course in cryptology,” says Lodato, an electrical and computer engineering major. “But, I was still able to study it here and was able to work closely with Professor Jouny on it. It was a fulfilling experience.”
Jouny praised Lodato not only for his work, but also for his creativity.
“Mark is very skilled in computer networks,” he says. “He also had to solve many problems on his own within his research and should be commended for that.”
Lodato has been awarded the Lawrence J. Conover ’24 Electrical Engineering Prize at Lafayette’s Honors Convocation April 30. It is presented each year to a senior in electrical engineering upon recommendation of the department of electrical and computer engineering.
Lodato served a captain of varsity fencing team, was a member of Institute of Electrical and Electronics Engineers, and a peer tutor.
Honors theses are among several major programs that have made Lafayette a national leader in undergraduate research. The College sends one of the largest contingents to the National Conference on Undergraduate Research each year; 40 students were accepted to present their research at this year’s conference.