I was looking for Boxcryptor's white paper and found this blog post but no link to the paper - https://www.boxcryptor.com/en/blog/post/boxcryptor-security-white-paper/
There used to be an email form on that page that would send you a link. It looks to have been removed 7th December this year. I wonder why that might be.
because BC relies on insecure architecture making it fairly easy to decrypt your files using the PW that is sent to BC with every login. . I hope they are making updates to this huge hole!
but so far no reply from BC team...