Re: Concurrent access to /dev/urandom

From: Theodore Ts'o
Date: Thu Dec 09 2004 - 01:39:01 EST


On Wed, Dec 08, 2004 at 07:10:16PM -0800, David Lang wrote:
>
> pulling data from /dev/random or /dev/urandom will not ensure that you
> don't have duplicates.
>
> remember the birthday paradox. it says that if you get a group of 26
> people in a room you have about a 50% chance that two of these people have
> the same birthday.
>
> now that's only with numbers in the range of 1-365 if you pull 16 bit
> numbers (1-65536) you will need a much larger group to see the problem,
> but if you pull enough you WILL see the problem eventually.

Yes, but a UUID is 128 bits. So the chance of a collision is 1 in
2**62. (There are 4 version/type bits, so there are 122 bits of
randomness in a type-4, randomly generated UUID). Assuming a
correctly working random number generator, yes, it's possible that you
could get a duplicate. It's also possible that all of the oxygen
molecules could suddenly randomly end up in the other part of the
room, and you would suffocate. But it's not very likely. 2**62 is a
rather large number....

- Ted
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/