Add note about the unsuitabilty of math.random() for crypto.

author Mike Pall <mike>

Sun, 8 Dec 2019 18:01:06 +0000 (19:01 +0100)

committer Mike Pall <mike>

Sun, 8 Dec 2019 18:01:06 +0000 (19:01 +0100)
author Mike Pall <mike>
Sun, 8 Dec 2019 18:01:06 +0000 (19:01 +0100)
committer Mike Pall <mike>
Sun, 8 Dec 2019 18:01:06 +0000 (19:01 +0100)
diff --git a/doc/extensions.html b/doc/extensions.html

index fa412e0e1f3527b7cdec4dc333f3ff1add46861b..9da38359d00d4de67d11078154648184ae96f62b 100644 (file)
--- a/doc/extensions.html
+++ b/doc/extensions.html
@@ -212,6 +212,10 @@ for every call. The result is uniformly distributed between 0.0 and 1.0.
  It's correctly scaled up and rounded for <tt>math.random(n&nbsp;[,m])</tt> to
  preserve uniformity.
  </p>
+<p>
+Important: Neither this nor any other PRNG based on the simplistic
+<tt>math.random()</tt> API is suitable for cryptographic use.
+</p>
  
  <h3 id="io"><tt>io.*</tt> functions handle 64&nbsp;bit file offsets</h3>
  <p>