On Mon, Sep 18, 2006 at 04:00:22PM -0500, Jim C. Nasby wrote: > BTW, at a former company we used SHA1s to identify files that had been > uploaded. We were wondering on the odds of 2 different files hashing to > the same value and found some statistical comparisons of probabilities. > I don't recall the details, but the odds of duplicating a SHA1 (1 in > 2^160) are so insanely small that it's hard to find anything in the > physical world that compares. To duplicate random 256^256 numbers you'd > probably have to search until the heat-death of the universe.
The birthday paradox gives you about 2^80 (about 10^24) files before a SHA1 match, which is huge enough as it is. AIUI a UUID is only 2^128 bits so that would make 2^64 (about 10^19) random strings before you get a duplicate. Embed the time in there and the chance becomes *really* small, because then you have to get it in the same second. Have a nice day, -- Martijn van Oosterhout <kleptog@svana.org> http://svana.org/kleptog/ > From each according to his ability. To each according to his ability to > litigate.
signature.asc
Description: Digital signature
