diff --git a/crypto/crypto.go b/crypto/crypto.go
index 0e21233cc..418d80f8a 100644
--- a/crypto/crypto.go
+++ b/crypto/crypto.go
@@ -179,6 +179,28 @@ func (m *MACKey) UnmarshalJSON(data []byte) error {
 	return nil
 }
 
+// Valid tests whether the key k is valid (i.e. not zero).
+func (k *MACKey) Valid() bool {
+	nonzeroK := false
+	for i := 0; i < len(k.K); i++ {
+		if k.K[i] != 0 {
+			nonzeroK = true
+		}
+	}
+
+	if !nonzeroK {
+		return false
+	}
+
+	for i := 0; i < len(k.R); i++ {
+		if k.R[i] != 0 {
+			return true
+		}
+	}
+
+	return false
+}
+
 func (k *EncryptionKey) MarshalJSON() ([]byte, error) {
 	return json.Marshal(k[:])
 }
@@ -194,6 +216,17 @@ func (k *EncryptionKey) UnmarshalJSON(data []byte) error {
 	return nil
 }
 
+// Valid tests whether the key k is valid (i.e. not zero).
+func (k *EncryptionKey) Valid() bool {
+	for i := 0; i < len(k); i++ {
+		if k[i] != 0 {
+			return true
+		}
+	}
+
+	return false
+}
+
 // ErrInvalidCiphertext is returned when trying to encrypt into the slice that
 // holds the plaintext.
 var ErrInvalidCiphertext = errors.New("invalid ciphertext, same slice used for plaintext")
@@ -304,3 +337,12 @@ func KDF(N, R, P int, salt []byte, password string) (*Key, error) {
 
 	return derKeys, nil
 }
+
+// Valid tests if the key is valid.
+func (k *Key) Valid() bool {
+	if k.ChunkerPolynomial != 0 && !k.ChunkerPolynomial.Irreducible() {
+		return false
+	}
+
+	return k.Encrypt.Valid() && k.MAC.Valid()
+}
diff --git a/server/key.go b/server/key.go
index f552c1ff2..bcecb7719 100644
--- a/server/key.go
+++ b/server/key.go
@@ -88,13 +88,13 @@ func OpenKey(s *Server, name string, password string) (*Key, error) {
 	}
 	k.name = name
 
-	// test if polynomial is valid and irreducible
-	if k.master.ChunkerPolynomial == 0 {
-		return nil, errors.New("Polynomial for content defined chunking is zero")
+	if !k.Valid() {
+		return nil, errors.New("Invalid key for repository")
 	}
 
-	if !k.master.ChunkerPolynomial.Irreducible() {
-		return nil, errors.New("Polynomial for content defined chunking is invalid")
+	// test if the chunker polynomial is present in the master key
+	if k.master.ChunkerPolynomial == 0 {
+		return nil, errors.New("Polynomial for content defined chunking is zero")
 	}
 
 	debug.Log("OpenKey", "Master keys loaded, polynomial %v", k.master.ChunkerPolynomial)
@@ -279,3 +279,8 @@ func (k *Key) String() string {
 func (k Key) Name() string {
 	return k.name
 }
+
+// Valid tests whether the mac and encryption keys are valid (i.e. not zero)
+func (k *Key) Valid() bool {
+	return k.user.Valid() && k.master.Valid()
+}