According to Daniel Pitts <newsgroup.spamfilter@virtualinfinity.net>:
No, Hashes are never guaranteed to be unique, but the good ones have a
"very low" chance of collision.
If you need absolutely unique, hash is the wrong way to go.
Arguably, if you need absolutely unique, using a computer is also the
wrong way to go. Any given computer has a (usually small) probability of
getting a result wrong, if only by interaction with a freak high-energy
particle aimlessly wandering the Universe and accidentally flipping a
bit in RAM or in a CPU register. The probability of such an occurrence
is low, but who can claim that he never saw a computer crash ?
Any computational process which gives you "unique" numbers with a risk
of collision much lower than the probability that the computer just goes
kaboom or replaces a 1 with a 0 in the data should be considered good
enough.
It so happens that using a proper hash function (i.e. one which
is believed to be cryptographically strong and with a sufficiently large
output -- 256 bits ought to be enough for several decades of
technological advances) provides a low enough collision probability.
I.e., use:
java.security.MessageDigest.getInstance("SHA-256")