Right, so you encrypt locally, upload to Dropbox, pass the link to your friend, and they decrypt locally. Still not seeing why you'd opt to trust this doohickey.
I always found DropBox a pain, you have to email them the link, which is a bit more effort than saying going to a short URL and typing in a password. So I could see this being somewhat useful :)
If you've invented the most convenient file transfer tool on the whole Internet, you've buried the lede here; forget about the encryption, and get your Dropbox-competitor funded.
If you haven't, well, people should use that other service instead of this one.
Either way: I'm still totally unclear on why anyone would allow a server to encrypt files for them. I don't even reach the question of whether it's possible to do it securely, because it seems like such a weird thing to want.