You could still use hashing. Just truncate to the number of digits you need, something like this:
substring(
xdmp:integer-to-hex(xdmp:hash64($input)),
1, string-length($input))
As long as the hashing function is good, that should work just fine. If you need to handle long strings, pad the hash out multiple times and then truncate. If you need any kind of security you should throw a private key into the mix, and swap out xdmp:hash64
for xdmp:hmac-sha512
. That might be a good idea anyway, since SHA-2 512 has well-known characteristics.
substring(
xdmp:hmac-sha512($key, $input, 'base64'),
1, string-length($input))
Hash collisions are possible, but unlikely.