1. 31
  1.  

  2. 4

    Generating a UUID, hashing it with a good cryptographic hash algorithm, and then taking a substring of the hash value would be the closest you’d get to globally unique there.

    SHA-1, for example, is 160 bits over a 128-bit UUID, so theoretically the pigeonhole principle would be okay there given the various cascading effects of the hash. The substring, obviously, would be a smaller space but all of the bits should be more-or-less equally random so the chance of collision would be proportional to the number of bits only, unlike substrings of a raw UUID.

    Now, at that point there’s essentially no difference from generating an 8-byte random number with a sufficiently good RNG, but it’s a fun thought exercise.

    1. 1

      There is a difference - compute time. The random number generator can run out of randomness and stall until more randomness is supplied, so it is best to keep it simple and use a system-supplied random number with code that has a predicable number of calls to it, or (probably better), avoid using the random number generator at all and simply use a key that is incremented from a known starting point and encoded to a consistent length (e.g., to hexadecimal).