IIRC for DoS stuff it uses a not cryptographically secure (but fast) RNG.
Discussion
Interesting, thanks!
Do you know when a RNG was first introduced?
Well for the wallet at day 1. Bucketing peers was introduced a few years later I think to deal with eclipse attacks. With the removal of openssl a few years ago a more clear distinction was made between cryptographically secure vs fast random data.
Here's some current stuff: https://github.com/bitcoin/bitcoin/blob/master/src/random.h
Yes, that's why I used the term “secure” rather than “cryptographic”. RNG requirements for DoS resistance are somewhere in between. Many otherwise perfectly acceptable RNGs are too easily predicted for this application, as their internal state is too small. OTOH you don't need quite as high requirements as a cryptographic RNG