Can guids be trusted for security, or are they predictable if the system can be forced to generate many known guids?

12
votes

To start, and define guid, i am using a .net framework Guid This is somewhat a hypothetical situation Users when preforming a specific action have guids generated. Each user can see their own guids. If a user was to know one of another user's guid there would be a security compromise.

How safe is this system if we asume that a user has no way to steal another user's guid and can only guess it?

I understand that blindly guessing guids is impossible. Even if they had a million success values, they would still have only a 10^20 chance of a successful guess

Where i am afraid a problem may exist is guid prediction. Can a user generate a large number of requests, look at the guids he got, and knowing the .net guid generation formula greatly improve his odds of guessing? Can these odds be reduced to a point where they would be a security concern? In that case how should keys be generated in a unique non guessable way?

I ask anyone who mentions the odds of guesses/collisions to add some hard meaning to it. Either an exact number to define odds, or something like, "it can be used to store account data, but not sensitive data"

EDIT

this question seems to go well into the territory I originally sought to explore with this question Is a GUID a good key for (temporary) encryption?

2
.netsecurityguid
Guid's are not unique; thus in theory two users could have the same Guid.Aaron McIver
Probably similar to stackoverflow.com/questions/4517497/…Eugene Mayevski 'Callback
For correctly generated random guids the chances of collision are sufficiently low to guarantee uniqueness in practice.CodesInChaos
@Aaron, guids are not technically unique, but they are statistically unique. With 3.4×10^38 possible guids...every star in the observable universe could statistically possess 6.8×10^15. The odds of any two people having the same guid is insanely unlikelyguildsbounty
@Eugene Mayevski 'EldoS Corp i am realy looking for someone to discuss active prediction attacks. The db will take care of not allowing collisionsAndrey

2 Answers

8
votes

GUID's/UUID's are intended to generate 128 bit numbers for use primarily as ID's that are unique (for all intents and purposes).

UUID's are not designed to generate cryptographically strong random number sequences, and if you want maximum un-predictability, then cryptographically strong random number sequences are exactly what you want. For this, .NET provides you with the RNGCryptoServiceProvider - designed from the ground up to be as unpredictable as can be reasonably achieved by algorithmic means, so why not use it?

Example:

byte[] GenerateRandomBytes()
{
   byte[] key = new byte[16];

    System.Security.Cryptography.RNGCryptoServiceProvider c =
        new System.Security.Cryptography.RNGCryptoServiceProvider();

    c.GetBytes(key);

    return key;
}
4
votes

Afaik .net generates Version 4 UUIDs as Guids by default. These are random and hard to guess if properly implemented. But since future versions might use another implementation I wouldn't rely on that. I think even earlier versions of windows or .net used Guids based on the Mac-Address which are easier to guess.

So I'd just use one of the crypto-pseudo-random-number-generators built into .net instead. If you generate 16 bytes you have a drop-in replacement for a Guid.