Code:
void encrypt(char* p, unsigned key)
{
srand(key);
while(*p)
{
*p++ ^= rand();
}
}
This is more secure than the first, but not by much. This basic algorithm, with a few variations, is the most common "home grown" encryption algorithm.
The first problem is that the rand() function is not guaranteed to produce random values -- in fact, it is intended to produce pseudorandom values. Although truly random values are quite secure, pseudorandom values contain detectable patterns. Additionally, the seed is only a single unsigned int value. It takes only a minute or two
to try every possible key value, even on a slow computer. The messages could be decoded and the key discovered very easily without even invoking elementary cryptanalysis.
Still another reason to frown on this code is that differences in rand() implementations make it very nonportable. Any other library implementations are likely to be incompativle and fail to properly decrypt another's ciphertext.