Oh, indeed. IMHO is such issue is documented properly, then problem 100% solved. There is nothing to fix. Only documentation is needed.
And it’s already documented that “Syncthing config folder on the same encrypted disk to avoid leaking keys and metadata”. I think it can be considered solved then.
Although I not sure if end user will understand how important metadata is. Also I want to show as example how LUKS care about security: https://manpages.debian.org/stretch/cryptsetup/crypttab.5.en.html - it documents even such minor thing as “Assess the specific security risks carefully before enabling this option. For example, allowing discards on encrypted devices may lead to the leak of information about the ciphertext device (filesystem type, used space etc.)”
Wanted to add. The title that created “Security of hashed file blocks” is misleading to theoretical scenario proposed above. In not understand cryptography thought that Syncthing did something “special” to any given file when it calculated a file “hash” and then stored this “special hash” in a database. Then Syncthing compares a given “special file hash” from the database in AppData/Local or .config by default to decide/ know when a file changes and needs to be synced.
Completely overthought the “hashing” of a given file. Syncthing literally just calculates the SHA256 file hash/ checksum of a given file. The exact same way as doing it manually like:
sha256sum any-given-file
So again the title “security of hashed file blocks” is misleading due to not understanding computers and security (but trying to learn and understand).
Someone getting a copy of a “secret” file hash means pretty much nothing. Even I knew that. Just thought that when Syncthing referred to a file “hash” that Syncthing was doing something “special” with the file “hash” and did not think of it as what it is…which is nothing more than a simple regular SHA256 file hash.
Just to summarize again this thread theoretically discusses using Syncthing on any given machine that do not have physical control of (a datacenter machine, family friend machine, or whatever) to sync an otherwise encrypted device or partition that one sometimes connects to a machine that do not otherwise fully control. In this theoretical situation one can expect the following information to be available to anyone who physically controls the machine:
-file names
-file hashes
-maybe and probably file sizes
-folder structure
-ability to sync data from the folder on one’s encrypted USB drive or partition to any location of choice (even if the encrypted device is removed) until the node is revoked (of course if and only if an active device syncing the folder is online)
As I can understand, there are different levels of security risk discussed above.
The last described in previous post is not relevant to syncthing, because the same occurs any time you connect a crypto support to hardware you don’t control : You have to unlock the crypto support (so a keylogger can record your password, and when it’s open, the system could read and remember or even backup anything that is now available through the open crypto support).
If the keys are copied too, the syncthing device might be duplicated and misused. But exactly like a portable syncthing version on usb stick, or a lost mobile or a stolen laptop, it would be able to keep acting in the syncthing cluster.
So I think, if I have well understood and noneless using crypto support or not, that the best security feature would be to be able to revoke a device, doing this from any one of the others still in the cluster and lock it out (to be sure it won’t be reintroduced automaticaly by another one) to act as fast and as easy as possible. Possibility to destroy distant data on this device would be a plus, but if the “thief” knows what he does, it wouldn’t help so much I presume.
Thanks.
To echo @brunod there is absolutely no Syncthing security issues in this thread. See this as a discussion as understanding what information is put at risk when using Syncthing on a machine that one does not have complete physical control of (even if syncing to one’s own encrypted removable device/ partition) and nothing more.
There is not necessarily anything even wrong with using Syncthing on a machine that one does not control. The important thing when doing so, or in taking any risk for that matter, is a proper understanding. In this case of what information could potentially be seen by anyone with physical control of a machine.