2

My team is working on an application with a legacy database that uses two different values as unique identifiers for a Group object: Id is an auto-incrementing Identity column whose value is determined by the database upon insertion. GroupCode is determined by the application after insertion, and is "Group" + theGroup.Id.

What we need is an algorithm to generate GroupCode's that:

  1. Are unique.
  2. Are reasonably easy for a user to type in correctly.
  3. Are difficult for a hacker to guess.
  4. Are either created by the database upon insertion, or are created by the app before the insertion (i.e. not dependent on the identity column).

The existing solution meets the first two criteria, but not the last two. Does anyone know of a good solution to meet all of the above criteria?

One more note: Even though this code is used externally by users, and even though Id would make a better identifier for other tables to link their foreign keys to, the GroupCode is used by other tables to refer to a specific Group.

Thanks in advance.

Joachim Sauer
  • 302,674
  • 57
  • 556
  • 614
jyoungdev
  • 2,674
  • 4
  • 26
  • 36

2 Answers2

1

Have you looked into Base32/Base36 content encoding? Base32 representation of a Identity seed column will make it unique, easy to enter but definitely not secure. However most non-programmers will have no idea how the string value is generated.

Also using Base32/36 you can maintain normal database integer based primary keys.

Kane
  • 16,471
  • 11
  • 61
  • 86
  • Base32 takes 20% more space than Base64, witch will result in so huge strings :-/ – balexandre Oct 12 '10 at 07:06
  • @balexandre No it will not result in huge strings. Base32 has about 35% fewer digits than the integer it encodes, and if you use Crockford encoding for Base32 then you will satisfy the "reasonably easy for a user to type in correctly". If you try to use a more efficient encoding, like base64, then I think you won't be able to satisfy that requirement. – AaronLS Oct 26 '11 at 20:49
1

Would it be possible to add a new column? It could consist of the Identity and a random 32-bit number.

That 64 bit number could then be translated to a «Memorable Random String». It wouldn't be perfect security wise but could be good enough.

Here's an example using Ruby and the Koremutake gem.

require 'koremu'
# http://pastie.org/96316 adds Array.chunk
identity=104711
r=rand(2**32)<<32 # in this example 5946631977955229696
ka = KoremuFixnum.new(r+identity).to_ka.chunk(3)
ka.each {|arr| print KoremuArray.new(arr).to_ks + " "}

Result:

TUSADA REGRUMI LEBADE

Also check out Phonetically Memorable Password Generation Algorithms.

Community
  • 1
  • 1
Jonas Elfström
  • 30,834
  • 6
  • 70
  • 106