Can someone from boxcryptor team give me detailed info, how exactly encryption in boxcryptor work. As I can understand now, my data is encrypted with some master key which is encrypted with data which is derived from my password and maybe salt. I suppose that this encrypted master key and salt is stored in the file which is sent onto your servers. Am I right by saying that in order to decrypt my data I need only two things, this file (which you may be kept not securely) and the password. Is the answer is yes, so here goes another question - how can I be sure that you will not modify your client to collect users passwords? In that case you would have both required things and would be able to decrypt data easily.