diff --git a/archiver_test.go b/archiver_test.go
index dce0e0b7e..deead2ba1 100644
--- a/archiver_test.go
+++ b/archiver_test.go
@@ -9,8 +9,8 @@ import (
 	"github.com/restic/restic"
 	"github.com/restic/restic/backend"
 	"github.com/restic/restic/chunker"
+	"github.com/restic/restic/crypto"
 	"github.com/restic/restic/pack"
-	"github.com/restic/restic/server"
 	. "github.com/restic/restic/test"
 )
 
@@ -24,7 +24,7 @@ type Rdr interface {
 	io.ReaderAt
 }
 
-func benchmarkChunkEncrypt(b testing.TB, buf, buf2 []byte, rd Rdr, key *server.Key) {
+func benchmarkChunkEncrypt(b testing.TB, buf, buf2 []byte, rd Rdr, key *crypto.Key) {
 	ch := restic.GetChunker("BenchmarkChunkEncrypt")
 	rd.Seek(0, 0)
 	ch.Reset(rd, testPol)
@@ -44,7 +44,7 @@ func benchmarkChunkEncrypt(b testing.TB, buf, buf2 []byte, rd Rdr, key *server.K
 		OK(b, err)
 		Assert(b, uint(n) == chunk.Length, "invalid length: got %d, expected %d", n, chunk.Length)
 
-		_, err = key.Encrypt(buf2, buf)
+		_, err = crypto.Encrypt(key, buf2, buf)
 		OK(b, err)
 	}
 
@@ -72,7 +72,7 @@ func BenchmarkChunkEncrypt(b *testing.B) {
 	restic.FreeChunkBuf("BenchmarkChunkEncrypt", buf2)
 }
 
-func benchmarkChunkEncryptP(b *testing.PB, buf []byte, rd Rdr, key *server.Key) {
+func benchmarkChunkEncryptP(b *testing.PB, buf []byte, rd Rdr, key *crypto.Key) {
 	ch := restic.GetChunker("BenchmarkChunkEncryptP")
 	rd.Seek(0, 0)
 	ch.Reset(rd, testPol)
@@ -86,7 +86,7 @@ func benchmarkChunkEncryptP(b *testing.PB, buf []byte, rd Rdr, key *server.Key)
 		// reduce length of chunkBuf
 		buf = buf[:chunk.Length]
 		io.ReadFull(chunk.Reader(rd), buf)
-		key.Encrypt(buf, buf)
+		crypto.Encrypt(key, buf, buf)
 	}
 
 	restic.FreeChunker("BenchmarkChunkEncryptP", ch)
diff --git a/cmd/restic/cmd_cat.go b/cmd/restic/cmd_cat.go
index b4914645d..8fa54ed27 100644
--- a/cmd/restic/cmd_cat.go
+++ b/cmd/restic/cmd_cat.go
@@ -121,7 +121,7 @@ func (cmd CmdCat) Execute(args []string) error {
 		fmt.Println(string(buf))
 		return nil
 	case "masterkey":
-		buf, err := json.MarshalIndent(s.Key().Master(), "", "  ")
+		buf, err := json.MarshalIndent(s.Key(), "", "  ")
 		if err != nil {
 			return err
 		}
diff --git a/cmd/restic/cmd_key.go b/cmd/restic/cmd_key.go
index 9e87ff247..de58d50cb 100644
--- a/cmd/restic/cmd_key.go
+++ b/cmd/restic/cmd_key.go
@@ -42,7 +42,7 @@ func listKeys(s *server.Server) error {
 		}
 
 		var current string
-		if name == s.Key().Name() {
+		if name == s.KeyName() {
 			current = "*"
 		} else {
 			current = " "
@@ -75,7 +75,7 @@ func addKey(s *server.Server) error {
 }
 
 func deleteKey(s *server.Server, name string) error {
-	if name == s.Key().Name() {
+	if name == s.KeyName() {
 		return errors.New("refusing to remove key currently used to access repository")
 	}
 
@@ -103,7 +103,7 @@ func changePassword(s *server.Server) error {
 	}
 
 	// remove old key
-	err = s.Remove(backend.Key, s.Key().Name())
+	err = s.Remove(backend.Key, s.KeyName())
 	if err != nil {
 		return err
 	}
diff --git a/server/key.go b/server/key.go
index 097ff6051..121235dba 100644
--- a/server/key.go
+++ b/server/key.go
@@ -132,7 +132,7 @@ func LoadKey(s *Server, name string) (*Key, error) {
 }
 
 // AddKey adds a new key to an already existing repository.
-func AddKey(s *Server, password string, template *Key) (*Key, error) {
+func AddKey(s *Server, password string, template *crypto.Key) (*Key, error) {
 	// fill meta data about key
 	newkey := &Key{
 		Created: time.Now(),
@@ -170,7 +170,7 @@ func AddKey(s *Server, password string, template *Key) (*Key, error) {
 		newkey.master = crypto.NewRandomKey()
 	} else {
 		// copy master keys from old key
-		newkey.master = template.master
+		newkey.master = template
 	}
 
 	// encrypt master keys (as json) with user key
diff --git a/server/server.go b/server/server.go
index 22da63083..696dedee7 100644
--- a/server/server.go
+++ b/server/server.go
@@ -14,6 +14,7 @@ import (
 
 	"github.com/restic/restic/backend"
 	"github.com/restic/restic/chunker"
+	"github.com/restic/restic/crypto"
 	"github.com/restic/restic/debug"
 	"github.com/restic/restic/pack"
 )
@@ -27,10 +28,11 @@ type Config struct {
 
 // Server is used to access a repository in a backend.
 type Server struct {
-	be     backend.Backend
-	Config Config
-	key    *Key
-	idx    *Index
+	be      backend.Backend
+	Config  Config
+	key     *crypto.Key
+	keyName string
+	idx     *Index
 
 	pm    sync.Mutex
 	packs []*pack.Packer
@@ -158,7 +160,7 @@ func (s *Server) LoadJSONUnpacked(t backend.Type, id backend.ID, item interface{
 	defer rd.Close()
 
 	// decrypt
-	decryptRd, err := s.key.DecryptFrom(rd)
+	decryptRd, err := crypto.DecryptFrom(s.key, rd)
 	defer decryptRd.Close()
 	if err != nil {
 		return err
@@ -191,7 +193,7 @@ func (s *Server) LoadJSONPack(t pack.BlobType, id backend.ID, item interface{})
 	defer rd.Close()
 
 	// decrypt
-	decryptRd, err := s.key.DecryptFrom(rd)
+	decryptRd, err := crypto.DecryptFrom(s.key, rd)
 	defer decryptRd.Close()
 	if err != nil {
 		return err
@@ -236,7 +238,7 @@ func (s *Server) findPacker(size uint) (*pack.Packer, error) {
 		return nil, err
 	}
 	debug.Log("Server.findPacker", "create new pack %p", blob)
-	return pack.NewPacker(s.key.Master(), blob), nil
+	return pack.NewPacker(s.key, blob), nil
 }
 
 // insertPacker appends p to s.packs.
@@ -382,7 +384,7 @@ func (s *Server) SaveJSONUnpacked(t backend.Type, item interface{}) (backend.ID,
 	hw := backend.NewHashingWriter(blob, sha256.New())
 
 	// encrypt blob
-	ewr := s.key.EncryptTo(hw)
+	ewr := crypto.EncryptTo(s.key, hw)
 
 	enc := json.NewEncoder(ewr)
 	err = enc.Encode(item)
@@ -454,7 +456,7 @@ func (s *Server) SaveIndex() (backend.ID, error) {
 	hw := backend.NewHashingWriter(blob, sha256.New())
 
 	// encrypt blob
-	ewr := s.key.EncryptTo(hw)
+	ewr := crypto.EncryptTo(s.key, hw)
 
 	err = s.idx.Encode(ewr)
 	if err != nil {
@@ -507,7 +509,7 @@ func (s *Server) loadIndex(id string) error {
 	}
 
 	// decrypt
-	decryptRd, err := s.key.DecryptFrom(rd)
+	decryptRd, err := crypto.DecryptFrom(s.key, rd)
 	defer decryptRd.Close()
 	if err != nil {
 		return err
@@ -572,7 +574,8 @@ func (s *Server) SearchKey(password string) error {
 		return err
 	}
 
-	s.key = key
+	s.key = key.Master()
+	s.keyName = key.Name()
 	return s.loadConfig(&s.Config)
 }
 
@@ -592,7 +595,8 @@ func (s *Server) CreateMasterKey(password string) error {
 		return err
 	}
 
-	s.key = key
+	s.key = key.Master()
+	s.keyName = key.Name()
 	return s.createConfig()
 }
 
@@ -601,7 +605,7 @@ func (s *Server) Decrypt(ciphertext []byte) ([]byte, error) {
 		return nil, errors.New("key for server not set")
 	}
 
-	return s.key.Decrypt(nil, ciphertext)
+	return crypto.Decrypt(s.key, nil, ciphertext)
 }
 
 func (s *Server) Encrypt(ciphertext, plaintext []byte) ([]byte, error) {
@@ -609,13 +613,17 @@ func (s *Server) Encrypt(ciphertext, plaintext []byte) ([]byte, error) {
 		return nil, errors.New("key for server not set")
 	}
 
-	return s.key.Encrypt(ciphertext, plaintext)
+	return crypto.Encrypt(s.key, ciphertext, plaintext)
 }
 
-func (s *Server) Key() *Key {
+func (s *Server) Key() *crypto.Key {
 	return s.key
 }
 
+func (s *Server) KeyName() string {
+	return s.keyName
+}
+
 // Count returns the number of blobs of a given type in the backend.
 func (s *Server) Count(t backend.Type) (n uint) {
 	for _ = range s.be.List(t, nil) {