独特的密钥生成 [英] Unique key generation

问题描述

我正在寻找一种方法，特别是在PHP中，可以保证始终获得唯一的密钥.

I looking for a way, specifically in PHP that I will be guaranteed to always get a unique key.

我已经执行以下操作:

strtolower(substr(crypt(time()), 0, 7));

但是我发现，偶尔我会得到一个重复的密钥(很少，但是经常).

But I have found that once in a while I end up with a duplicate key (rarely, but often enough).

我还考虑过这样做:

strtolower(substr(crypt(uniqid(rand(), true)), 0, 7));

但是根据PHP网站，如果在同一微秒内两次调用uniqid()，则uniqid()可能会生成相同的密钥.我在想添加rand()很少，但是仍然可能.

But according to the PHP website, uniqid() could, if uniqid() is called twice in the same microsecond, it could generate the same key. I'm thinking that the addition of rand() that it rarely would, but still possible.

在上述几行之后，我还将删除L和O之类的字符，因此对用户而言，它不会造成混乱.这可能是重复的部分原因，但仍是必要的.

After the lines mentioned above I am also remove characters such as L and O so it's less confusing for the user. This maybe part of the cause for the duplicates, but still necessary.

我想到的一个选择是创建一个网站，该网站将生成密钥，并将其存储在数据库中，以确保它是唯一的.

One option I have a thought of is creating a website that will generate the key, storing it in a database, ensuring it's completely unique.

还有其他想法吗?是否有已经使用某种API或仅返回密钥的已经执行此操作的网站.我发现 http://userident.com ，但是我不确定这些键是否完全唯一.

Any other thoughts? Are there any websites out there that already do this that have some kind of API or just return the key. I found http://userident.com but I'm not sure if the keys will be completely unique.

这需要在没有任何用户输入的情况下在后台运行.

This needs to run in the background without any user input.

推荐答案

只有三种生成唯一值的方法，它们是密码，用户ID等.

There are only 3 ways to generate unique values, rather they be passwords, user IDs, etc.:

1. 使用有效的GUID生成器-它们长且不能缩小.如果仅使用部件，您将失败.
2. 至少一部分数字是从单个序列中顺序生成的.您可以添加绒毛或编码，以减少顺序感.优势在于它们起步短-劣势是它们需要单一来源.单个来源限制的解决方法是为来源编号，因此您要包含[source#] + [seq#]，然后每个来源都可以生成自己的序列.
3. 通过其他方式生成它们，然后根据先前生成的值的单个历史记录对其进行检查.

1. Use an effective GUID generator - these are long and cannot be shrunk. If you only use part you FAIL.
2. At least part of the number is sequentially generated off of a single sequence. You can add fluff or encoding to make it look less sequential. Advantage is they start short - disadvantage is they require a single source. The work around for the single source limitation is to have numbered sources, so you include the [source #] + [seq #] and then each source can generate its own sequence.
3. Generate them via some other means and then check them against the single history of previously generated values.

不能保证其他任何方法.请记住，从根本上讲，您正在生成一个二进制数(它是一台计算机)，但是您可以将其编码为十六进制，十进制，Base64或单词列表.选择适合您用法的编码.通常对于用户输入的数据，您需要Base32的一些变体(提示).

Any other method is not guaranteed. Keep in mind, fundamentally you are generating a binary number (it is a computer), but then you can encode it in Hexadecimal, Decimal, Base64, or a word list. Pick an encoding that fits your usage. Usually for user entered data you want some variation of Base32 (which you hinted at).

有关GUIDS的说明:它们的长度和生成方法的独特之处在于它们的独特性. 任何少于128位的数据都是不安全的.除了生成随机数外，GUID还具有一些特性，以使其更加独特.请记住，它们实际上几乎是唯一的，而不是完全唯一的.有可能，尽管实际上没有重复的可能.

Note about GUIDS: They gain their strength of uniqueness from their length and the method used to generate them. Anything less than 128-bits is not secure. Beyond random number generation there are characteristics that go into a GUID to make it more unique. Keep in mind they are only practically unique, not completely unique. It is possible, although practically impossible to have a duplicate.

有关GUIDS的更新说明:自撰写本文以来，我了解到许多GUID生成器都使用加密安全的随机数生成器(很难或不可能预测生成的下一个数字，并且不太可能重复).实际上有5种不同的 UUID算法. Microsoft当前用于Windows GUID生成API的是算法4. GUID 是Microsoft对UUID标准的实现.

Updated Note about GUIDS: Since writing this I learned that many GUID generators use a cryptographically secure random number generator (difficult or impossible to predict the next number generated, and a not likely to repeat). There are actually 5 different UUID algorithms. Algorithm 4 is what Microsoft currently uses for the Windows GUID generation API. A GUID is Microsoft's implementation of the UUID standard.

更新:如果需要7至16个字符，则需要使用方法2或3.

Update: If you want 7 to 16 characters then you need to use either method 2 or 3.

底线:坦率地说，没有完全独特的东西.即使您使用顺序生成器，您最终也将耗尽整个宇宙中所有原子的存储空间，从而循环回到自己身上并重复执行.您唯一的希望是在达到该点之前宇宙的热死.

Bottom line: Frankly there is no such thing as completely unique. Even if you went with a sequential generator you would eventually run out of storage using all the atoms in the universe, thus looping back on yourself and repeating. Your only hope would be the heat death of the universe before reaching that point.

即使最好的随机数生成器也有可能重复生成等于您生成的随机数的总大小.以四分之一为例.它是一个完全随机的位生成器，其重复几率是1比2.

Even the best random number generator has a possibility of repeating equal to the total size of the random number you are generating. Take a quarter for example. It is a completely random bit generator, and its odds of repeating are 1 in 2.

因此，这一切都取决于您的唯一性门槛.通过使用序列，然后对它进行base32编码，可以为1,099,511,627,776个数字的8位数字提供100％的唯一性.不涉及检查过去数字列表的任何其他方法仅具有不唯一的赔率等于n/1,099,511,627,776(其中n =生成的先前数字的数量).

So it all comes down to your threshold of uniqueness. You can have 100% uniqueness in 8 digits for 1,099,511,627,776 numbers by using a sequence and then base32 encoding it. Any other method that does not involve checking against a list of past numbers only has odds equal to n/1,099,511,627,776 (where n=number of previous numbers generated) of not being unique.

这篇关于独特的密钥生成的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！