UUID.randomUUID()
843811Jan 22 2009 — edited Jan 22 2009Hi all.
Looking at the source of java.util.UUID.randomUUID() it looks like it's using SecureRandom to generate the random ID. I don't have any otrher security providers installed, and so I'm using the default SecureRandomSpi implementation, which I understand is sun.security.provider.SecureRandom.
I realise that the probability of duplicate IDs being generated is incredibly small, but nevertheless if the internal state of the SecureRandomSpi PRNG gets into the same state as it had been previously, I won't just get a single duplicate ID but I'll get an entire sequence of duplicate IDs (until the PRNG is reseeded -- in other words until the UUID class is reloaded and SecureRandom is reinstantiated).
Is this correct? If I get a duplicate ID am I likely to get a whole sequence of duplicate IDs until I restart my JVM, or am I missing something?
Of course I realise that the probability of this happening is incredibly small, however I'm thinking of implementing something similar which generates a 8 byte number, which decreases the probability somewhat (though it's still tiny). I don't mind if I get the occasional duplcate ID, but a long sequence of them would be very bad.
I'm thinking of solving this problem (if it is one) by re-seeding SecureRandom periodically with some easily-generated seed (like the timestamp). According to the docs this augments the existing seed. Does this seem like a reasonable solution?