How Hardware Gets Hacked: Authenticated Exchanges
Nathan J
nathancharlesjonesEmbedded devices routinely accept commands over UART, SPI, CAN, Bluetooth, and IP networks, often without authenticating who sent them. This workshop explores how those assumptions fail in practice.
Participants will examine real-world authentication failures, including replay attacks, message tampering, and impersonation, using simple embedded communication examples. We will then incrementally improve these designs using message authentication codes (MACs) to provide integrity, authenticity, and freshness.
The workshop emphasizes practical design patterns rather than cryptographic theory, focusing on what embedded developers need to know to avoid common security mistakes. Attendees will leave with concrete techniques they can apply to their own systems, even on resource-constrained microcontrollers.
About the Workshop Leader
Nathan Jones is an embedded systems engineer and educator focused on understanding how low-level systems behave and how they fail. His work explores the boundary between hardware and firmware, including debugging, firmware development, and practical embedded security considerations. He is a frequent contributor to DigiKey and EmbeddedRelated, where he writes on topics including microcontroller architecture, debugging techniques, and practical embedded system design.
Nathan has spoken at the Embedded Online Conference, Hackaday Superconference, the Embedded Systems Summit, JawnCon, and Teardown. He lives in Tennessee with his wife, two children, and one black cat.