thanatos74 wrote:
...Furthermore I hope, that there is a typo in
And about your request of having an option for users to input/import their own AES key we are not considering this option and will announce once they are available.
I think this should mean "...we are
now considering this option..."????
It seems to be a typo - see Andys post in:
http://forum.qnap.com/viewtopic.php?f=1 ... =10#p63341
QNAPAndy wrote:
Yes, we are now considering adding this option for users to input their own AES256 key themselves. Details will be anounced once they are available.
But what "considering adding" really means in practical terms is still a question.
Also note my suggestion:
peris wrote:
Looking forward to a "bring your own AES key" option.
You also might consider having an option to get the AES key generated, but omitting the extra key management and thus beeing able to manage luks from the command-line and avoid assurance issues.
This has not yet been answered by QNAP - hopefully they are busy working on a "bring your own AES key" option as suggested.
thanatos74 wrote:
Maybe I'm just lost, but there is still something I can't understand.
As you explain, you are encrypting data between the web interface and the NAS to prevent scanning this communication.
Now, what I cant understand is how someone should scan this communication if not already logged onto the NAS?
If thats the case, we might have a bigger problem than a secure passphrase communication as this person could easily copy/delete all data on the NAS (if I assume that the encrypted filesystem is mounted)
No answer from QNAP yet - while we wait for a QNAP answer I'll give you my 25 cents on the subject (just ignore if not interested):
I think the threat QNAP is adressing is snooping the passphrase on the network when transported between the WEB UI and the NAS by an agressor not able to access/log in to the NAS. (Because - if you already has a trojan in the NAS or an agressor already is logged in to the NAS - as you indicated above - there is not much chance to prevent the agressor/trojan from reading the encrypted disk.) Network topology influenses how big problem network snooping is in practical terms, but cheap switches sometimes broadcast packets on all ports if overloaded/attacked.
The security function "disk encryption" (only) protects an un-mounted disk (for example a stolen NAS that is powered on). However - it is important to protect the "key" and all key management and user interaction handling the key's passphrase (protecting the security function - "encrypting the disk") so the "thief" can't steal the passphrase first (thus the key) and then steal the NAS. (Also important to protect the NAS from letting a agressor getting a bridgehead in it, but that is another topic).
Personally I think QNAP "scrambling" is the wrong way to adress network snooping concerns:
1) Instead - secure all communications with the NAS using standard protocols (HTTPS - easy to trust for users) or only when managing the key/passphrase.
2) The indicated method that QNAP uses seems to be close to "security by obscurity" - the added security depends on the agressor not knowing how it is implemented (a dangerous assumption).
Basically QNAP seems to think (or orginally have thought) that the added protection against network snooping (of the passphrase) by "scrambling" (mandatory added key management) is more important than assurance and ability to use both web interface and command line to handle luks.
I think not.
The security function "encrypting disk (using AES256)" strength of mechanism is somewhat let down by QNAP current handling of the key:
a) (significant problem) a unprotected/or weakly protected (only scrambled) channel from the web-interface is used when managing the key passphrase (much weaker than the rest of the functionality for the disk encryption)
b) ("minor" problem) the stored symmetric key is protected by a asymmetric mechanism. That is weaker than not storing the AES256 on disk but probably OK for business/home use (standard luks) if implemented in a clean way without assurance problems.
c) (big problem) assurance is important (do not comprimise assurance for a small increase in security function). What proof has QNAP that they have not implemented a backdoor even when they say they have not? We must trust their statement on the basis that they are good guys and haven't been forced by possible government mandates to provide a backdoor. See how quickly discussions got started in this thread - when the additional key management and dual slots was discovered.
QNAP now seems to (correctly) have found that - providing a "bring your own AES key" option (as requested) handles both the assurance problem and the strength of mechanism issues.