Re: [OT] UUIDs and privacy (was Re: Apple Serial Number: Redux)
Re: [OT] UUIDs and privacy (was Re: Apple Serial Number: Redux)
- Subject: Re: [OT] UUIDs and privacy (was Re: Apple Serial Number: Redux)
- From: "Craig S. Cottingham" <email@hidden>
- Date: Tue, 22 Jan 2002 14:20:28 -0600
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tuesday, January 22, 2002, at 12:42 , Douglas Davidson wrote:
The easiest thing to do in this case would be to put the uuid
through a one-way hash function.
Unfortunately, you may lose a lot of your uniqueness when you do
this. The DCE UUID spec
(<
http://www.opengroup.org/onlinepubs/9629399/apdxa.htm>) is
"unique across both space and time, with respect to the space of
all UUIDs", with the caveat:
To be precise, the UUID consists of a finite bit space. Thus
the time value used for constructing a UUID is limited and will
roll over in the future (approximately at A.D. 3400, based on
the specified algorithm).
The size of a UUID is 128 bits. By comparison, although MD5
produces a 128-bit hash, there is (IIRC) a 1-in-2^64 chance that
two arbitrary bitstrings will have the same MD5 hash.
Now, whether an ID space with 2^64 values is too small for your
purposes or not is an entirely different matter. :-)
- --
Craig S. Cottingham
email@hidden
PGP key available from:
<
http://pgp.ai.mit.edu:11371/pks/lookup?op=get&search=0xA2FFBE41>
ID=0xA2FFBE41, fingerprint=6AA8 2E28 2404 8A95 B8FC 7EFC 136F
0CEF A2FF BE41
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (Darwin)
Comment: For info see
http://www.gnupg.org
iD8DBQE8TcmPE28M76L/vkERAgayAJ9yH9DkCI4s1pIdlfVaEMAYiLCdbQCeOIZX
fFKKXsMNaBRA/EdUh5azNFE=
=s++/
-----END PGP SIGNATURE-----