The ChaCha random number generators.

These are native Rust implementations of RNGs derived from theChaCha stream ciphers by D J Bernstein.

§Generators

This crate provides 8-, 12- and 20-round variants of generators via a “core”implementation (ofBlockRngCore), each with an associated “RNG” type(implementingRngCore).

These generators are all deterministic and portable (seeReproducibilityin the book), with testing against reference vectors.

§Cryptographic (secure) usage

Where secure unpredictable generators are required, it is suggested to useChaCha12Rng orChaCha20Rng and to seed viaSeedableRng::from_os_rng.

See also theSecurity chapter in the rand book. The crate is provided“as is”, without any form of guarantee, and without a security audit.

§Seeding (construction)

Generators implement theSeedableRng trait. Any method may be used,but note thatseed_from_u64 is not suitable for usage where security isimportant. Some suggestions:

1. With a fresh seed,direct from the OS (implies a syscall):

   letrng = ChaCha12Rng::from_os_rng();

2. From a master generator. This could berand::rng(effectively a fresh seed without the need for a syscall on each usage)or a deterministic generator such asChaCha20Rng.Beware that should a weak master generator be used, correlations may bedetectable between the outputs of its child generators.
   ⓘ

   letrng = ChaCha12Rng::from_rng(&mutrand::rng());

See alsoSeeding RNGs in the book.

§Generation

Generators implementRngCore, whose methods may be used directly togenerate unbounded integer or byte values.

userand_core::{SeedableRng, RngCore};userand_chacha::ChaCha12Rng;letmutrng = ChaCha12Rng::from_seed(Default::default());letx = rng.next_u64();assert_eq!(x,0x53f955076a9af49b);

It is often more convenient to use therand::Rng trait, which providesfurther functionality. See also theRandom Values chapter in the book.