It uses rand() when it needs random numbers for the coefficients of the polynomial. I don't know what kind of security risk that poses, but it really should be using something better. It definitely should. It will be trivially crackable. (Well, trivally after someone writes the program I mean, which is more tedious than difficult). (Next question to determine *how* tedious... what do you do to initialise the random sequence? - oh, never mind, I should look at the code, except it's probably not worth the effort now. Just make sure people only use it for fun and not serious data hiding. Ask on sci.crypt if anyone wants to take a crack at decrypting the exored data, given the source code.) Where can I get Blum-Blum-Shub source or documentation on the algorithm? Can't help on that one, sorry. They don't tell us nasty furriners. g