Understanding GUIDs

What is a GUID

A GUID, Globally Unique Identifier, is a 128-bit integer (16 bytes) that can be used across all computers and networks wherever a unique identifier is required and requires no central registration process.

Why to use GUIDs

One of the main reasons for using GUIDs is that no centralized authority is required to administer them. As a result on demand generation can be completed automated and used for a variety of purposes.

How unique a GUID is

A GUID is a unique number that can be used to identify anything you may need. Although the algorithm used to generate a GUID is responsible to ensure its uniqueness, nothing can actually guarantee that a GUID is unique. The uniqueness of GUID relies on the probability of the same key to be generated twice is very small.

Format of a GUID

A GUID format is 16 octets follows a specific structure defined in RFC 4122 and come in a few different versions and variants. All variants follow the same structure xxxxxxxx-xxxx-Mxxx-Nxxx-xxxxxxxxxxxx where M represents the version and the most significant bits of N represent the variant. For example the following GUID 123e4567-e89b-12d3-a456–426614174000 is of version 1 and variant 1 because digit M is 1 and digit N is a.

Layout and byte order

To minimize confusion about bit assignments within octets, the GUID record definition is defined only in terms of fields that are integral numbers of octets

The image bellow presents the byte order of a GUID with the use of the above GUID example.

Image description

Variants

The variant field of GUIDs or the N position determines the layout of the GUID. RFC 4122 defines four variants.

  • Variant 0 N = 0..7, is for backwards compatibility with the now obsolete Apollo Network Computing System 1.5 UUID format developed around 1988
  • Variant 1 N = 8..b is referred to as RFC 4122/DCE 1.1 UUIDs, or "Leach–Salz" UUIDs
  • Variant 2 N= c..d is characterized in the RFC as "reserved, Microsoft Corporation backward compatibility" and was used for early GUIDs on the Microsoft Windows platform
  • Reserved N = e..f is reserved for futured definition

Versions

The version field of GUIDs or the M position is in the most significant 4 bits of the time stamp.

Version 1 date-time and MAC address

This version is generated using both the current time and client MAC address

Version 2 DCE Security

It is similar to version 1 except that the least significant 8 bits of the clock sequence are replaced by a "local domain" number, and the least significant 32 bits of the timestamp are replaced by an integer identifier meaningful within the specified local domain.

Version 3 MD5 hash and namespace

The GUID is generated by taking a namespace (e.g. a fully qualified domain name) and a given name, converting to bytes, concatenating, and hashing. Once specifying the special bits like version and variant the resulting bytes are then converted into its hexadecimal form. The special property about this version is that GUIDs generated from the same name in the same namespace will be identical even if generated at different times.

Version 4 random

This type of GUID is created using random numbers of the 128 bits in a GUID, 6 are reserved for special use (version + variant bits) giving us 122 bits that can be filled at random.

Version 5 SHA-1 hash and namespace

This version is identical to version 3 except that SHA-1 is used in the hashing step in place of MD5.

If you want to read more about GUIDs you can visit the RFC 4122 document.

Did you find this article valuable?

Support Theodoros Karropoulos by becoming a sponsor. Any amount is appreciated!