Dear Ben,
That's great news :-) I'm really impressed. Reading your emails about what you have found out abut encryption and how was for me like reading very interesting detective story.
This thought came to me: if SPSS encryption is so poor, maybe we should think about better encryption as additional option (working only on PSPP). It would be an option only for PSPP users, but users of previous versions of SPSS also cannot read encrypted files with encryption designed by SPSS. The difference is (if they have a password) they can always get PSPP, open it and save as non-encrypted file readable for any SPSS version (if they insist on using it ;-) ).