If your shared key is significantly larger then the plain text and the key is sufficiently random than using the key as a rotating shared key is non trivial or nearly impossible to break.

http://en.wikipedia.org/wiki/One_time_pad is a similar choice which you may want to look at, the advantage for these is that they require little processing power to compute.

It's not that simple, unfortunately. If you re-use the key, then you lose that security (the hacker can simply think of a large number of messages as a single large message with a key shorter than the message, at which point you're back where you started); and if you don't re-use the key, you have the problem of getting the new key to the client device securely.

Hi Porculus - apologies for replying to such an old thread...

A few years I invented a home-grown encryption for a application I wrote, and used a scheme like you describe. Following your comment, I am concerned about the security of my encryption (which is still in use).

I am XOR'ing the plaintext against a shared secret "random" key, where the key is approx 50 thousand bytes (compared to a typical plaintext length of 10-500 bytes). The XOR starting position within the key is "random" for each encryption/call (and is then embedded within the encrypted data so the decryption algorithm can find it). The encryption program code and plaintexts are guaranteed to be private, and only the encrypted data is ever made public.

Can you briefly explain to me how an attacker would break this?

Many thanks for your help.

Can you briefly explain to me how an attacker would break this?

Pretty much the same way you would break rot 13 or any other substitution cipher, easily

Cryptanalysis should do the trick.