1. Does it provide a confounder? If no, this is easy to work around. 2. Does it provide a MAC? If no, this is more difficult. Since the actual key is never exposed by EVP_SealInit(), no MAC can be performed after the fact. Nathaniel