Java 的 UUID.randomUUID 有多好? [英] How good is Java's UUID.randomUUID?

问题描述

我知道随机UUID在理论上发生碰撞的概率非常、非常、非常低，但我想知道，在实践中，Java 的 randomUUID() 就没有碰撞而言?有人有经验可以分享吗?

I know that randomized UUIDs have a very, very, very low probability for collision in theory, but I am wondering, in practice, how good Java's randomUUID() is in terms of not having collision? Does anybody have any experience to share?

推荐答案

UUID 使用 java.security.SecureRandom，它应该是加密强的".虽然未指定实际实现并且可能因 JVM 而异(这意味着所做的任何具体语句仅对一个特定的 JVM 有效)，但它确实要求输出必须通过统计随机数生成器测试.

UUID uses java.security.SecureRandom, which is supposed to be "cryptographically strong". While the actual implementation is not specified and can vary between JVMs (meaning that any concrete statements made are valid only for one specific JVM), it does mandate that the output must pass a statistical random number generator test.

一个实现总是可能包含破坏这一切的微妙错误(请参阅 OpenSSH 密钥生成错误)，但我认为没有任何具体理由担心 Java UUID 的随机性.

It's always possible for an implementation to contain subtle bugs that ruin all this (see OpenSSH key generation bug) but I don't think there's any concrete reason to worry about Java UUIDs's randomness.

这篇关于Java 的 UUID.randomUUID 有多好?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！