Testing Open Source SDR Labs 20 dB LNA: How 20$ Amplifier boost signal strength

Today, we will be testing the ‘Low Noise RF Amplifier’ designed by OpenSourceSDR Lab.

It is designed to work between 50MHz-6GHz frequencies and provides 20dB of power. Since this amplifier is designed to work double-sided, we will use it for both TX and RX processes. Below you can see, the S21 reference parameters provided to us from the tests made by OpenSourceSDR Lab.

Features of ‘Low Noise RF Amplifier:

• 50MHz-6GHz RF signal strength amplifier with 20dB power gain.
• Wide dynamic interval (+ 20dBm @ 1dBP) and wide operating frequency range.
• Suitable for all kinds of RF transmission circuits to extend the communication distance.
• Perfect for FM broadcasting, remote control receivers, cable TV signal amplifiers, GPS, 2.4G Bluetooth, WIFI receivers, etc.
• A shielded enclosure with anti-reverse protection diodes.

Technical Parameters:

• Working frequency: 50MHz-6GHz (50–6000MHz)
• Amplifier gain: 20dB
• Maximum output power: + 21dBm(100mW) @ 1dB pinch point
• Current: 85mA (5V)
• The voltage of the power source: 5VDC
• System impedance: 50Ω
• Weight: 5g

Photos of the products:

Test Environment:

• City center where there is high signal noise.

Test Products:

• RTL-SDR Blog V3 RTL-SDR RTL2832U DVB-T Tuner
• GREAT SCOTT GADGETS YARD Stick One
• OpenSourceSDR Labs 50Mhz-6GHz Power Amplifier
• 433MHz Car Key
• 2 x RTL-SDR Blog Dipole Antenna Kit
• Small Antenna, 4 Sections, 14cm + 2cm is resonant @ ~445 MHz

Test Softwares:

• GQRX
• URH

Receiver Test (RX) :

In the first phase, we will use an amplifier with RTL-SDR to test signal receiving. Usually, using RTL-SDR only with an antenna causes us to get unexpected results when we are far from the target signal or when there is too much noise in the environment.

For this purpose, we will use an amplifier to strengthen the received signal.

• GQRX Test without Amplifier:

When we test the signal coming out from the car key without an amplifier, the quality of the signal we received is lower and we are influenced by the environmental noises more. So that our signal has been being changed and replay attack may fail.

URH Test without Amplifier:

When we analyze the spectrum with URH, we can realize that signal strength is low. As the distance increases between RTL-SDR and the target, the signal may corrupt.

Amplifier Connection:

• GQRX Test with Amplifier:

When we examine the signal with GQRX, we can approve that signal power has increased.

• URH Test with Amplifier:

To see the difference, we can make a URH spectrum analysis.

When we examine the URH spectrum, we can approve our signal power has been increased.

Transmitter Test (TX):

In the second phase, we are going to test the power amplifier with Yard Stick One. When performing processes like jamming and MITM attacks, our signal needs to be stronger than the target transmitter’s signal.

Usually, transmitter devices are optimized for only one signal frequency so (In this example 433.8MHz) they have high strength. In this example, we need a power amplifier to disable the target signal and to reach the receiver directly from a long distance after copying the signal.

We will jam the signal using Yard Stick One and examine the results.

• GQRX Test without Amplifier:

We will use GQRX to analyze the jamming signal spread from Yard Stick:

When we analyze the signal, we see that the jamming range is quite low. When we send the signal to the target because the signal is stronger than jamming signal, the jamming has failed and the receiver got the signal. We can examine this phase with GQRX:

• GQRX Test with Amplifier:

We will connect the ‘IN’ port of the amplifier to the ‘Yard Stick ONE’ and the ‘OUT’ port to the antenna.

When we examine the jamming process with GQRX, we can approve that we spread stronger signals in wider range.

When we reproduce the target signal, it is being swallowed by the jamming signal and the receiver can’t get the signal. Because the receiver couldn’t receive the signal, the jamming process has completed. We can confirm this phase with GQRX.

Result:

After the signal receiving tests we made with the amplifier, we got stronger and correct signals. As the distance increased, without an amplifier, the tests have failed but with an amplifier, we achieved successful results.

In the transmitting phase, jamming without an amplifier has also failed but with an amplifier, we increased the signal’s strength more than 20dB and we succeeded.

As a result, in real-world applications, we strongly advise you to use an amplifier.

Author:

• Fikret GARİPAY — CyberPath Security Researcher