[ruchir]

I like the idea of mutating both the output and the key. You are using it for a single pass over the length of the data. You could use the final key as input to another round of crypto. Repeating it for a number of rounds would keep it deterministic, but increase the computational load of an attacker and create an even distribution of input to output. Ah, problem could be that decryption would need the final key, not the one you started with, if so it would be good for a 1-time hash. So the key idea for the crypto is the nuking of the part of the key that was just used for the xor. Thing that concerns me is if the attacker has access to your crypto in binary form, he could run it again and again on different inputs (data,key) to infer its structure - you'd want to slow him down.