Programming Question: Creating GUIDs

by Elsewhere 7 Replies latest jw friends

  • Elsewhere
    Elsewhere

    I am aware that a new GUID can be created in c# using the following code:

    System.Guid _guidID = System.Guid.NewGuid();

    What I am wondering is, what is the underlying algorithm for generating a GUID?

    As I understand, a GUID is described as follows:

    [4 Bytes]-[2 Bytes]-[2 Bytes]-[2 Bytes]-[6 Bytes] (For a total of 128 bits)

    It can be held in a struct such as:

    public struct GUID{ public byte [] FourBytes; public byte [] TwoBytes1; public byte [] TwoBytes2; public byte [] TwoBytes3; public byte [] SixBytes; }
  • drwtsn32
    drwtsn32

    IIRC it is genereated from the system clock and MAC address of your NIC. Since MAC addresses are unique, and you can't generate two GUIDs at exactly the same time, there should be absolutely no way two generated GUIDs would be the same.

    Now...how does it work if you don't have a NIC? Hmm....

  • Euphemism
    Euphemism

    I would assume that it uses the Win32 API function CoCreateGUID. As far as I can tell from googling, CoCreateGUID uses the Open Software Foundation spec found at http://www.opengroup.org/onlinepubs/9629399/apdxa.htm#tagcjh_20

    That spec states that "This UUID specification assumes the availability of an IEEE 802 address", so I'm not sure what Windows does if no MAC address is available.

  • Euphemism
    Euphemism

    More from http://archives.neohapsis.com/archives/sf/www-mobile/2002-q1/0202.html

    If the current machine does not have a network interface card, a statistically unique value is synthesized and CoCreateGuid returns a distinguished HRESULT indicating that the value is only statistically unique globally but is truly uniquewhen used only on the machine.

    That should answer the question of uniqueness.

    If the issue is randomness, it appears that they are generated in a fairly sequential manner, and so they should not be used in an application where randomness is necessary for security purposes (e.g. cryptography).

  • stevenyc
    stevenyc

    What are you using your GUID for? Is it for networking or software identification?

    steve

  • unbeliever
    unbeliever

    Speak in English please. Hardly anyone can speak geek Greek on this board.

  • Elsewhere
    Elsewhere

    I'm using it as part of a Database File Storage system I am writing at work. A GUID is used as the FileID to help ensure security when it comes to retrieving files (very sensitive financial documents). Basically if someone were to browse to the DownloadFile.aspx page it would be much more difficult for them to guess a GUID than a simple Integer.

    Regarding the MAC Address thing... That was changed several years ago by Microsoft after it was determined that stamping data with a MAC Address is a security hole. As an example, this is how the writer of the Melissa worm was caught - the author's computer's MAC address was stamped in the program. [ Doah! ]

    I'm already able to generate GUIDs for my app and everything is working great... I'm just being curious as to how the actual algorithm works.

  • drwtsn32
    drwtsn32

    I'll download the source code for XP from KaZaA and let you know... ;)

Share this

Google+
Pinterest
Reddit