Beefy Boxes and Bandwidth Generously Provided by pair Networks
more useful options
 
PerlMonks  

Re: Safe for SQL

by Abigail-II (Bishop)
on Dec 10, 2002 at 17:48 UTC ( [id://218853]=note: print w/replies, xml ) Need Help??


in reply to Re: Safe for SQL
in thread Safe for SQL

It returns a 32 byte string, but you only have 10 bytes of entropy, 2 from the process id, 4 from the time, and 4 from the random number generator. Maybe this is enough, maybe it isn't. There's certainly no garantee it will create unique numbers.

Abigail

Replies are listed 'Best First'.
Re: Re: Safe for SQL
by hiseldl (Priest) on Dec 10, 2002 at 20:14 UTC

    You are absolutely correct, from RFC 1321:

      ...It is conjectured that it is computationally infeasible to produce two messages having the same message digest, or to produce any message having a given prespecified target message digest...

    So, just using the MD5 algorithm means that there is no gaurantee of a unique message digest. ;-)

    For something such as a session id for a web script, this is usually sufficient. To resolve your argument, you could add more text until you are reasonably certain that your entropy message is not reproducible:

    ... while(<LINES_OF_TEXT>) { $md5->add($_); } ...
    ...the downside is that it takes longer to compute.

    One way to gaurantee that the number is unique for that 'insert' statement is to have that database generate the number either from a sequence or stored procedure.

    I was just trying to keep it simple and sufficient. :-)

    --
    hiseldl
    What time is it? It's Camel Time!

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://218853]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others having a coffee break in the Monastery: (8)
As of 2024-03-28 09:13 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found