You might want to look at Hall et al's Reaction Attacks, http://www.counterpane.com/reaction_attacks.html Basically, you take a valid message and tweak it to see where it becomes invalid. Leave the seed value entirely alone, and just add powers of two to one of the integers you send until it toggles and look at the response to see when the ciphertext becomes invalid. A properly constructed protocol can prevent this (see the paper). -- Mike Stay Programmer / Crypto guy AccessData Corp. [EMAIL PROTECTED]