Wavecatcher

Acoustic Cryptanalysis

“Acoustic cryptanalysis is a type of side channel attack that exploits sounds emitted by computers or other devices”

Wavecatcher is a simple PCB that makes use of a MEMS ultrasound microphone, in order to capture audio to around 80kHz, with the goal
of finding interesting ultrasound sources and playing with exfiltrating data from SMPSs etc. via ultrasound.

Finished PCB

The PCB was fabricated and assembled by MacroFab. I especially liked how the website lets you select the parts based on your BoM.

I programmed the firmware using a J-Link and OpenOCD. I found the guide on mcuoneclipse.com very helpful for knowing how to connect the J-Link to my board.

Design

I developed the schematic and PCB using Kicad 5.

I’m very new to PCB design and routing, if anyone has any suggestions for improvements, I’d be interested to hear.

USB re-enumeration

I found when I program the device, then do:

sudo lsusb -vvvv | grep "Virtual COM"

To search for it, it does appear. But strangely the following are there in the lsusb output:

  iManufacturer           1 (error)
  iProduct                2 (error)
  iSerial                 3 (error)

It seems the USB device wasn’t being re-enumerated. To fix that I used code from https://github.com/libopencm3/libopencm3/blob/master/tests/gadget-zero/main-stm32f103-generic.c#L47-L56

Woo! We have audio

By making use of SPI with DMA, I can extract data from the PDM mic and then pass it over USB.

You make use of the processing program to convert the raw PDM data to PCM and then can play it using SoX.

sox -r 44000 -c 1 -b 8 -t raw -e unsigned-integer out.bin 1.wav

Sourcecode and kicad files

https://github.com/anfractuosity/wavecatcher


3 Comments
  • Sinhue
    July 13, 2018 Reply

    It was pretty good, the only recommendations that I would give is that you avoid the angles of 90 ° and very sharp sections because they can generate undesirable electromagnetic noise, but even so the design is quite good and you see that you are going good way

  • elf
    July 13, 2018 Reply

    Signals from USB Data+ and Data- must be near each other and same length….etc etc 🙂

    • admin
      July 13, 2018 Reply

      Yeah that’s a good point, I need to learn how to do line length matching (I think that’s the right term)?.

Leave Comment

Click here to cancel reply

Error Please check your entries!