From: Nick Mathewson Date: Mon, 10 Jun 2013 14:38:12 +0000 (-0400) Subject: Document that arc4random is not a great cryptographic PRNG. X-Git-Tag: release-2.0.22-stable~34 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=6e4969614723a46061d6a98162480de209fd03a0;p=libevent Document that arc4random is not a great cryptographic PRNG. --- diff --git a/include/event2/util.h b/include/event2/util.h index 4b7e8b45..52d58ddc 100644 --- a/include/event2/util.h +++ b/include/event2/util.h @@ -648,9 +648,12 @@ const char *evutil_gai_strerror(int err); /** Generate n bytes of secure pseudorandom data, and store them in buf. * - * By default, Libevent uses an ARC4-based random number generator, seeded - * using the platform's entropy source (/dev/urandom on Unix-like systems; - * CryptGenRandom on Windows). + * Current versions of Libevent use an ARC4-based random number generator, + * seeded using the platform's entropy source (/dev/urandom on Unix-like + * systems; CryptGenRandom on Windows). This is not actually as secure as it + * should be: ARC4 is a pretty lousy cipher, and the current implementation + * provides only rudimentary prediction- and backtracking-resistance. Don't + * use this for serious cryptographic applications. */ void evutil_secure_rng_get_bytes(void *buf, size_t n);