That said, I'd recommend using AES256/CBC with the SHA256 of the ECDH shared secret as the key ... instead of going with a homegrown cipher. AES256 is part of JCE so codesize wouldn't be effected and it's a hell of a lot better battle-tested. There isn't a lot to be gained by inventing crypto when you don't need to.

It's not a homegrown cipher.

Claude Shannon proved that such an algo (XOR-based) is 100%

***** secure if the following conditions r met:

1. Each message uses a new key

2. Key is generated by using a hardware random number generator

3. Length of the key is not less than length of the message

XoredData satisfies these conditions coz:

1. A new key is used each time

2. Key is generated by seeding with

SecureRandom, SHA256 applied to the seed several times is still considered random enough

3. Length of the key is not less than length of the message coz SHA256 is irreversible

So, if there r no bugs in the implementation and XoredData indeed satisfies the conditions then it's "more secure" than AES256 et al.

---

***** - it's not ~100%, it's exactly 100%.