CODEWITHSUNDEEP
cryptographyuuidhash-collision
david_adler
david_adler

Reputation: 10922

Is mixing uuidv4 and uuidv5 collision safe?

I have a key value store where rows are indexed by uuid. For some of the keys I generate the key with uuidv4. For some of the other keys I generate the key from two other uuids from that same key value store.

e.g.

key value
2efd5459-fa72-4b28-a801-160e84fa049d alice
99a975d8-cadf-460a-b9ab-ce8352414d89 bob
2fc821c5-fa09-5a89-b355-e6d3b5b90fc8 alice_bob

The alice_bob row was generated via v5 of alice and bob's uuids.

//    alice                                   bob
u.v5('2efd5459-fa72-4b28-a801-160e84fa049d', '99a975d8-cadf-460a-b9ab-ce8352414d89')

Am I more likely to get a collision by mixing v4 and v5 in the same KV store than if I just used v4 or just used v5?

Upvotes: 1

Views: 1693

Answers (1)

david_adler
david_adler

Reputation: 10922

Quoting from https://github.com/uuidjs/uuid/issues/579

RFC4122 UUIDs have the version encoded in them, so [properly formed] v5 UUIDs will never collide with a v4 UUID, and vice-versa.

Outside of that, the odds of collision depend on the behavior of the respective UUID versions. The odds of v4 UUIDs is pretty well documented elsewhere. (tl;dr "vanishingly small"). v5 ids are deterministic hashes, so it mostly depends on the odds of you having the same input names, which isn't something we have control over. (There is a theoretical chance two different names will result in the same hash but, again, the odds of that are vanishingly small.)

Upvotes: 4

Related Questions