On Mon, 2006-09-18 at 16:00 -0500, Jim C. Nasby wrote:
> BTW, at a former company we used SHA1s to identify files that had been
> uploaded. We were wondering on the odds of 2 different files hashing to
> the same value and found some statistical comparisons of probabilities.
> I don't recall the details, but the odds of duplicating a SHA1 (1 in
> 2^160) are so insanely small that it's hard to find anything in the
> physical world that compares. To duplicate random 256^256 numbers you'd
> probably have to search until the heat-death of the universe.
That assumes you have good random data. Usually there is some kind of
tradeoff between the randomness and the performance. If you
read /dev/random each time, that eliminates some applications that need
to generate UUIDs very quickly. If you use pseudorandom data, you are
vulnerable in the case a clock is set back or the data repeats.
In response to
pgsql-hackers by date
|Next:||From: Tom Dunstan||Date: 2006-09-18 21:42:54|
|Subject: Re: OID conflicts|
|Previous:||From: Jim C. Nasby||Date: 2006-09-18 21:35:08|
|Subject: Re: An Idea for OID conflicts|
pgsql-patches by date
|Next:||From: Gevik Babakhani||Date: 2006-09-18 22:27:30|
|Subject: Re: Patch for UUID datatype (beta)|
|Previous:||From: Neil Conway||Date: 2006-09-18 21:19:51|
|Subject: Re: cosmetic change in 'drop owned' reference|