diff --git a/zcash_primitives/src/note_encryption.rs b/zcash_primitives/src/note_encryption.rs
index d0a7250..42e1398 100644
--- a/zcash_primitives/src/note_encryption.rs
+++ b/zcash_primitives/src/note_encryption.rs
@@ -5,8 +5,7 @@ use byteorder::{LittleEndian, ReadBytesExt, WriteBytesExt};
 use crypto_api_chachapoly::{ChaCha20Ietf, ChachaPolyIetf};
 use ff::{PrimeField, PrimeFieldRepr};
 use pairing::bls12_381::{Bls12, Fr};
-use rand_core::RngCore;
-use rand_os::OsRng;
+use rand_core::{CryptoRng, RngCore};
 use sapling_crypto::{
     jubjub::{
         edwards,
@@ -135,9 +134,8 @@ impl Memo {
     }
 }
 
-pub fn generate_esk() -> Fs {
+pub fn generate_esk<R: RngCore + CryptoRng>(rng: &mut R) -> Fs {
     // create random 64 byte buffer
-    let mut rng = OsRng;
     let mut buffer = [0u8; 64];
     rng.fill_bytes(&mut buffer);
 
@@ -247,7 +245,7 @@ fn prf_ock(
 /// let note = to.create_note(value, rcv, &JUBJUB).unwrap();
 /// let cmu = note.cm(&JUBJUB);
 ///
-/// let enc = SaplingNoteEncryption::new(ovk, note, to, Memo::default());
+/// let enc = SaplingNoteEncryption::new(ovk, note, to, Memo::default(), &mut rng);
 /// let encCiphertext = enc.encrypt_note_plaintext();
 /// let outCiphertext = enc.encrypt_outgoing_plaintext(&cv.cm(&JUBJUB).into(), &cmu);
 /// ```
@@ -262,13 +260,14 @@ pub struct SaplingNoteEncryption {
 
 impl SaplingNoteEncryption {
     /// Creates a new encryption context for the given note.
-    pub fn new(
+    pub fn new<R: RngCore + CryptoRng>(
         ovk: OutgoingViewingKey,
         note: Note<Bls12>,
         to: PaymentAddress<Bls12>,
         memo: Memo,
+        rng: &mut R,
     ) -> SaplingNoteEncryption {
-        let esk = generate_esk();
+        let esk = generate_esk(rng);
         let epk = note.g_d.mul(esk, &JUBJUB);
 
         SaplingNoteEncryption {
@@ -561,7 +560,7 @@ mod tests {
     use crypto_api_chachapoly::ChachaPolyIetf;
     use ff::{Field, PrimeField, PrimeFieldRepr};
     use pairing::bls12_381::{Bls12, Fr, FrRepr};
-    use rand_core::RngCore;
+    use rand_core::{CryptoRng, RngCore};
     use rand_os::OsRng;
     use sapling_crypto::{
         jubjub::{
@@ -694,7 +693,7 @@ mod tests {
         assert_eq!(Memo::default().to_utf8(), None);
     }
 
-    fn random_enc_ciphertext<R: RngCore>(
+    fn random_enc_ciphertext<R: RngCore + CryptoRng>(
         mut rng: &mut R,
     ) -> (
         OutgoingViewingKey,
@@ -724,7 +723,7 @@ mod tests {
         let cmu = note.cm(&JUBJUB);
 
         let ovk = OutgoingViewingKey([0; 32]);
-        let ne = SaplingNoteEncryption::new(ovk, note, pa, Memo([0; 512]));
+        let ne = SaplingNoteEncryption::new(ovk, note, pa, Memo([0; 512]), rng);
         let epk = ne.epk();
         let enc_ciphertext = ne.encrypt_note_plaintext();
         let out_ciphertext = ne.encrypt_outgoing_plaintext(&cv, &cmu);
@@ -1371,7 +1370,7 @@ mod tests {
             // Test encryption
             //
 
-            let mut ne = SaplingNoteEncryption::new(ovk, note, to, Memo(tv.memo));
+            let mut ne = SaplingNoteEncryption::new(ovk, note, to, Memo(tv.memo), &mut OsRng);
             // Swap in the ephemeral keypair from the test vectors
             ne.esk = esk;
             ne.epk = epk;
diff --git a/zcash_primitives/src/transaction/builder.rs b/zcash_primitives/src/transaction/builder.rs
index 2def3a8..2ea4d0d 100644
--- a/zcash_primitives/src/transaction/builder.rs
+++ b/zcash_primitives/src/transaction/builder.rs
@@ -100,13 +100,19 @@ impl SaplingOutput {
         })
     }
 
-    pub fn build<P: TxProver>(
+    pub fn build<P: TxProver, R: RngCore + CryptoRng>(
         self,
         prover: &P,
         ctx: &mut P::SaplingProvingContext,
+        rng: &mut R,
     ) -> OutputDescription {
-        let encryptor =
-            SaplingNoteEncryption::new(self.ovk, self.note.clone(), self.to.clone(), self.memo);
+        let encryptor = SaplingNoteEncryption::new(
+            self.ovk,
+            self.note.clone(),
+            self.to.clone(),
+            self.memo,
+            rng,
+        );
 
         let (zkproof, cv) = prover.output_proof(
             ctx,
@@ -419,7 +425,7 @@ impl Builder {
                 // Record the post-randomized output location
                 tx_metadata.output_indices[pos] = i;
 
-                output.build(&prover, &mut ctx)
+                output.build(&prover, &mut ctx, &mut self.rng)
             } else {
                 // This is a dummy output
                 let (dummy_to, dummy_note) = {
@@ -457,7 +463,7 @@ impl Builder {
                     )
                 };
 
-                let esk = generate_esk();
+                let esk = generate_esk(&mut self.rng);
                 let epk = dummy_note.g_d.mul(esk, &JUBJUB);
 
                 let (zkproof, cv) =