Paranoia secure UUID generation

I need to generate many unique identifier on a distributed system.

  • In paranoia mode, I wan't to be sure to :
  • never have collision
  • prevent the determination of the computer's location used to generate the identifier (Mac adresse and date time)
  • I think generate UUID.

  • If I use UUID1 (based on MAC address, timestamp, etc...) :

  • I'm sure to never have collision
  • It's possible to find the location
  • If I use UUID4 (based on random generator) :

  • It's possible to have collision (The chance of a collision is really, really, really small, but exist ! )
  • I'm sure it's not possible to dermine the location (date and computer)
  • Do you have a solution to satisfy both constraints ?


    May be we can combine UUID1 with a "static permutation" function determine by a "secret" key? The function must be bijective.

    inspired by : http://code.activestate.com/recipes/126037-getting-nth-permutation-of-a-sequence/

    def getPerm(seq, index):
        "Returns the <index>th permutation of <seq>"
        seqc= list(seq[:])
        seqn= [seqc.pop()]
        divider= 2 # divider is meant to be len(seqn)+1, just a bit faster
        while seqc:
            index, new_index= index//divider, index%divider
            seqn.insert(new_index, seqc.pop())
            divider+= 1
        return "".join(seqn)
    
    
    secret=123456**123456 # a big secret integer
    
    secure_id=getPerm("af5f2a30-aa9e-11e7-abc4-cec278b6b50a",secret)
    # "1-a-faa4cba8c5b0ae372a72-ec-1fb9560e" ==> Same character, just change order
    
    secure_id=getPerm("aaaaaaa0-bbbb-cccc-xxxx-yyyyyyyyyy0y",secret)
    # "c-b-axaxxybyyyx0ybacyaya-cy-caybay0y" ==> Same secret => Same permutation  (check position of caracter '0' and '-')
    

    We can improve the permutation "obfuscation" by preserving the position of '-' caracter


    May be we can be simply encode the UUID, using Base64 to easy transfert/store the ID. Encode is also a bijective function.

    import base64
    
    def encode(string,key):
        encoded_chars = []
        for i in xrange(len(string)):
            key_c = key[i % len(key)]
            encoded_c = chr((256 + ord(string[i]) + ord(key_c)) % 256)
            encoded_chars.append(encoded_c)
        encoded_string = "".join(encoded_chars)
        return base64.urlsafe_b64encode(encoded_string)
    
    def decode(encoded_string,key):
        decoded_chars = []
        string=base64.urlsafe_b64decode(encoded_string)
        for i in xrange(len(string)):
            key_c = key[i % len(key)]
            decoded_c = chr((256 + ord(string[i]) - ord(key_c)) % 256)
            decoded_chars.append(decoded_c)
        encoded_string = "".join(decoded_chars)
        return "".join(decoded_chars)
    
    secure_id=encode("af5f2a30-aa9e-11e7-abc4-cec278b6b50a","secret")
    # "1MuY2JfVppWQ08at2JKUo8qroMbF1Zmh1srGpJys1ZvFp5XV"
    
    uuid=decode(secure_id,"secret")
    # "af5f2a30-aa9e-11e7-abc4-cec278b6b50a"
    

    By this way, I'have always the secret probleme.

    (note : we don't need decode function)

    链接地址: http://www.djcxy.com/p/91484.html

    上一篇: Guid唯一性在不同的机器上

    下一篇: 偏执狂安全的UUID生成