I want to know if my barcode sequence method is sufficiently random and secure. I am currently using a barcode format as follows:
{base36 encoded sequential id}-{4 random numeric characters}
ex.:
2v05-9187
2v06-3607
2v07-1810
I want to switch to all numeric to allow easier keypad entry in the event of unreadable ticket:
34508-4821
34509-9615
It's pretty obvious what's going on here to hackers but it's reasonably secure(?)
I've looked into one-way hash likecrc32 but it produces variable length, longer numbers
echo hexdec(crc32("1000-secret"));
echo '<br>';
echo hexdec(crc32("1001-secret"));
//output:
1076135781
225104646983
If you just want 4 random numbers your approach will work, just take the first four from your output:
echo substr(hexdec(crc32("1001-secret")), 0, 4);
With only four numbers you're going to be between 0000-9999, which is 10,000 different options. If this is enough randomity for you you're all set.