> > The usual defense against this attack is to mix some random information > into the beginning of the plaintext. > > A better defense: use a different key each time. Encrypt the session key > separately. >
And /or start encrypting after the fixed header. Best regards, Frank.