From 6e4969614723a46061d6a98162480de209fd03a0 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Mon, 10 Jun 2013 10:38:12 -0400 Subject: [PATCH] Document that arc4random is not a great cryptographic PRNG. --- include/event2/util.h | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/include/event2/util.h b/include/event2/util.h index 4b7e8b45..52d58ddc 100644 --- a/include/event2/util.h +++ b/include/event2/util.h @@ -648,9 +648,12 @@ const char *evutil_gai_strerror(int err); /** Generate n bytes of secure pseudorandom data, and store them in buf. * - * By default, Libevent uses an ARC4-based random number generator, seeded - * using the platform's entropy source (/dev/urandom on Unix-like systems; - * CryptGenRandom on Windows). + * Current versions of Libevent use an ARC4-based random number generator, + * seeded using the platform's entropy source (/dev/urandom on Unix-like + * systems; CryptGenRandom on Windows). This is not actually as secure as it + * should be: ARC4 is a pretty lousy cipher, and the current implementation + * provides only rudimentary prediction- and backtracking-resistance. Don't + * use this for serious cryptographic applications. */ void evutil_secure_rng_get_bytes(void *buf, size_t n); -- 2.40.0