如何确定是净的GUID？ [英] How deterministic Are .Net GUIDs?

问题描述

昨天我问<一个href="http://stackoverflow.com/questions/1397676/are-guids-generated-on-windows-2003-safe-to-use-as-session-ids">Are在Windows 2003的安全生成的GUID的会话ID？和答案结合结合本文的 GUID是全局唯一，但GUID的子不促使我想更换使用的GUID作为会话ID在饼干我目前的机制。

由于这是一个有点工作，使这种变化，我决定我的Vista的PC上运行快速GUID测试，看看GUID的序列明显确定的（就是我担心的是，如果攻击者能够获得的序列通过我的服务器生成的GUID的他们将能够生成新的匹配的）。

在Raymond Chen的文章（引用本很旧的规范 UUID和GUID 1998年）的GUID是由：

• 在60位的时间戳，
• 在48位计算机的标识符，
• 唯一标志的14位，和
• 在六位固定

由该场地如果我生成10的guid第一15个ASCII字符（不包括' - '）的时间戳，下一个12个ASCII字符是计算机识别符，下一个3.5 ASCII字符是随机而最后1.5字符被固定

获得10的GUID我的Vista的PC上使用.net System.Guid.NewGuid（）收益率：

  b4e95ead-3619-4dc2-9102-cf7ab0efd927
a45ee719-DECD-46b2-8355-7becbe406f74
9af68d75-35a0-4907-b6ab-f15e33acfe96
bed88fa3-3209-4a19-97dd-85d5428ea5f4
123cb39b-8d81-41c6-8894-f1257a8f7606
e2b1f6b1-5791-4a18-80a9-5dc668574ecb
c52aa660-2629-4659-bb83-5583081e5a1c
76eda32d-CEDA-器412e-8ade-30c47416e954
cbc4d45e-7281-40d2-9f90-00539b04fe98
be36524c-267C-4791-bc9e-3c20b29d7615
 

这是一个快速的目视检查的唯一可识别的模式是第13 ASCII字符始终是4。

我又一次在想，如果依靠的System.Guid产生伪随机会话ID是强大到足以保护Web应用程序，其中开裂的会话ID将价值至多几千块钱？

使用GUID我现在打算生成我的会话ID的使用下面的方法代替：更新

。我将所述384比特随机数，以一个0×00字节字符串，以便它们也适合于在一个HTTP cookie的使用。

  RNGCryptoServiceProvider rngProvider =新RNGCryptoServiceProvider（）;
字节[]的myKey =新的字节[48];
rngProvider.GetBytes（的myKey）;
串会话ID = NULL;
。myKey.ToList（）的ForEach（B =＆GT;会话ID + = b.ToString（X2））;
Console.WriteLine（会话ID）;
 

解决方案

这不是一个完整的答案，但我可以告诉你，13号十六进制数字始终是4，因为它是指用于生成GUID的算法的版本（ ID EST，V4）;同时，我引用维基百科：

  在WinAPI的GUID的

密码分析   发电机表明，由于   V4 GUID的序列是伪随机的，   考虑到初始状态一罐   predict到下一个250 000的GUID   由函数UuidCreate返回。   这就是为什么的guid不应使用   在密码学中，例如，作为随机密钥。

这篇文章的其余部分，其参考： http://en.wikipedia.org/wiki/Guid

- 编辑 -

从安全角度来看，我建议你生成会话ID，但是你觉得像，然后加密签署;这样你可以在任何信息，你要收拾，然后就拍一个签名就完了 - 可能的问题是你的关键的尺寸/强度和造成的饼干大小之间的权衡。 GUID是作为标识是有用的，但我只能靠一个专门的加密技术的安全性。

Yesterday I asked Are GUIDs generated on Windows 2003 safe to use as session IDs? and the answer combined with combined with this article GUIDs are globally unique, but substrings of GUIDs aren't prompted me to think about replacing my current mechanism of using GUIDs as session ID's in cookies.

Because it's a bit of work to make that change I decided to run a quick GUID test on my Vista PC to see if a sequence of GUIDs was obviously deterministic (what I'm worried about is if an attacker was able to get a sequence of GUIDs generated by my server they would be able to generate new matching ones).

In Raymond Chen's article (which references this very old spec UUIDs and GUIDs from 1998) the GUID is made up of:

• 60 bits of timestamp,
• 48 bits of computer identifier,
• 14 bits of uniquifier, and
• six bits are fixed

Going by that if I generate 10 GUIDs the first 15 ASCII chars (excluding '-') are the timestamp, the next 12 ASCII chars are the computer identifier, the next 3.5 ASCII characters are random and the last 1.5 characters are fixed.

Getting 10 GUIDs on my Vista PC using the .Net System.Guid.NewGuid() yields:

b4e95ead-3619-4dc2-9102-cf7ab0efd927
a45ee719-decd-46b2-8355-7becbe406f74
9af68d75-35a0-4907-b6ab-f15e33acfe96
bed88fa3-3209-4a19-97dd-85d5428ea5f4
123cb39b-8d81-41c6-8894-f1257a8f7606
e2b1f6b1-5791-4a18-80a9-5dc668574ecb
c52aa660-2629-4659-bb83-5583081e5a1c
76eda32d-ceda-412e-8ade-30c47416e954
cbc4d45e-7281-40d2-9f90-00539b04fe98
be36524c-267c-4791-bc9e-3c20b29d7615

The only discernible pattern from a quick visual inspection is that the 13th ASCII character is always 4.

I'm again left wondering if relying on System.Guid to generate pseudo random session IDs is strong enough to protect a web application where cracking a session ID would be worth at most thousands of dollars?

Update: Instead of using a GUID I now plan to generate my session ID's using the approach below. I'm converting the 384 bit random number to a 0x00 byte string so that it's suitable for use in an HTTP cookie.

RNGCryptoServiceProvider rngProvider = new RNGCryptoServiceProvider();
byte[] myKey = new byte[48];
rngProvider.GetBytes(myKey);
string sessionID = null;
myKey.ToList().ForEach(b => sessionID += b.ToString("x2"));
Console.WriteLine(sessionID);

解决方案

It's not a complete answer, but I can tell you that the 13th hex digit is always 4 because it denotes the version of the algorithm used to generate the GUID (id est, v4); also, and I quote Wikipedia:

Cryptanalysis of the WinAPI GUID generator shows that, since the sequence of V4 GUIDs is pseudo-random, given the initial state one can predict up to the next 250 000 GUIDs returned by the function UuidCreate. This is why GUIDs should not be used in cryptography, e.g., as random keys.

The rest of the article, and its references: http://en.wikipedia.org/wiki/Guid

--Edit--

From a security standpoint, I'd suggest that you generate your session ID however you feel like, then cryptographically sign it; that way you can pack in whatever information you want and then just slap a signature on the end - the possible issue being the tradeoff between the size/strength of your key and the resulting size of the cookie. GUIDs are useful as IDs, but I'd only rely on a dedicated cryptographic technique for security.

这篇关于如何确定是净的GUID？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！