"Only true end-to-end encryption can be a solution."
I doubt even that. If NAS can't break the encryption, they put a keylogger on your computer and break the encryption that way.
One time pad is a pain in the ass for key management, but it is impossible to break and the NSA may well waste a lot of cycles trying.
Key management here is to keep the keys on your hard drive and do a military grade erase on the blocks you have used.
Sending the key on three memory sticks by different routes and xoring them together seems like it might work. Then fill the sticks several times over with junk files, or if you are really paranoid, burn them. DVDs would work for those without a lot to say.
The question is not about being paranoid, the question is: Are you paranoid enough?