Glossary

Entropy

cryptographic entropyrandomness uncertainty

Entropy measures uncertainty in a value and limits how difficult it is for an attacker to guess cryptographic secrets.

Definition

Entropy quantifies uncertainty in a random variable, commonly expressed in bits. A uniformly random 128-bit key has 128 bits of entropy; a 128-character value chosen by a predictable process may have far less. Entropy describes the generation process, not how random one sample looks.

Sources and generators

Operating systems collect uncertainty from hardware and events, then seed a cryptographically secure pseudorandom number generator. The generator can expand a small high-quality seed into many unpredictable values, but cannot create security from a compromised or guessable seed.

Keys and passwords

Key strength cannot exceed the entropy used to generate the key. Human passwords usually have much less entropy than random keys, so password hashing deliberately slows guesses but does not add missing uncertainty. Statistical tests alone cannot prove cryptographic unpredictability.

Frequently asked questions

No. Length sets the possible representation space; entropy measures how unpredictably the value was selected.

Deterministic software expands a seed but does not create new physical uncertainty. It relies on operating-system or hardware entropy sources.

It depends on the threat model and algorithm. Modern random keys commonly target at least 128 bits of effective security.

See also