可能的碰撞哈希uuid cakephp [英] possible collision hashing uuid cakephp

问题描述

如果在uuid（）字符串上使用 Security :: hash ，可能会发生冲突吗？我知道uuid（）会生成真正唯一的字符串，但是我需要将它们散列，并且我担心是否有可能重复散列字符串。

Is it possible to have collisions if to use Security::hash on uuid() string ? I know that uuid() generates truly unique string, but I need them to be hashed, and I am worried if there is a possibility that the hashed string can be repeated.

感谢

Thanks

推荐答案

首先，与名称相反，uuid不会创建真正唯一的字符串。它产生一个非常高概率的独特字符串（足够高以至于几乎所有用途都可以被视为唯一）。

Firstly, contrary to the name, a uuid does not create a truly unique string. It generates a string that is unique with very high probability(high enough that it can for pretty much all purposes be treated as unique).

至于你获得碰撞，这真的取决于你正在使用的哈希算法。假设构建好的散列算法在其输出空间上均匀分布，那么与任何两个散列发生冲突的几率是 1/2 ^ n 其中 n 是以位为单位的散列长度。可以使用公式来近似计算任何两个在生日攻击情景中碰撞的哈希的几率，其中 h（公式2）其中， p（h）= h ^ 2/2 m 是您希望生成的哈希数目， m 是输出空间（例如SHA256为2 ^ 256）。

As for your chances of getting a collision, that really depends on which hashing algorithm you are using. Assuming a well built hashing algorithm which distributes uniformly over it's output space, your odds of a collision with any two hashes is 1 / 2^n where n is the hash length in bits. The odds of any two hashes colliding in a birthday attack scenario can be approximated using the formula p(h) = h^2 / 2 m where h is the number of hashes you expect to generate and m is the output space (2^256 in the case of SHA256 for example).

因此，总而言之，无论您使用的是什么哈希算法，总是总是都有可能获得散列冲突。但是，在几乎所有等于或大于SHA256的情况下，机会如此之小以至于不值得担心。您的时间最好花在担心公车在下一秒跑过您的服务器的可能性。

So, the sum it all up, you will always have a chance of getting a hash collision regardless of what hashing algorithm you're using. However, in the case of pretty much anything equal to or greater than SHA256, the chance is so vanishingly small that is is not worth worrying about. Your time is better spent worrying about the chances of a bus running over your server in the next second.

这篇关于可能的碰撞哈希uuid cakephp的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！