Physical security is where abstract cryptography becomes very concrete. In the ChipWhisperer labs, I worked on SPA against VerifyPin, DPA against AES, glitching experiments, and countermeasure validation.
The interesting part was not just running the notebooks. It was learning what a leakage model feels like when the traces are noisy, how timing and trigger choices affect the result, and why “the algorithm is secure” does not mean “this implementation is safe.”
For the AES DPA work, the goal was to recover secret material from power traces. For the VerifyPin work, the goal was to observe and exploit implementation behavior, then reason about hardening. The labs made the link between software, hardware, and attacker patience very real.
This is the project I would discuss for roles involving embedded security, hardware security, TPM/FPGA topics, side-channel analysis, or fault injection.