Entropy (Cryptographic)

Cryptographic entropy quantifies how unpredictable data is. High entropy means an attacker cannot predict or guess values—essential for any security-critical random generation.

Why it matters

• Low-entropy secrets can be cracked through brute force or dictionary attacks in seconds.
• Weak random number generators have caused catastrophic vulnerabilities (Debian OpenSSL bug, PlayStation 3 ECDSA).
• Entropy starvation can stall systems waiting for randomness, causing denial of service.
• Understanding entropy helps you evaluate password policies and key generation practices.

Key concepts

• Bits of entropy: A 128-bit entropy value has 2^128 possible combinations—computationally infeasible to brute force.
• CSPRNG (Cryptographically Secure Pseudorandom Number Generator): Algorithm that produces high-entropy output from a seed.
• Entropy pool: Operating system's collection of environmental randomness (timing, interrupts, hardware events).
• Shannon entropy: Mathematical measure of information content, calculated from probability distributions.

Sources of entropy

• Hardware RNG: Dedicated chips using thermal noise or quantum effects (Intel RDRAND, TPM).
• Operating system: /dev/urandom (Linux), CryptGenRandom (Windows), SecRandomCopyBytes (macOS).
• Environmental noise: Mouse movements, keyboard timing, disk seek times, network packet timing.

Practical applications

• Password generation: A 20-character password from 94 printable ASCII characters provides ~131 bits of entropy.
• Session tokens: Should have at least 128 bits of entropy to prevent guessing.
• Cryptographic keys: AES-256 requires 256 bits of entropy for full security.
• Salt values: Need sufficient entropy to prevent rainbow table attacks.

Common mistakes

• Using Math.random() or similar non-cryptographic PRNGs for security purposes.
• Seeding random generators with predictable values like timestamps.
• Reusing random values across multiple operations.
• Not validating that entropy sources are functioning correctly.