"Noone should invent their own crypto, use OpenSSL" "The next generation awesome random subsystem must be super, super secure, before we change 1 line of code to rely on it" result -> nothing changes. 20 years of stagnancy. If you try to create your own random layer, the crypto forums attack you Reality: - Focusing only on key/IV quality leaves lots of problems unsolved - There are many very different use cases for random data. - There are many problematic calling contexts Imagine if random numbers were as cheap as memset()...