How securely unguessable are GUIDs?

by

UUIDs/GUIDs are specified by RFC4122. Although Version 4 UUIDs are created from random numbers Section 6 makes an explicit statement on security:

Do not assume that UUIDs are hard to guess; they should not be used
as security capabilities (identifiers whose mere possession grants
access), for example. A predictable random number source will
exacerbate the situation.

A good discussion of the randomness of GUIDs can also be found in this question:

How Random is System.Guid.NewGuid()? (Take two)

More Related Contents:

  1. How Random is System.Guid.NewGuid()?
  2. how to get private key from PEM file?
  3. How Random is System.Guid.NewGuid()? (Take two)
  4. implement RSA in .NET core
  5. Sequential GUID in Linq-to-Sql?
  6. What is the string length of a GUID?
  7. How are .NET 4 GUIDs generated?
  8. Given a private key, is it possible to derive its public key?
  9. Guid Byte Order in .NET
  10. Is it possible to encrypt data with AES (256 bit) GCM mode in .net framework 4.7?
  11. Watermark TextBox in WinForms
  12. Why does .NET use banker’s rounding as default?
  13. What’s the difference between StaticResource and DynamicResource in WPF?
  14. C++/CLI Mixed Mode DLL Creation
  15. Most efficient way to check for DBNull and then assign to a variable?
  16. Can you use Microsoft Entity Framework with Oracle? [closed]
  17. ConfigureAwait(false) relevant in ASP.NET Core?
  18. How to convert View Model into JSON object in ASP.NET MVC?
  19. VB.Net – Excel COM Object not getting released [duplicate]
  20. What is the difference between Dim v As String() and Dim v() As String?
  21. How to call a .NET web service from android? [closed]
  22. Directory.EnumerateFiles => UnauthorizedAccessException
  23. Open a URL from Windows Forms
  24. Is is possible to check if an object is already attached to a data context in Entity Framework?
  25. How to check if a program is using .NET?
  26. How to troubleshoot and debug Visual Studio design mode errors?
  27. How should I cast in VB.NET?
  28. Use Visual Studio Setup Project to automatically register and GAC a COM Interop DLL
  29. How do I make a ListBox refresh its item text?
  30. Getting SlowAES and RijndaelManaged class in .NET to play together

Leave a Comment