We introduce the problem of enciphering members of a nite set M where k = jMj is arbitrary (in particular, it need not be a power of two). We want to achieve this goal starting from a block cipher (which requires a message space of size N = 2 n , for some n). We look at a few solutions to this problem, focusing on the case when M = f0; 1; : : : ; k 1g. We see ciphers with arbitrary domains as a useful primitive for making bit-ecient higherlevel protocols. They seem to be particularly useful for password-based authentication protocols.