Air-Gap Data Bridge

Offline Optical Transfer

Secure Protocol Initialization

For maximum security, disconnect from WiFi/Bluetooth now. This tool runs 100% locally. No data leaves this browser tab.

The Ultimate Guide to Air-Gapped Security: Optical Data Diodes

In the realm of high-stakes cybersecurity, connectivity is a vulnerability. The only truly secure computer is one that is physically isolated from all networks—a concept known as an Air Gap. But an isolated computer is useless if you cannot transfer data in or out of it.

The Air-Gap Data Bridge solves this paradox. By converting digital files into a unidirectional stream of visual light (QR Codes), it creates an "Optical Data Diode." This ensures data can flow out of your secure device without any possibility of malware flowing in via USB or Radio Frequency.

Why "Visual Transfer" is Superior to USB

Historically, people used USB drives to move data between air-gapped systems. This method is fundamentally flawed. The infamous Stuxnet worm destroyed Iranian nuclear centrifuges by hopping onto an offline system via a tainted USB stick.

  • Physics-Based Security: Malware is code. It cannot "jump" across a gap of air through a camera lens unless the scanning software is specifically exploited (extremely rare).
  • Visual Verification: You can literally "see" the data being transferred. A human can verify the QR content.
  • Zero RF Footprint: No Bluetooth handshake, no WiFi negotiation, no NFC tagging. Just photons hitting a sensor.

1. The Science: Time-Division Multiplexing (Streaming)

A standard QR code (Version 40) can theoretically hold up to 4,296 alphanumeric characters. However, holding up a dense, complex QR code to a shaky camera often results in read errors. To solve this, we use a technique called Chunking.

We split your large file (e.g., a Bitcoin Private Key or a YAML config) into smaller packets of roughly 200-500 characters. We then cycle through these chunks rapidly. The receiver captures them one by one, verifying the header checksums to reconstruct the original file.

The Mathematics of Reliability

QR codes utilize Reed-Solomon Error Correction. This allows the code to be read even if part of it is damaged or obscured by glare. The capacity for error correction depends on the polynomial division of the message $M(x)$ by a generator polynomial $G(x)$.

$$ C(x) = M(x) \cdot x^{n-k} \pmod{G(x)} $$

Where $C(x)$ represents the parity symbols added to the data. This ensures that even if your hand shakes or the screen flickers, the data integrity remains at 100%.

2. Critical Use Cases

Scenario A: The Cold Wallet Signing

You have an old Android phone that has never touched the internet. It generates your Bitcoin Private Keys. When you want to send money:
1. Create transaction on Online PC.
2. Transfer unsigned JSON to Offline Phone via QR.
3. Sign it on Offline Phone.
4. Transfer signed hex back to Online PC via QR.
Result: Your private keys never leave the offline device.

Scenario B: The Server Admin

You need to transfer a 4096-bit SSH Private Key to a server inside a secure facility where USB drives and cell phones are banned.
1. Generate Key on secure laptop outside.
2. Convert to QR Stream.
3. Walk into facility with laptop.
4. Scan via server console webcam.

3. The "Paranoid" Protocol

For state-level security, simply turning off WiFi isn't enough. Follow this strict protocol:

  1. Sanitize the Environment: Ensure there are no security cameras (CCTV) or windows behind you. High-resolution telescope lenses can read screens from miles away ("Visual Eavesdropping").
  2. Faraday Cage: Ideally, perform the transfer inside a Faraday Cage or bag to block any hidden cellular signals.
  3. Screen Brightness: Turn your screen brightness to 100% to maximize the contrast for the scanning camera.
  4. Destroy Clipboard: After the transfer is complete, copy a random string of text (like "cleared") to overwrite your clipboard memory.

Frequently Asked Questions

Does this work with images or PDFs?
Currently, this web version supports Text Data (Base64 strings, JSON, Keys). Binary file support (images/PDFs) requires converting the file to Base64 first, which increases the size by 33%. For large files, we recommend using the tool to transfer encryption keys, and then using physical media for the encrypted blob if absolutely necessary.
Is the data sent to any server?
Absolutely not. The JavaScript used to generate the QR codes (`qrcode.js`) runs entirely inside your browser. You can verify this by loading the page, disconnecting your internet cable, and then using the tool. It will function perfectly offline.
How fast is the transfer speed?
A typical standard camera can reliably scan about 3-5 QR codes per second. With each code holding ~300 bytes of robust data, you can expect transfer speeds of approximately 1-2 KB/s. This is slow compared to WiFi, but infinitely more secure for small, critical secrets.