pgcrypto.gen_random_uuid() or uuid-ossp.uuid_generate_v4()?

Started by Thiemo Kellnerabout 8 years ago5 messagesgeneral

thiemo@gelassene-pferde.biz

about 8 years ago

Hi all

I consider using uuid as primary key type. The documentation of
uuid-ossp states
(https://www.postgresql.org/docs/10/static/uuid-ossp.html#idm46428633607040)
makes a note to consider the pgcrypto function instead but not why.
Can somebody shed some light on that matter?

Kind regards

Thiemo

--
Öffentlicher PGP-Schlüssel:
http://pgp.mit.edu/pks/lookup?op=get&search=0x8F70EFD2D972CBEF

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

Adam Brusselback

adambrusselback@gmail.com

about 8 years ago

In reply to: Thiemo Kellner (#1)

Re: pgcrypto.gen_random_uuid() or uuid-ossp.uuid_generate_v4()?

In my testing, gen_random_uuid() is quite a bit faster than uuid_generate_v4().

Thiemo Kellner, NHC Barhufpflege

thiemo.kellner@gelassene-pferde.biz

about 8 years ago

In reply to: Adam Brusselback (#2)

Re: pgcrypto.gen_random_uuid() or uuid-ossp.uuid_generate_v4()?

In my testing, gen_random_uuid() is quite a bit faster than
uuid_generate_v4().

Thx for sharing your experience.

--
Öffentlicher PGP-Schlüssel:
http://pgp.mit.edu/pks/lookup?op=get&search=0x8F70EFD2D972CBEF

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

tgl@sss.pgh.pa.us

about 8 years ago

In reply to: Thiemo Kellner (#1)

Re: pgcrypto.gen_random_uuid() or uuid-ossp.uuid_generate_v4()?

Thiemo Kellner <thiemo@gelassene-pferde.biz> writes:

I consider using uuid as primary key type. The documentation of
uuid-ossp states
(https://www.postgresql.org/docs/10/static/uuid-ossp.html#idm46428633607040)
makes a note to consider the pgcrypto function instead but not why.
Can somebody shed some light on that matter?

I believe the point of the recommendation is that if you only need type-4
UUIDs, you can get that from pgcrypto without needing the external
dependency of the OSSP UUID library. This is a bit less urgent than when
that text was written, because now we also support building that contrib
module against some other implementations; but there are still going to
be systems on which installing uuid-ossp is inconvenient.

There may also be a belief that pgcrypto's result is more
cryptographically secure, though I wouldn't swear to that.

regards, tom lane

Thiemo Kellner, NHC Barhufpflege

thiemo.kellner@gelassene-pferde.biz

about 8 years ago

In reply to: Tom Lane (#4)

Re: pgcrypto.gen_random_uuid() or uuid-ossp.uuid_generate_v4()?

Zitat von Tom Lane <tgl@sss.pgh.pa.us>:

I believe the point of the recommendation is that if you only need type-4
UUIDs, you can get that from pgcrypto without needing the external
dependency of the OSSP UUID library. This is a bit less urgent than when
that text was written, because now we also support building that contrib
module against some other implementations; but there are still going to
be systems on which installing uuid-ossp is inconvenient.

There may also be a belief that pgcrypto's result is more
cryptographically secure, though I wouldn't swear to that.

Thanks for the light :-)

Kind regards Thiemo

--
Öffentlicher PGP-Schlüssel:
http://pgp.mit.edu/pks/lookup?op=get&search=0x8F70EFD2D972CBEF

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.