If I generate a UUID with something like
ID = uuid.uuid4()
I get a 128 bit string with 122 bits of entropy.
However I desire a string with more than 128 bits of entropy.
How will the entropy of the string change if I put this uuid through a hashing function.
for instance:
ID = uuid.uuid4()
ID = HASHFUNC(ID)
or even:
ID = uuid.uuid4()
Salt = someString
ID = HASHFUNC(ID+Salt)
Is it better to simply use os.urandom(32) and be done with it?
Thanks for the help
No, you can't.
Although hashing a string with 2122 possible values will give you a 128-bit result, there are still only 2122 possible outcomes, so your hashed UUIDs still only carry 122 bits of information each.
Either use os.urandom(16) (since 16 bytes is sufficient for 128 bits of entropy), or the secrets module (if you're using Python 3.6).