ID of Syncthing

Long · August 1, 2020, 9:26am

Hi, I have a question. Is there any chance that the ID of a device can be duplicated with another device, I dont’t know how the ID was created in Syncthing, please explain it. Thanks.

imsodin · August 1, 2020, 9:31am

They can’t (well mustn’t) be duplicated (that would mean two devices pretend to be one single device, breaking connections), but they can be moved. They IDs are stored in the cert.pem and key.pem files in your configuration directory. Just move them to the new device and it will get the same ID.

Long · August 1, 2020, 9:35am

Can you explain why they can’t be duplicated, what method or something guarantees that ?

imsodin · August 1, 2020, 9:38am

I already wrote what the practical implications are, however it’s already in the name: device IDentifier or Identity Document. Meaning it has to be unique, otherwise it doesn’t identify a device anymore.

Long · August 1, 2020, 9:49am

What I’m thinking is that if the ID of a device is duplicated with another device, so both devices couldn’d connect to and couldn’ be connected, is that right ?

imsodin · August 1, 2020, 10:18am

Let me repeat just for clarity: You mustn’t use the same ID on two devices.

And then: What do you actually want to achieve? I.e. what’s your use-case?

As to breaking connections: I didn’t think through exactly what would happen, that also depends on the exact setup in which you have duplicate IDs. I didn’t do it because it’s needlessly lost time to think about it in detail: It’s against the core principle of what the ID is, and that premise is used throughout the code - don’t do it.

Long · August 1, 2020, 10:41am

What I worry about is the chance there is a device that has the same ID can really happen or not, even if that is a very small chance

calmh · August 1, 2020, 10:57am

It’s a SHA256 hash. There won’t be a collision.

https://docs.syncthing.net/dev/device-ids.html

Human intuition of probabilities doesn’t work at the scales involved here.

The chance of your hash matching mine specifically¹, is 1/2²⁵⁶. That’s about 1/10⁷⁷. There are roughly 10⁸⁰ atoms in the known universe. So the odds are roughly like taking the entire known universe, throwing it as a die, and having it land on a specific atom of your choice. Good luck.

Of course, if SHA256 is cryptographically broken then all bets are off. But then so are all TLS certificates in the world, etc, so Syncthing will be the least of our worries.

1) Yes, birthday paradox etc, but it matters less if two hashes match that never meet.