Boost logo

Boost :

From: Sean Parent (sparent_at_[hidden])
Date: 2006-07-03 16:08:38

> Sean Parent wrote:
>>>> ZUIDs <>
>>> Hmm, I guess I would think zuid should be its own little library.
>>> There is
>>> already a GUID in the vault which again might benefit from
>>> collaboration here:
>>> --
>> Interesting - this is not quite a conforming GUID (deviates in many
>> of the same ways that ZUIDs do from the specification but I try to be
>> honest and not call them GUIDs...
>> <>
>> AFAICT the node ID in the boost code is purely dependent on the clock
>> - this makes the entire ID uniqueness of the ID a function of time
>> (making for a fairly high probability of collision). The ZUID code
>> includes machine specific and process specific information in the
>> node generation and has code to synchronize threads to avoid
>> collisions from requesting IDs from separate threads at the same
>> time.
> Most people don't even bother with proper GUIDs nowadays, they just
> generate
> a cryptographic quality random number. The probability of a
> collision is
> "sufficiently low for most practical uses".

For a good cryptographic random number generator it assumes that you
have some high entropy source of data from which you can harvest bits
(a clock will only give you a couple bits of entropy at best).

The problem is a bit simpler for a UUID - as you only need a unique
value as a node ID to base the UUID off of - the node ID could come
from a cryptographic quality random number generator (if you have
one) - the usual source for the node ID is the machine MAC ID but
that leads to privacy issues. Using MD5 and a pool of unique and high
entropy values one can distill a reasonably unique node ID.

Once you have the node ID - it is useful to be able to generate
additional IDs quickly (for example, if you want most objects in your
application to have a persistent and globally unique ID - this is a
good thing). UUIDs provide for that as well - typically generating a
new truly random number will take significant time (assuming you have
an an entropy source).

If you know of a good library for cryptographic quality random
numbers I'm interested - that's the core issue right now for the ZUID
library is ensuring enough entropy for the node ID.


Boost list run by bdawes at, gregod at, cpdaniel at, john at