AutoHotkey Community

Generates a time-based Universally Unique Identifier.

Example:

Download

_________________
GitHub • Scripts • IronAHK • Contact by email not private message.

Since AHK's (pseudo) random number generator is initialized based on the current time, if thousands of PC's generate these uuid values in the same time, there is a good chance that some of them will be the same. Have you considered to mix in some values, which are different in different PC's? Something like the user name, language, windows version are easy to access, others, like the BIOS version, motherboard type, disk serial number are still possible. These have to be hashed, not to leak personal information. And, of course, you can always access Windows' GUID, which already incorporates these.

The time based algorithm allows up to 10000 unique identifiers to be made every millisecond (281474976710656 in my version) so the chance of a similarity is very little. In the new version 1.1 I took your idea of parsing Windows GUID in the registry for real clock and node IDs. This value is cached for later calls.

_________________
GitHub • Scripts • IronAHK • Contact by email not private message.

This is better!

About the collisions: How many people need to be in a group, such that there is a 50% chance that at least two of them have the same birthday? Think about it, before reading further.

The answer is 23. It is surprisingly low, is not it? In general, if there are n possible results of a measurement, after performing it sqrt(n) times, there is a near 50% chance that two results are the same. It is called the birthday paradox.

The resolution of the Windows timer is 10..16 ms. It means, in every second there can be as few as 1000/16 = 62.5 different A_MSec values. In a minute there are only 60*62.5 = 3750 different time values. According to the birthday paradox, if sqrt(3750) =~ 61 PC's read the time in this minute, there is a 50% chance that two of them get the same result, and their random number generator will be initialized identically, too. If 500 PC's would execute the script in the same hour, there will almost certainly be two of them getting the same time values: sqrt(60*60*62.5) =~ 474.

I've read about the birthday paradox, it's an interesting theory. I'm disappointed about the low res. timer; 2/500 is a bad probability for an identifier which "1 trillion have to be created every nanosecond for 10 billion years to exhaust [...]". I've looked into GetSystemTime but that's likely to be the same.

However your calculations (which are impressive btw.) only account for the first part of the UUID - the LSB time group. The last two parts, clock ID (CPU clock) and node ID (MAC address) are there to ensure no collisions can occur with different computers using genuine NICs. Even in quirks mode (param = false) fourteen digits are randomized which yields a probability of 1/14^16 (72057594037927936).

_________________
GitHub • Scripts • IronAHK • Contact by email not private message.

I wrote about the collision of the time values. Mixing in PC or user dependent information makes the collision much less likely. However, you have to mix (hash) the pieces together, otherwise there is a possible attack: someone can identify unchanging parts of your uuid values, and create valid uuid values in your behalf. In some cases it is bad.

Uuids are not used in cryptography so it doesn't matter. You can edit any uuid and it will still be valid (with a few exceptions). Also randomized node IDs are prefixed with '1' (RFC 4122) which differentiates it from valid MAC addresses, so there is no security concern here.

_________________
GitHub • Scripts • IronAHK • Contact by email not private message.

Very Nice.. .. On a related note: I think Random command should be available as a function.

_________________
URLGet - Internet Explorer based Downloader
StartEx - Portable Shortcut Link

I've changed my mind, hashing values is not too difficult anyway. Here's what I came up with, is it secure enough?

It's not a frequency used command so I don't think it will happen.

_________________
GitHub • Scripts • IronAHK • Contact by email not private message.

@Goyyah

I think this is probably good enough for what you need



Regards

Dave.

_________________
Simple ideas lie within reach, only of complex minds

It is a less frequently used command because people do not realize its potential. It is one command that should definitely be a function.

@Dippy46: Yes! I know I can write a wrapper function for that command. But I do not prefer my user defined functions to have a dependency on an another UDF. I would rather prefer to do it the same way Titan has done in uuid()

I do not want to hijack this thread, I better put my suggestions in the Wish List.

Regards,

_________________
URLGet - Internet Explorer based Downloader
StartEx - Portable Shortcut Link

I tried to do this with API functions like this:



and it returns the string but AHK cuts it at first charahter so only "{" is visible, although x (number of characthers set by API call) is set normaly.

What is the problem here ?

_________________

Unicode?

_________________
RegEx Powered Dynamic Hotstrings
COM
AutoHotkey 2

uh...I forgot that... most definitely...

_________________

Yes .. it is Unicode and the string length is 76