Closed prasad-1210 closed 4 years ago
CUID uses cryptographically secure random number generation when it's available, but falls back on Math.random()
when it's not. The former is likely to compare favorably with /dev/urandom
. Math.random()
is not a CSRNG, but cuid is still very unlikely to collide due to the fact that it combines the random number with the current system time in ms and a pseudo-unique host fingerprint.
Is CUID proven to be more collision resistant than /dev/(u)random that is part of *nix operating systems?