In AES-CTR, a key, a nonce and a counter are all encrypted to produce a value that is then XORed with a plaintext to produce the ciphertext.
Let's say we were to make a hash out of the key, the nonce and the counter instead of using the AES algorithm, and then XOR our plaintext with the hash to make a ciphertext.
Would something like this have security (or other kind of) flaws? What are those?
