GUID Guide, part one

GUID Guide, part one

Rate This
  • Comments 38

What is a GUID? The acronym stands for "globally unique identifier"; GUIDs are also called UUIDs, which stands for "universally unique identifier". (It is unclear to me why we need two nigh-identical names for the same thing, but there you have it.) A GUID is essentially a 128 bit integer, and when written in its human-readable form, is written in hexadecimal in the pattern {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}.

The purpose of a GUID is, as the name implies, to uniquely identify something, so that we can refer to that thing by its identifier and have confidence that everyone can agree upon what thing we are referring to. Think about this problem as it applies to, say, books. It is cumbersome to refer to a book by quoting it in its entirety every time you mention it. Instead, we give every book an identifier in the form of its title. The problem with using a title as an identifier is that there may be many different books with the same title. I have three different books all entitled "The C# Programming Language" on my desk right now; if I want to refer to one of them in particular, I'd typically have to give the edition number. But there is nothing (apart from their good sense) stopping some entirely different publisher from also publishing a book called "The C# Programming Language, fourth edition" that differs from the others.

Publishers have solved this problem by creating a globally unique identifier for each book called the International Standard Book Number, or ISBN. This is the 13-decimal-digit bar coded number you see on pretty much every book(*). How do publishers manage to get a unique number for each of the millions of books published? They divide and conquer; the digits of an ISBN each have a different meaning. Each country has been assigned a certain range of ISBN numbers that they can allocate; governments then further allocate subsets of their numbers to publishers. Publishers then decide for themselves how to assign the remaining digits to each book. The ISBNs for my three editions of the C# spec are 978-0-321-15491-6, 978-0-321-56299-9 and 978-0-321-74176-9. You'll notice that the first seven digits are exactly the same for each; they identify that this is a publishing industry code (978), that the book was published in a primarily English-speaking region (0), by Addison-Wesley (321). The next five digits are Addison-Wesley's choice, and the final digit is a checksum. If I wish to uniquely identify the fourth edition of the C# specification I need not state the ambiguous title at all; I can simply refer you to book number 978-0-321-74176-9, and everyone in the world can determine precisely which book I'm talking about.

An important and easily overlooked characteristic of the ISBN uniqueness system is that it only works if everyone who uses it is non-hostile. If a rogue publisher decides to deliberately publish books with the ISBN numbers of existing books so as to create confusion then the usefulness of the identifier is compromised because it no longer uniquely identifies a book. ISBN numbers are not a security system, and neither are GUIDs; ISBN numbers and GUIDs  prevent accidental collisions. Similarly, traffic lights only prevent accidental collisions if everyone agrees to follow the rules of traffic lights; if anyone decides to go when the light is red then collisions might no longer be avoided, and if someone is attempting to deliberately cause a collision then traffic lights cannot stop them.

The ISBN system has the nice property that you can "decode" an ISBN and learn something about the book just from its number. But it has the enormous down side that it is extraordinarily expensive to administer. There has to be international agreement on the general form of the identifier and on what the industry and language codes mean. In any given country there must be some organization (either a government body or private companies contracted by the government) to assign numbers to publishers. It can cost hundreds of dollars to obtain a unique ISBN.

GUIDs do not have this cost problem; GUIDs are free and there is no requirement that any governing body get involved to ensure their uniqueness. A GUID is a number that you can generate yourself and be guaranteed that no one else in the world will generate that same number. That seems a bit magical. How does that work? Over the next couple of episodes we'll take a look at how that magical property is achieved.

(*) The attentive reader will note that there are usually two bar codes on a book in the United States. The first one is the ISBN; the second bar code is the number 5 followed by a four digit number that is the publisher's suggested price of the book in American pennies.

  • @Random832: As always, answer to common factal questions can be found on wiki.

    The MAC address namespace is managed by IEEE.

  • "The first one is the ISBN; the second bar code is the number 5 followed by a four digit number that is the publisher's suggested price of the book in American pennies."

    Neato!  Hmm, one of the first books I checked has "00112" as the second number.  I wonder what that means.

    That would be the suggested retail price in British pence. -- Eric

  • Looking forward to "ISBN Guide, part two"

  • @Andrew Ducker:  The publisher & item number parts of an ISBN are variable length; in English speaking countries publisher + item no. always account for 8 digits, but that can be made up of a 3-digit publisher code + 5 digit item code, 6 digit publisher code + 2 digit item code, etc. The leading digits indicate what sort of range you're dealing with.

    So you can allocate a 10,000 item number range to a reasonably sized published, or a 100,000 item number range to a larger one, or just 100 items (or 10!) to small publishers. I don't know for sure, but I assume that a publisher who uses up all their numbers can have a second range allocated to them.

  • Microsoft runs into duplicate GUIDs because the think the rules do not apply to them and so they may make up GUIDs manually (in some kind of sequence). This makes them more recognizable of course but you get the risk of duplicates.

  • Me wrote "Microsoft [...] make up GUIDs manually (in some kind of sequence)."

    They don't make them up manually.  The old command-line tool uuidgen used to produce perfectly valid and sequential UUIDs if you asked it to produce more than one.  However, UUIDs are randomized now, so it no longer behaves like this.

    Years ago I read somewhere (probably MSJ) that if you were registering lots of COM objects and interfaces and so on that Windows worked more efficiently with sequential UUIDs.  Perhaps because they were more likely to be located near each other in the registry backing files.

    The problem with this is that having generated the UUIDs, you need a process to allocate them.  I guess this broke down.

  • Interesting start to the series...

  • Very interesting! Waiting for more.....

  • I think in next parts, I'm going to get answers to the questions I had since long time.

  • See also Waste-A-GUID

    (The fallacy of this site is left as an exercise to the reader)

  • Great post, looking forward to the next one!

    I just wanted to point out that GUID are not exactly free. It comes with the price of 16 Bytes each, which probably is not something to consider, but sometimes makes a difference. Using ints for key for example will be much more memory efficient (but has other big disadvantages).

    Best Regards!

  • Of course, the real difference with GUIDs even with the MAC address requirement is, it's easy to buy a MAC address, which you can then use to generate billions of billions of GUIDs without having to further answer to anyone. In principle, something like an ISBN could be made to work the same way, and that it doesn't is an artifact of how the publishing industry works.

  • Maybe you could also mention why still today so many of the GUIDs in the registry ends with -444553540000

    (eg. {25E609E4-B259-11CF-BFC7-444553540000}).

    Have patience; this is only part one! -- Eric

  • You also forgot to mention that `Guid.NewGuid` is the finest cryptographic random number generator available in .net :P

  • If you want a random record from an SQL Server table, you need to use TOP 1 and ORDER BY NEWID(). (RAND returns the same value for each record in the select.) Does this mean I generate and waste thousands of GUIDs every time? There's only a finite number of them available.

Page 2 of 3 (38 items) 123