- All Implemented Interfaces:
public class GUID
- extends java.lang.Object
- implements java.lang.Comparable<GUID>
Globally Unique Identifier.
In the multitude of java GUID generators, I found none that
guaranteed randomness. GUIDs are guaranteed to be globally unique
by using ethernet MACs, IP addresses, time elements, and sequential
numbers. GUIDs are not expected to be random and most often are
easy/possible to guess given a sample from a given generator.
SQL Server, for example generates GUID that are unique but
sequencial within a given instance.
GUIDs can be used as security devices to hide things such as
files within a filesystem where listings are unavailable (e.g. files
that are served up from a Web server with indexing turned off).
This may be desireable in cases where standard authentication is not
appropriate. In this scenario, the RandomGUIDs are used as directories.
Another example is the use of GUIDs for primary keys in a database
where you want to ensure that the keys are secret. Random GUIDs can
then be used in a URL to prevent hackers (or users) from accessing
records by guessing or simply by incrementing sequential numbers.
There are many other possiblities of using GUIDs in the realm of
security and encryption where the element of randomness is important.
This class was written for these purposes but can also be used as a
general purpose GUID generator as well.
RandomGUID generates truly random GUIDs by using the system's
IP address (name/IP), system time in milliseconds (as an integer),
and a very large random number joined together in a single String
that is passed through an MD5 hash. The IP address and system time
make the MD5 seed globally unique and the random number guarantees
that the generated GUIDs will have no discernable pattern and
cannot be guessed given any number of previously generated GUIDs.
It is generally not possible to access the seed information (IP, time,
random number) from the resulting GUIDs as the MD5 hash algorithm
provides one way encryption.
----> Security of RandomGUID: <-----
RandomGUID can be called one of two ways -- with the basic java Random
number generator or a cryptographically strong random generator
(SecureRandom). The choice is offered because the secure random
generator takes about 3.5 times longer to generate its random numbers
and this performance hit may not be worth the added security
especially considering the basic generator is seeded with a
cryptographically strong random seed.
Seeding the basic generator in this way effectively decouples
the random numbers from the time component making it virtually impossible
to predict the random number component even if one had absolute knowledge
of the System time. Thanks to Ashutosh Narhari for the suggestion
of using the static method to prime the basic random generator.
Using the secure random option, this class compies with the statistical
random number generator tests specified in FIPS 140-2, Security
Requirements for Cryptographic Modules, secition 4.9.1.
I converted all the pieces of the seed to a String before handing
it over to the MD5 hash so that you could print it out to make
sure it contains the data you expect to see and to give a nice
warm fuzzy. If you need better performance, you may want to stick
to byte arrays.
I believe that it is important that the algorithm for
generating random GUIDs be open for inspection and modification.
This class is free for all uses.
|Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, notify, notifyAll, wait, wait, wait
public GUID(java.lang.String value)
public GUID(boolean secure)
public java.lang.String value()
public java.lang.String toString()
toString in class
public int hashCode()
hashCode in class
public boolean equals(GUID other)
public int compareTo(GUID other)
- Specified by:
compareTo in interface