唯一密钥生成 [英] Unique key generation
问题描述
我正在寻找一种方法,特别是在 PHP 中,我将保证始终获得唯一的密钥.
I looking for a way, specifically in PHP that I will be guaranteed to always get a unique key.
我做了以下事情:
strtolower(substr(crypt(time()), 0, 7));
但我发现有时我会得到一个重复的密钥(很少,但经常如此).
But I have found that once in a while I end up with a duplicate key (rarely, but often enough).
我也想过这样做:
strtolower(substr(crypt(uniqid(rand(), true)), 0, 7));
但根据 PHP 网站,uniqid() 可以,如果 uniqid() 在同一微秒内被调用两次,它可以生成相同的密钥.我认为添加 rand() 很少会,但仍然可能.
But according to the PHP website, uniqid() could, if uniqid() is called twice in the same microsecond, it could generate the same key. I'm thinking that the addition of rand() that it rarely would, but still possible.
在上面提到的几行之后,我还删除了 L 和 O 等字符,这样用户就不会感到困惑.这可能是造成重复的部分原因,但仍然是必要的.
After the lines mentioned above I am also remove characters such as L and O so it's less confusing for the user. This maybe part of the cause for the duplicates, but still necessary.
我想到的一个选择是创建一个网站来生成密钥,将其存储在数据库中,确保它是完全唯一的.
One option I have a thought of is creating a website that will generate the key, storing it in a database, ensuring it's completely unique.
还有其他想法吗?是否有任何网站已经这样做了,它们具有某种 API 或仅返回密钥.我找到了 http://userident.com 但我不确定这些键是否是完全唯一的.
Any other thoughts? Are there any websites out there that already do this that have some kind of API or just return the key. I found http://userident.com but I'm not sure if the keys will be completely unique.
这需要在没有任何用户输入的情况下在后台运行.
This needs to run in the background without any user input.
推荐答案
生成唯一值的方法只有 3 种,它们是密码、用户 ID 等:
There are only 3 ways to generate unique values, rather they be passwords, user IDs, etc.:
- 使用有效的 GUID 生成器 - 这些生成器很长且无法缩小.如果您只使用部分你会失败.
- 至少部分数字是从单个序列中顺序生成的.您可以添加绒毛或编码以使其看起来不那么连续.优点是它们开始时间短——缺点是它们需要单一来源.解决单一来源限制的方法是使用编号的来源,因此您可以包含 [source #] + [seq #],然后每个来源都可以生成自己的序列.
- 通过其他方式生成它们,然后根据之前生成的值的单一历史记录检查它们.
不保证任何其他方法.请记住,从根本上说,您正在生成一个二进制数(它是一台计算机),但随后您可以将其编码为十六进制、十进制、Base64 或单词列表.选择适合您使用的编码.通常对于用户输入的数据,您需要 Base32 的一些变体(您暗示过).
Any other method is not guaranteed. Keep in mind, fundamentally you are generating a binary number (it is a computer), but then you can encode it in Hexadecimal, Decimal, Base64, or a word list. Pick an encoding that fits your usage. Usually for user entered data you want some variation of Base32 (which you hinted at).
关于 GUIDS 的注意事项:它们从它们的长度和用于生成它们的方法中获得独特的力量.任何小于 128 位的都是不安全的.除了随机数生成之外,GUID 还具有一些特征,可以使其更加独特.请记住,它们只是实际上独一无二,而不是完全独一无二.这是可能的,尽管实际上不可能有副本.
Note about GUIDS: They gain their strength of uniqueness from their length and the method used to generate them. Anything less than 128-bits is not secure. Beyond random number generation there are characteristics that go into a GUID to make it more unique. Keep in mind they are only practically unique, not completely unique. It is possible, although practically impossible to have a duplicate.
关于 GUIDS 的更新说明:自从撰写本文以来,我了解到许多 GUID 生成器使用加密安全的随机数生成器(很难或不可能预测生成的下一个数字,并且不太可能重复).实际上有 5 种不同的 UUID 算法.算法 4 是 Microsoft 当前用于 Windows GUID 生成 API 的算法.GUID 是 Microsoft 对 UUID 标准的实现.
Updated Note about GUIDS: Since writing this I learned that many GUID generators use a cryptographically secure random number generator (difficult or impossible to predict the next number generated, and a not likely to repeat). There are actually 5 different UUID algorithms. Algorithm 4 is what Microsoft currently uses for the Windows GUID generation API. A GUID is Microsoft's implementation of the UUID standard.
更新:如果您需要 7 到 16 个字符,则需要使用方法 2 或方法 3.
Update: If you want 7 to 16 characters then you need to use either method 2 or 3.
底线:坦率地说,没有完全独一无二的东西.即使您使用顺序生成器,您最终也会用完宇宙中所有原子的存储空间,从而循环回到自己身上并重复.你唯一的希望就是在到达那个点之前宇宙热死.
Bottom line: Frankly there is no such thing as completely unique. Even if you went with a sequential generator you would eventually run out of storage using all the atoms in the universe, thus looping back on yourself and repeating. Your only hope would be the heat death of the universe before reaching that point.
即使是最好的随机数生成器也有可能重复等于您生成的随机数的总大小.以四分之一为例.它是一个完全随机的位生成器,其重复的几率是 2 分之 1.
Even the best random number generator has a possibility of repeating equal to the total size of the random number you are generating. Take a quarter for example. It is a completely random bit generator, and its odds of repeating are 1 in 2.
所以这一切都取决于您的独特性.通过使用序列然后对它进行 base32 编码,您可以获得 1,099,511,627,776 个数字的 8 位数字的 100% 唯一性.任何其他不涉及检查过去数字列表的方法只有等于 n/1,099,511,627,776(其中 n = 以前生成的数字的数量)不唯一的几率.
So it all comes down to your threshold of uniqueness. You can have 100% uniqueness in 8 digits for 1,099,511,627,776 numbers by using a sequence and then base32 encoding it. Any other method that does not involve checking against a list of past numbers only has odds equal to n/1,099,511,627,776 (where n=number of previous numbers generated) of not being unique.
这篇关于唯一密钥生成的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
