What happens with my encrypted files on Synology when it is stolen?

I have a Synology NAS. It has the possibility to encrypt folders. I have enabled it via the web interface. But one of the reasons for actually encrypting these files is that they should be protected even if if someone steals my NAS. I have mounted the drive on the NAS via the web interface.

What happens when the power is cut and the NAS boots again? Is the folder automatically mounted again? Is the key stored in volatile memory, in flash memory or on the hard disk? If it is stored in volatile memory there should be no risk at all.

Compare it to an iPhone. If you enable screen lock, the key is thrown away when activated.


Solution 1:

At least with DSM 4.2, there is an option on the share dialog called "Mount automatically on startup." Make sure this options is unticked and if your NAS is disconnected (and stolen), it requires you to enter the password in the web interface to descrypt.

See http://www.synology.com/support/tutorials_show.php?q_id=455

Solution 2:

What happens with my encrypted files on Synology when it is stolen? The lack of full drive encryption makes Synology solution unsafe (and slow as ecryptfs benchmarks prove). The attacker will simply collect the harddrive and harvest tons of unencrypted data: configuration, metadata, all emails (MailPlus share can NOT be encrypted), and the copies of your documents from the Synology Drive folder. Furthermore, passwords are often stored in plaintext (e.g. MailPlus/@local/GUID/GUID/.SYNOMC/fetch files), which could lead to additional access to online email/groupware resources, potentional identity theft, stalking, credit card fraud etc.

What happens with my encrypted files on Synology when it is stolen and booted again? There's no reason for an adversary to boot if device is aquired physically, to fight the ownership and permissions of the live filesystem and authentification of the operating system. But still, as system loads and starts sharing services, it could leak data to a new network. To postpone mounting of encrypted folders, you keep keys separately from the system: 1) keep keyphrase in brain and avoid key manager 2) use key manager but rellocate keyfiles to the USB flashdrive, which can be plugged in all of the time, as Synology will eject it automatically using '[x] Eject device after boot' checkbox. Furthermore, a special USB flashdrive could be encrypted by a fingerprint (normally i'd add one more layer, and double encrypt but this is possible on workstations with TPM and automatic unlock, not on Synology)