Technical Documentation - SonarLink v2.0

Deep dive into SonarLink's architecture, security, encryption, and performance

Architecture Overview

SonarLink v2.0 implements a dual-mode secure communication system: secure file transfer and real-time encrypted messaging, both using acoustic transmission as the transport layer.

Core Components

  • Dual Encryption Engine: AES-256-GCM for chat messages, RSA-4096 for asymmetric encryption
  • File Format: FSS1 (File Secure Suite 1) format compatibility
  • Compression Layer: gzip optimization for message throughput
  • Audio Transmission: ggwave library with AUDIBLE_FAST protocol (48kHz)
  • Key Derivation: PBKDF2 with 600,000 iterations for password-based encryption
  • Audit System: Privacy-preserving logging (metadata only, no message content)

Tool Usage & Workflow

SonarLink v2.0 provides a menu-driven interface with these main options:

  1. Send Messages (Chat): Real-time encrypted messages via audio (open or private chat)
  2. Send Files: Choose encryption mode (none/AES-256-GCM/RSA-4096) and transmit
  3. Receive: Listen for incoming transmissions and auto-save messages/files
  4. Decrypt Received Files: Manual decryption step using password or RSA private key
  5. View Audit Logs: Check metadata history of all transmissions
  6. Exit: Close the application

Important: SonarLink operates offline entirely. Files and messages can be transferred between air-gapped systems without compromising security perimeters.

File Processing Pipeline

1. Original File
Raw file data (X bytes)
2. Encryption
FSS1 format with AES-256-GCM or RSA-4096
3. Gzip Compression
~40-60% reduction depending on file type
4. Base64 Encoding
~133% of compressed size
5. Transmission
120-byte chunks via audio

New Features in SonarLink v2.0

What's New

  • Encrypted Messaging: Real-time chat with open and private modes
  • FSS1 Format: Unified encryption format for files and messages
  • Enhanced Encryption: AES-256-GCM with PBKDF2-600k key derivation
  • RSA-4096 Support: Asymmetric encryption for key-based scenarios
  • Token-Based Private Chat: Optional access control for private channels
  • Comprehensive Audit Logging: Privacy-preserving metadata logs
  • Cross-Platform Executables: PyInstaller binaries for Windows, Linux, macOS
  • Improved UI/UX: Emoji-enhanced menus, better error handling
  • Audio Warning Suppression: Enhanced system compatibility across platforms

Encryption & Security

Three Encryption Modes

SonarLink v2.0 offers flexible security options to match your use case:

  • No Encryption: Maximum speed for non-sensitive data
  • AES-256-GCM Symmetric: Fast encryption with password-based key derivation (PBKDF2-600k)
  • RSA-4096 Asymmetric: Public/private key encryption for advanced security scenarios

🔓 No Encryption

  • Fastest transmission speed
  • No password required
  • No authentication
  • Best for: Public data, speed tests
  • Security: None - data transmitted in clear

🔐 AES-256-GCM Encryption

Symmetric Encryption (Recommended)

  • 256-bit key size (military-grade)
  • GCM mode for authenticated encryption
  • PBKDF2 key derivation (600,000 iterations)
  • Unique nonce per transmission
  • Integrated authentication tag
  • FSS1 format compatible
  • Best for: Most use cases, single recipient

🔑 RSA-4096 Encryption

Asymmetric Encryption (Advanced)

  • 4096-bit RSA key pairs
  • No shared password needed
  • Recipient generates key pair
  • Sender encrypts with public key
  • Only private key can decrypt
  • Best for: Multiple recipients, no pre-shared secrets
  • Note: Slower due to key size

📋 Audit & Privacy

Privacy-Preserving Logging

  • Comprehensive metadata logging
  • Never stores message content
  • Timestamp, file size, encryption mode
  • Integrity verification hashes
  • No network traffic logged
  • Local filesystem storage only
  • Enables transparency without compromise

Security Considerations

  • Key Derivation: PBKDF2 with 600,000 iterations protects against brute-force attacks
  • Forward Secrecy: Each transmission uses unique encryption material (nonce/IV)
  • Authentication: GCM mode provides integrated authentication without additional HMAC
  • Air-Gap Safety: No network connectivity means no remote exploitation vectors
  • Password Strength: Use strong passwords (12+ characters) for AES-256-GCM mode

Audio Protocol & Transmission

Technical Specifications

  • Sample Rate: 48,000 Hz
  • Protocol: ggwave AUDIBLE_FAST (Protocol ID: 1)
  • Chunk Size: 4,096 bytes
  • Max Transmission Size: 120 bytes per ggwave packet
  • Volume: 80% (configurable)
  • File Limit: 10 KB recommended maximum for practical transmission times

Transmission Mode Characteristics

File Transfer Mode: One-way transmission from sender to receiver. Receiver must be in "receive" mode.

Chat Mode (Open/Private): Real-time bidirectional communication. Both parties can send and receive immediately.

  • Open Chat: Any device can join the chat channel
  • Private Chat: Token-based access control (optional password protection)
  • Message Limit: Practical messages under 100 bytes recommended for reliability

Performance Metrics

Realistic Expectations

Success Rate: ~40-50% in typical office conditions (varies with environment).

  • Optimal conditions: Silent room, devices <1m apart, quality audio hardware → Higher success
  • Challenging conditions: Background noise, poor hardware, distance >1m → Lower success
  • Best practice: Perform 2-3 transmission attempts and verify integrity immediately

Important: SonarLink prioritizes security and reliability over speed. Files under 10KB transfer reliably; larger files should be split manually.

File Size Encrypted Size After Compression Chunks Est. Time Reliability
1 KB 1,048 bytes ~630 bytes 7 8-10 seconds ✅ Excellent
5 KB 5,168 bytes ~3,100 bytes 35 43-50 seconds ✅ Excellent
10 KB 10,288 bytes ~6,172 bytes 69 1 min 20 sec ✅ Good
20 KB 20,528 bytes ~12,316 bytes 137 2 min 40 sec ✅ Good
50 KB 51,248 bytes ~30,748 bytes 341 6-7 min ⚠️ Okay
100 KB 102,448 bytes ~61,468 bytes 682 12-13 min 🔴 Slow

Chat Message Performance

  • Short messages (<50 bytes): ~5-8 seconds transmission + ~2 second decryption
  • Medium messages (50-100 bytes): ~8-15 seconds transmission
  • Long messages (>100 bytes): Consider splitting into multiple transmissions
  • Open Chat: No password needed, marginally faster
  • Private Chat: Token validation adds minimal overhead

System Requirements

Software Requirements

  • Python: 3.8 or higher
  • Operating Systems:
    • Linux (Ubuntu, Debian, Arch, etc.)
    • macOS 10.14+
    • Windows 10/11
    • Raspberry Pi OS (ARM support)
  • Key Dependencies:
    • ggwave (audio transmission)
    • cryptography (AES-256-GCM, RSA-4096)
    • PyAudio (audio I/O)
    • colorama (optional, UI enhancement)
    • qrcode (optional, QR code generation)

Hardware Requirements

  • Audio Transmission:
    • Working microphone
    • Working speakers or audio output
    • Recommended: External speakers for range >1m
  • General:
    • Minimum 512 MB RAM
    • 200-300 MB disk space (dependencies)
    • CPU: Any modern processor (Raspberry Pi compatible)

Quick Installation

# Clone the repository
git clone https://github.com/marianopeluso/SonarLink.git
cd SonarLink

# Install dependencies
pip install -r requirements.txt

# Run SonarLink v2.0
python sonarlink2_0.py

Space Requirements: Python (~100 MB) + NumPy (~100 MB) + cryptography (~15 MB) + ggwave (~50 MB) = ~300 MB total.

Cross-Platform Executables: Pre-built PyInstaller binaries available on GitHub for Windows, Linux, and macOS.