UUID Generator

UUID Decoder and Analyzer

Decode, analyze, and visualize any UUID to understand its internal structure and properties

Decode a UUID

Understanding UUID Structure and Versions

Anatomy of a UUID

Time Low
550e8400
Time Mid
e29b
Time High + Version
41d4
Clock Seq + Variant
a716
Node
446655440000
0────────31 32─47 48─63 64─79 80───────────127

UUIDs are 128-bit identifiers divided into five specific components, each serving a distinct purpose depending on the UUID version. The example above shows the standard 8-4-4-4-12 representation format.

UUID Version 1 (Time-based)

  • Structure: Contains timestamp and MAC address
  • Generation Process: Combines current timestamp (measured in 100-nanosecond intervals since October 15, 1582) with the network card MAC address
  • Advantages: Sequential, sortable by generation time
  • Privacy Concerns: Reveals MAC address and timestamp
  • Best for: Logging systems, audit trails, and time-ordered events

UUID Version 4 (Random)

  • Structure: Primarily random bits except for version and variant markers
  • Generation Process: Filled with cryptographically strong random numbers
  • Advantages: Highest uniqueness guarantee, no system-identifiable information
  • Privacy Concerns: None, contains no identifying information
  • Best for: General-purpose identifiers, security-sensitive applications

UUID Version 3 (MD5 Name-based)

  • Structure: Derived from namespace and name using MD5 hash
  • Generation Process: Hashes a namespace UUID and a name string with MD5
  • Advantages: Deterministic - same input always yields same UUID
  • Security Note: MD5 is not cryptographically secure
  • Best for: Legacy systems requiring stable identifiers from names

UUID Version 5 (SHA-1 Name-based)

  • Structure: Derived from namespace and name using SHA-1 hash
  • Generation Process: Hashes a namespace UUID and a name string with SHA-1
  • Advantages: Deterministic like v3, but with stronger hash algorithm
  • Security Note: Stronger than v3, but still deterministic
  • Best for: Content-addressing systems, URL shorteners, deterministic IDs

Technical Implementation Details

UUID Variant Fields

The variant field in a UUID defines the layout of the bits. Four variants are defined by RFC 4122:

Variant Bits Description
0xx Reserved for NCS backward compatibility
10x RFC 4122 variant (most common)
110 Reserved for Microsoft legacy GUIDs
111 Reserved for future definition

The variant field is stored in the highest bits of the clock sequence field (8th octet).

UUID Binary Structure

At the binary level, UUIDs are composed of 16 bytes (128 bits) with specific bit positions:

  • Version: Bits 48-51 (4 bits)
  • Variant: Bits 64-65 (2-3 bits)
  • Time fields (v1): Bits 0-47 and 60-63
  • Clock sequence (v1): Bits 66-79
  • Node (v1): Bits 80-127

When formatted as text, UUIDs are typically represented as 32 hexadecimal digits with hyphens: 8-4-4-4-12.

Practical Applications and Implementation

UUID Implementation Across Languages

Python

import uuid

# Generate UUID v4 (random)
random_uuid = uuid.uuid4()
print(random_uuid)

# Generate UUID v1 (time-based)
time_uuid = uuid.uuid1()
print(time_uuid)

# Generate UUID v5 (name-based SHA-1)
namespace = uuid.NAMESPACE_URL
name = "https://example.com"
name_uuid = uuid.uuid5(namespace, name)
print(name_uuid)

# Parse an existing UUID
parsed_uuid = uuid.UUID("550e8400-e29b-41d4-a716-446655440000")
print(f"Version: {parsed_uuid.version}")
print(f"Variant: {parsed_uuid.variant}")

JavaScript

// Using the crypto API (modern browsers)
function uuidv4() {
  return ([1e7]+-1e3+-4e3+-8e3+-1e11).replace(/[018]/g, c =>
    (c ^ crypto.getRandomValues(new Uint8Array(1))[0] & 15 >> c / 4).toString(16)
  );
}

console.log(uuidv4());

// Using a library like uuid
// npm install uuid
const { v1, v4, v5, validate, parse } = require('uuid');

const uuidV4 = v4();
const uuidV1 = v1();
const uuidV5 = v5('https://example.com', v5.URL);

console.log(uuidV4);
console.log(uuidV1);
console.log(uuidV5);

// Validating and parsing
const isValid = validate('550e8400-e29b-41d4-a716-446655440000');
const parsed = parse('550e8400-e29b-41d4-a716-446655440000');

Security and Privacy Considerations

UUID v1 Privacy Risks

UUID v1 contains the MAC address of the generating machine and a timestamp, which can expose system information and timing details. In privacy-sensitive applications, v4 (random) UUIDs are recommended.

Predictability Concerns

For security-sensitive identifiers like session tokens or reset passwords, using predictable UUIDs (v3/v5) can create vulnerabilities. Always use v4 for security contexts requiring unpredictability.

Collision Probability

The probability of a v4 UUID collision is extremely low (1 in 2^122), making it virtually impossible in practice. For comparison, you would need to generate 2.71 quintillion UUIDs to reach a 50% probability of a single collision.

Database Performance

Random UUIDs (v4) can cause database performance issues when used as primary keys in indexed columns due to their non-sequential nature. Consider UUID v1 or database-optimized formats for high-performance requirements.