pub trait CryptoRng: RngCore { }Expand description
A marker trait over RngCore for securely unpredictable RNGs
This marker trait indicates that the implementing generator is intended, when correctly seeded and protected from side-channel attacks such as a leaking of state, to be a cryptographically secure generator. This trait is provided as a tool to aid review of cryptographic code, but does not by itself guarantee suitability for cryptographic applications.
Implementors of CryptoRng automatically implement the TryCryptoRng
trait.
Implementors of CryptoRng should only implement Default if the
default() instances are themselves secure generators: for example if the
implementing type is a stateless interface over a secure external generator
(like OsRng) or if the default() instance uses a strong, fresh seed.
Formally, a CSPRNG (Cryptographically Secure Pseudo-Random Number Generator) should satisfy an additional property over other generators: assuming that the generator has been appropriately seeded and has unknown state, then given the first k bits of an algorithm’s output sequence, it should not be possible using polynomial-time algorithms to predict the next bit with probability significantly greater than 50%.
An optional property of CSPRNGs is backtracking resistance: if the CSPRNG’s
state is revealed, it will not be computationally-feasible to reconstruct
prior output values. This property is not required by CryptoRng.