Transaction GUIDs [Was: Writing a Sharp Zaurus PDA GnuCash Companion]

Colin Pinkney Colin.Pinkney@marconi.com
Thu, 19 Sep 2002 10:28:01 +0100


Thanks for the reply.

So basically using /proc/sys/kernel/random/uuid should be ok then? AFAIK
the GUID is only used for uniquely identifying a single transaction or
other element, right? I didn't think it was used in any security stuff.

Colin




linas@linas.org (Linas Vepstas)@lists.gnucash.org on 18/09/2002 07:12:42

Sent by:  gnucash-devel-admin@lists.gnucash.org


To:   Colin Pinkney <Colin.Pinkney@marconi.com>
cc:   gnucash-devel@lists.gnucash.org

Subject:  Re: Transaction GUIDs [Was: Writing a Sharp Zaurus PDA GnuCash
      Companion]


repsonding to very old email,
now that I am getting email again...


On Fri, Aug 23, 2002 at 12:38:40PM +0100, Colin Pinkney was heard to
remark:
>
>
> I was just looking at how GUIDs are generated, but couldn't quite figure
it
> out. Seems to  have something to do with randomly selecting md5sums of
> files that constantly change.
>
> I'm know very little about pseudo-random algorithms and want to keep it
> simple so I'm hoping /proc/sys/kernel/random/uuid has enough entropy. But
I
> guess in the end as long as it's a unique 128bit number (stored in hex
> format) it doesn't really matter, does it?

it matters a lot. md5 has been mathematically proven to generate unique
id's.  Most all naive algorithms fail to do so, in ways that seem subtle
to the naive developer but are well knows to crypto types and hackers.

(the linux kernel uuid algo is probably quite good.)

--linas


--
pub  1024D/01045933 2001-02-01 Linas Vepstas (Labas!) <linas@linas.org>
PGP Key fingerprint = 8305 2521 6000 0B5E 8984  3F54 64A9 9A82 0104 5933
_______________________________________________
gnucash-devel mailing list
gnucash-devel@lists.gnucash.org
https://lists.gnucash.org/mailman/listinfo/gnucash-devel