diff --git a/configure.ac b/configure.ac
index 75e7ca6..ba24d82 100644
--- a/configure.ac
+++ b/configure.ac
@@ -55,6 +55,7 @@ dnl checking fpr dependencies
 PKG_CHECK_MODULES(OPENSSL, [openssl])
 PKG_CHECK_MODULES(LIBTDATA, [libtdata >= 0.2.2])
 PKG_CHECK_MODULES(LIBSEXPR, [libsexpr >= 1.3.1])
+PKG_CHECK_MODULES(LIBSODIUM, [libsodium >= 1.0.15])
 PKG_CHECK_MODULES(LIBNDBUF, [libndbuf])
 
 case $host_os in 
diff --git a/sxt/Makefile.am b/sxt/Makefile.am
index 81ab1ec..0d2b5de 100644
--- a/sxt/Makefile.am
+++ b/sxt/Makefile.am
@@ -21,7 +21,7 @@ libsxt_la_SOURCES = \
 
 libsxt_la_LDFLAGS = 
 
-libsxt_la_LIBADD = -lpthread -lcrypto  $(OPENSSL_LIBS) 
+libsxt_la_LIBADD = -lpthread -lcrypto  $(OPENSSL_LIBS) $(LIBSODIUM_LIBS)
 
 if COND_WIN32
 
diff --git a/sxt/core.c b/sxt/core.c
index 2d5dddd..575b72f 100644
--- a/sxt/core.c
+++ b/sxt/core.c
@@ -44,6 +44,7 @@
 #include <uuid/uuid.h>
 #endif
 
+#include <sodium.h>
 
 #include <openssl/ssl.h>
 #include <openssl/err.h>
@@ -68,6 +69,8 @@ int sxt_init(void)
 
   OpenSSL_add_all_algorithms();
 
+  if(sodium_init() == -1) return SXT_ERROR;
+
   return lcrypt_init_ciphers();
 }
 
@@ -85,14 +88,7 @@ int sxt_reseed(void)
 
 int sxt_get_random(void *data, int len, int pseudo)
 {
-  if(pseudo) return RAND_bytes(data, len);
-  else {
-#if OPENSSL_API_COMPAT < 0x10100000L
-    RAND_pseudo_bytes(data, len);
-#else
-    RAND_bytes(data, len);
-#endif
-  }
+  randombytes_buf(data, (size_t) len);
 
   return 1;
 }
diff --git a/sxt/lcrypt.c b/sxt/lcrypt.c
index c6e919f..fb308e4 100644
--- a/sxt/lcrypt.c
+++ b/sxt/lcrypt.c
@@ -29,6 +29,8 @@
 #include <string.h>
 #include <sys/time.h>
 
+#include <sodium.h>
+
 #include <openssl/aes.h>
 #include <openssl/blowfish.h>
 #include <openssl/rand.h>
@@ -176,10 +178,7 @@ int lcrypt_init_ciphers(void)
 /* misc */
 int lcrypt_reseed(void)
 {
-#ifndef WIN32
-  struct timeval tv;
-  gettimeofday(&tv, NULL);
-  RAND_add(&tv, sizeof(struct timeval), 0.0);
-#endif
+  randombytes_stir();
+
   return SXT_SUCCESS;
 }