On Fri, 2005-08-26 at 16:21 +0200, F.W.A. van Leeuwen wrote: > > > > The usual defense against this attack is to mix some random information > > into the beginning of the plaintext. > > > > A better defense: use a different key each time. Encrypt the session key > > separately. > > > > And /or start encrypting after the fixed header.
Agreed. Thanks for pointing this out.