diff --git a/Cargo.lock b/Cargo.lock
index 509c51c..2480d7c 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -22,10 +22,10 @@ name = "aucpace"
 version = "0.2.0-pre.0"
 dependencies = [
  "curve25519-dalek",
- "getrandom",
+ "getrandom 0.4.2",
  "password-hash",
  "postcard",
- "rand_core",
+ "rand_core 0.10.0",
  "scrypt",
  "serde",
  "serde-byte-array",
@@ -57,6 +57,21 @@ version = "0.1.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7dfdb4953a096c551ce9ace855a604d702e6e62d77fac690575ae347571717f5"
 
+[[package]]
+name = "bit-set"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "08807e080ed7f9d5433fa9b275196cfc35414f66a0c79d864dc51a0d825231a3"
+dependencies = [
+ "bit-vec",
+]
+
+[[package]]
+name = "bit-vec"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5e764a1d40d510daf35e07be9eb06e75770908c27d411ee6c92109c9840eaaf7"
+
 [[package]]
 name = "bitflags"
 version = "2.10.0"
@@ -154,9 +169,9 @@ checksum = "42a0d26b245348befa0c121944541476763dcc46ede886c88f9d12e1697d27c3"
 dependencies = [
  "cpubits",
  "ctutils",
- "getrandom",
+ "getrandom 0.4.2",
  "num-traits",
- "rand_core",
+ "rand_core 0.10.0",
  "serdect",
 ]
 
@@ -166,9 +181,9 @@ version = "0.2.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "77727bb15fa921304124b128af125e7e3b968275d1b108b379190264f4423710"
 dependencies = [
- "getrandom",
+ "getrandom 0.4.2",
  "hybrid-array",
- "rand_core",
+ "rand_core 0.10.0",
 ]
 
 [[package]]
@@ -191,7 +206,7 @@ dependencies = [
  "curve25519-dalek-derive",
  "digest",
  "fiat-crypto",
- "rand_core",
+ "rand_core 0.10.0",
  "rustc_version",
  "serde",
  "subtle",
@@ -239,18 +254,52 @@ version = "1.0.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "877a4ace8713b0bcf2a4e7eec82529c029f1d0619886d18145fea96c3ffe5c0f"
 
+[[package]]
+name = "errno"
+version = "0.3.14"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "39cab71617ae0d63f51a36d69f866391735b51691dbda63cf6f96d042b63efeb"
+dependencies = [
+ "libc",
+ "windows-sys",
+]
+
+[[package]]
+name = "fastrand"
+version = "2.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "37909eebbb50d72f9059c3b6d82c0463f2ff062c9e95845c43a6c9c0355411be"
+
 [[package]]
 name = "fiat-crypto"
 version = "0.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "64cd1e32ddd350061ae6edb1b082d7c54915b5c672c389143b9a63403a109f24"
 
+[[package]]
+name = "fnv"
+version = "1.0.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1"
+
 [[package]]
 name = "foldhash"
 version = "0.1.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d9c4f5dac5e15c24eb999c26181a6ca40b39fe946cbe4c263c7209467bc83af2"
 
+[[package]]
+name = "getrandom"
+version = "0.3.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "899def5c37c4fd7b2664648c28120ecec138e4d395b459e5ca34f9cce2dd77fd"
+dependencies = [
+ "cfg-if",
+ "libc",
+ "r-efi 5.3.0",
+ "wasip2",
+]
+
 [[package]]
 name = "getrandom"
 version = "0.4.2"
@@ -259,8 +308,8 @@ checksum = "0de51e6874e94e7bf76d726fc5d13ba782deca734ff60d5bb2fb2607c7406555"
 dependencies = [
  "cfg-if",
  "libc",
- "r-efi",
- "rand_core",
+ "r-efi 6.0.0",
+ "rand_core 0.10.0",
  "wasip2",
  "wasip3",
 ]
@@ -393,6 +442,12 @@ version = "0.2.180"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "bcc35a38544a891a5f7c865aca548a982ccb3b8650a5b06d0fd33a10283c56fc"
 
+[[package]]
+name = "linux-raw-sys"
+version = "0.11.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "df1d3c3b53da64cf5760482273a98e575c651a67eec7f77df96b5b642de8f039"
+
 [[package]]
 name = "lock_api"
 version = "0.4.14"
@@ -442,6 +497,12 @@ dependencies = [
  "autocfg",
 ]
 
+[[package]]
+name = "once_cell"
+version = "1.21.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9f7c3e4beb33f85d45ae3e3a1792185706c8e16d043238c593331cc7cd313b50"
+
 [[package]]
 name = "password-hash"
 version = "0.6.0"
@@ -449,7 +510,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "ccbd25f71dd5249dba9ed843d52500c8757a25511560d01a94f4abf56b52a1d5"
 dependencies = [
  "phc",
- "rand_core",
+ "rand_core 0.10.0",
 ]
 
 [[package]]
@@ -470,7 +531,7 @@ checksum = "44dc769b75f93afdddd8c7fa12d685292ddeff1e66f7f0f3a234cf1818afe892"
 dependencies = [
  "base64ct",
  "ctutils",
- "rand_core",
+ "rand_core 0.10.0",
 ]
 
 [[package]]
@@ -486,6 +547,15 @@ dependencies = [
  "serde",
 ]
 
+[[package]]
+name = "ppv-lite86"
+version = "0.2.21"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "85eae3c4ed2f50dcfe72643da4befc30deadb458a9b590d720cde2f2b1e97da9"
+dependencies = [
+ "zerocopy",
+]
+
 [[package]]
 name = "prettyplease"
 version = "0.2.37"
@@ -505,6 +575,31 @@ dependencies = [
  "unicode-ident",
 ]
 
+[[package]]
+name = "proptest"
+version = "1.11.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4b45fcc2344c680f5025fe57779faef368840d0bd1f42f216291f0dc4ace4744"
+dependencies = [
+ "bit-set",
+ "bit-vec",
+ "bitflags",
+ "num-traits",
+ "rand",
+ "rand_chacha",
+ "rand_xorshift",
+ "regex-syntax",
+ "rusty-fork",
+ "tempfile",
+ "unarray",
+]
+
+[[package]]
+name = "quick-error"
+version = "1.2.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a1d01941d82fa2ab50be1e79e6714289dd7cde78eba4c074bc5a4374f650dfe0"
+
 [[package]]
 name = "quote"
 version = "1.0.43"
@@ -514,18 +609,68 @@ dependencies = [
  "proc-macro2",
 ]
 
+[[package]]
+name = "r-efi"
+version = "5.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "69cdb34c158ceb288df11e18b4bd39de994f6657d83847bdffdbd7f346754b0f"
+
 [[package]]
 name = "r-efi"
 version = "6.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f8dcc9c7d52a811697d2151c701e0d08956f92b0e24136cf4cf27b57a6a0d9bf"
 
+[[package]]
+name = "rand"
+version = "0.9.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6db2770f06117d490610c7488547d543617b21bfa07796d7a12f6f1bd53850d1"
+dependencies = [
+ "rand_chacha",
+ "rand_core 0.9.5",
+]
+
+[[package]]
+name = "rand_chacha"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d3022b5f1df60f26e1ffddd6c66e8aa15de382ae63b3a0c1bfc0e4d3e3f325cb"
+dependencies = [
+ "ppv-lite86",
+ "rand_core 0.9.5",
+]
+
+[[package]]
+name = "rand_core"
+version = "0.9.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "76afc826de14238e6e8c374ddcc1fa19e374fd8dd986b0d2af0d02377261d83c"
+dependencies = [
+ "getrandom 0.3.4",
+]
+
 [[package]]
 name = "rand_core"
 version = "0.10.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "0c8d0fd677905edcbeedbf2edb6494d676f0e98d54d5cf9bda0b061cb8fb8aba"
 
+[[package]]
+name = "rand_xorshift"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "513962919efc330f829edb2535844d1b912b0fbe2ca165d613e4e8788bb05a5a"
+dependencies = [
+ "rand_core 0.9.5",
+]
+
+[[package]]
+name = "regex-syntax"
+version = "0.8.10"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "dc897dd8d9e8bd1ed8cdad82b5966c3e0ecae09fb1907d58efaa013543185d0a"
+
 [[package]]
 name = "rustc_version"
 version = "0.4.1"
@@ -535,6 +680,31 @@ dependencies = [
  "semver",
 ]
 
+[[package]]
+name = "rustix"
+version = "1.1.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "146c9e247ccc180c1f61615433868c99f3de3ae256a30a43b49f67c2d9171f34"
+dependencies = [
+ "bitflags",
+ "errno",
+ "libc",
+ "linux-raw-sys",
+ "windows-sys",
+]
+
+[[package]]
+name = "rusty-fork"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cc6bf79ff24e648f6da1f8d1f011e9cac26491b619e6b9280f2b47f1774e6ee2"
+dependencies = [
+ "fnv",
+ "quick-error",
+ "tempfile",
+ "wait-timeout",
+]
+
 [[package]]
 name = "salsa20"
 version = "0.11.0-rc.2"
@@ -660,11 +830,11 @@ version = "0.5.0-pre.0"
 dependencies = [
  "bencher",
  "curve25519-dalek",
- "getrandom",
+ "getrandom 0.4.2",
  "hex",
  "hkdf",
  "num-bigint",
- "rand_core",
+ "rand_core 0.10.0",
  "sha2",
 ]
 
@@ -684,8 +854,8 @@ dependencies = [
  "crypto-bigint",
  "crypto-common",
  "digest",
- "getrandom",
  "hex-literal",
+ "proptest",
  "sha1",
  "sha2",
  "subtle",
@@ -714,6 +884,19 @@ dependencies = [
  "unicode-ident",
 ]
 
+[[package]]
+name = "tempfile"
+version = "3.25.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0136791f7c95b1f6dd99f9cc786b91bb81c3800b639b3478e561ddb7be95e5f1"
+dependencies = [
+ "fastrand",
+ "getrandom 0.4.2",
+ "once_cell",
+ "rustix",
+ "windows-sys",
+]
+
 [[package]]
 name = "thiserror"
 version = "2.0.17"
@@ -740,6 +923,12 @@ version = "1.19.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "562d481066bde0658276a35467c4af00bdc6ee726305698a55b86e61d7ad82bb"
 
+[[package]]
+name = "unarray"
+version = "0.1.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "eaea85b334db583fe3274d12b4cd1880032beab409c0d774be044d4480ab9a94"
+
 [[package]]
 name = "unicode-ident"
 version = "1.0.22"
@@ -752,6 +941,15 @@ version = "0.2.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "ebc1c04c71510c7f702b52b7c350734c9ff1295c464a03335b00bb84fc54f853"
 
+[[package]]
+name = "wait-timeout"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "09ac3b126d3914f9849036f826e054cbabdc8519970b8998ddaf3b5bd3c65f11"
+dependencies = [
+ "libc",
+]
+
 [[package]]
 name = "wasip2"
 version = "1.0.1+wasi-0.2.4"
@@ -804,6 +1002,21 @@ dependencies = [
  "semver",
 ]
 
+[[package]]
+name = "windows-link"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f0805222e57f7521d6a62e36fa9163bc891acd422f971defe97d64e70d0a4fe5"
+
+[[package]]
+name = "windows-sys"
+version = "0.61.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ae137229bcbd6cdf0f7b80a31df61766145077ddf49416a728b02cb3921ff3fc"
+dependencies = [
+ "windows-link",
+]
+
 [[package]]
 name = "wit-bindgen"
 version = "0.46.0"
@@ -898,6 +1111,26 @@ dependencies = [
  "wasmparser",
 ]
 
+[[package]]
+name = "zerocopy"
+version = "0.8.48"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "eed437bf9d6692032087e337407a86f04cd8d6a16a37199ed57949d415bd68e9"
+dependencies = [
+ "zerocopy-derive",
+]
+
+[[package]]
+name = "zerocopy-derive"
+version = "0.8.48"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "70e3cd084b1788766f53af483dd21f93881ff30d7320490ec3ef7526d203bad4"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
 [[package]]
 name = "zeroize"
 version = "1.8.2"
diff --git a/srp/Cargo.toml b/srp/Cargo.toml
index c708f63..8abfe6a 100644
--- a/srp/Cargo.toml
+++ b/srp/Cargo.toml
@@ -23,8 +23,8 @@ digest = "0.11"
 subtle = { version = "2.4", default-features = false }
 
 [dev-dependencies]
-getrandom = { version = "0.4", features = ["sys_rng"] }
 hex-literal = "1"
+proptest = "1.11"
 sha1 = "0.11"
 sha2 = "0.11"
 
diff --git a/srp/tests/srp.rs b/srp/tests/srp.rs
index 3b76291..c912524 100644
--- a/srp/tests/srp.rs
+++ b/srp/tests/srp.rs
@@ -1,55 +1,50 @@
-use getrandom::{
-    SysRng,
-    rand_core::{Rng, UnwrapErr},
-};
+use proptest::prelude::*;
 use sha2::Sha256;
-use srp::{Client, Server, groups::G2048};
+use srp::{Client, Salt, Server, groups::G2048};
 
-fn auth_test_rfc5054(true_pwd: &[u8], auth_pwd: &[u8]) {
-    let mut rng = UnwrapErr(SysRng);
+type EphemeralSecret = [u8; 64];
+
+fn auth_test_rfc5054(
+    true_pwd: &[u8],
+    auth_pwd: &[u8],
+    a: &EphemeralSecret,
+    b: &EphemeralSecret,
+    salt: &Salt,
+) {
     let username = b"alice";
 
     // Client instance creation
     let client = Client::<G2048, Sha256>::new();
 
     // Begin Registration
-
-    let mut salt = [0u8; 16];
-    rng.fill_bytes(&mut salt);
-    let verifier = client.compute_verifier(username, true_pwd, &salt);
+    let verifier = client.compute_verifier(username, true_pwd, salt);
 
     // Client sends username and verifier and salt to the Server for storage
-
     // Registration Ends
 
     // Begin Authentication
-
     // User sends username
 
     // Server instance creation
     let server = Server::<G2048, Sha256>::new();
 
     // Server retrieves verifier, salt and computes a public B value
-    let mut b = [0u8; 64];
-    rng.fill_bytes(&mut b);
-    let (salt, b_pub) = (&salt, server.compute_public_ephemeral(&b, &verifier));
+    let b_pub = server.compute_public_ephemeral(b, &verifier);
 
     // Server sends salt and b_pub to client
 
     // Client computes the public A value and the clientVerifier containing the key, m1, and m2
-    let mut a = [0u8; 64];
-    rng.fill_bytes(&mut a);
     let client_verifier = client
-        .process_reply(&a, username, auth_pwd, salt, &b_pub)
+        .process_reply(a, username, auth_pwd, salt, &b_pub)
         .unwrap();
-    let a_pub = client.compute_public_ephemeral(&a);
+    let a_pub = client.compute_public_ephemeral(a);
     let client_proof = client_verifier.proof();
 
     // Client sends a_pub and client_proof to server (M1)
 
     // Server processes verification data
     let server_verifier = server
-        .process_reply(username, salt, &b, &verifier, &a_pub)
+        .process_reply(username, salt, b, &verifier, &a_pub)
         .unwrap();
     println!("Client verification on server");
     let server_session_key = server_verifier.verify_client(client_proof).unwrap();
@@ -77,50 +72,46 @@ fn auth_test_rfc5054(true_pwd: &[u8], auth_pwd: &[u8]) {
 }
 
 #[allow(deprecated)]
-fn auth_test_legacy(true_pwd: &[u8], auth_pwd: &[u8]) {
-    let mut rng = UnwrapErr(SysRng);
+fn auth_test_legacy(
+    true_pwd: &[u8],
+    auth_pwd: &[u8],
+    a: &EphemeralSecret,
+    b: &EphemeralSecret,
+    salt: &Salt,
+) {
     let username = b"alice";
 
     // Client instance creation
     let client = Client::<G2048, Sha256>::new();
 
     // Begin Registration
-
-    let mut salt = [0u8; 16];
-    rng.fill_bytes(&mut salt);
-    let verifier = client.compute_verifier(username, true_pwd, &salt);
+    let verifier = client.compute_verifier(username, true_pwd, salt);
 
     // Client sends username and verifier and salt to the Server for storage
-
     // Registration Ends
 
     // Begin Authentication
-
     // User sends username
 
     // Server instance creation
     let server = Server::<G2048, Sha256>::new();
 
     // Server retrieves verifier, salt and computes a public B value
-    let mut b = [0u8; 64];
-    rng.fill_bytes(&mut b);
-    let (salt, b_pub) = (&salt, server.compute_public_ephemeral(&b, &verifier));
+    let b_pub = server.compute_public_ephemeral(b, &verifier);
 
     // Server sends salt and b_pub to client
 
     // Client computes the public A value and the clientVerifier containing the key, m1, and m2
-    let mut a = [0u8; 64];
-    rng.fill_bytes(&mut a);
     let client_verifier = client
-        .process_reply_legacy(&a, username, auth_pwd, salt, &b_pub)
+        .process_reply_legacy(a, username, auth_pwd, salt, &b_pub)
         .unwrap();
-    let a_pub = client.compute_public_ephemeral(&a);
+    let a_pub = client.compute_public_ephemeral(a);
     let client_proof = client_verifier.proof();
 
     // Client sends a_pub and client_proof to server (M1)
 
     // Server processes verification data
-    let server_verifier = server.process_reply_legacy(&b, &verifier, &a_pub).unwrap();
+    let server_verifier = server.process_reply_legacy(b, &verifier, &a_pub).unwrap();
     println!("Client verification on server");
     server_verifier.verify_client(client_proof).unwrap();
     let server_proof = server_verifier.proof();
@@ -140,24 +131,42 @@ fn auth_test_legacy(true_pwd: &[u8], auth_pwd: &[u8]) {
     );
 }
 
-#[test]
-fn rfc5054_good_password() {
-    auth_test_rfc5054(b"password", b"password");
-}
-
-#[test]
-#[should_panic]
-fn rfc5054_bad_password() {
-    auth_test_rfc5054(b"password", b"paSsword");
-}
-
-#[test]
-fn legacy_good_password() {
-    auth_test_legacy(b"password", b"password");
-}
-
-#[test]
-#[should_panic]
-fn legacy_bad_password() {
-    auth_test_legacy(b"password", b"paSsword");
+proptest! {
+    #[test]
+    fn rfc5054_good_password(
+        a in any::<EphemeralSecret>(),
+        b in any::<EphemeralSecret>(),
+        salt in any::<Salt>()
+    ) {
+        auth_test_rfc5054(b"password", b"password", &a, &b, &salt);
+    }
+
+    #[test]
+    #[should_panic]
+    fn rfc5054_bad_password(
+        a in any::<EphemeralSecret>(),
+        b in any::<EphemeralSecret>(),
+        salt in any::<Salt>()
+    ) {
+        auth_test_rfc5054(b"password", b"paSsword", &a, &b, &salt);
+    }
+
+    #[test]
+    fn legacy_good_password(
+        a in any::<EphemeralSecret>(),
+        b in any::<EphemeralSecret>(),
+        salt in any::<Salt>()
+    ) {
+        auth_test_legacy(b"password", b"password", &a, &b, &salt);
+    }
+
+    #[test]
+    #[should_panic]
+    fn legacy_bad_password(
+        a in any::<EphemeralSecret>(),
+        b in any::<EphemeralSecret>(),
+        salt in any::<Salt>()
+    ) {
+        auth_test_legacy(b"password", b"paSsword", &a, &b, &salt);
+    }
 }