Not sure I understand this. Again, take a look at XML Encryption spec, the IV vector is always send with the message. Aleksey > To be able to leak sensible bits? Something that looks random is a good > material for this purpose. It has been done in the past, it is still done > today, and I'd bet it'll be done again in the future. >