- TL;DR (concentrated takeaways)
- Entropy is applied in many fields of study
- What is entropy, and why does it matter?
- Your unique seed phrase is used to generate your digital wallet
- Your seed phrase must have high entropy!
- How can you produce random numbers with high entropy?
- Vault12 Digital Vault can generate high-entropy seed phrases
Basics of Crypto Security
What is Entropy?
Entropy keeps your digital assets safe.
January 22 2024
TL;DR (concentrated takeaways)
Digital assets are just one of many classes of things that rely on entropy to achieve randomness.
Entropy is a measure of how unpredictable a complex system is: more entropy yields greater uniqueness and unpredictability.
For high security, significant entropy must be used to generate your digital wallet seed phrase.
Numbers with high entropy can be generated either by computers or manually.
Vault12 can produce high-quality, high-entropy seed phrases for you.
Entropy is applied in many fields of study
Entropy is important to cryptography generally, and to digital assets specifically. In this article, we will briefly explain why. But did you know that entropy is also used in many other scientific realms?
In the 1940s, Bell Labs scientist Claude Shannon studied entropy in losses of information in telecommunication signals to produce groundbreaking advances in applying randomness to encrypt information. Since that time, entropy has been analyzed to better understand physics (e.g., the second principle of thermodynamics), biology (e.g., DNA sequences), climate change, and countless other areas of scientific analysis. Although the methods of measurement and application vary, each of these areas has produced ways to better predict, harness, or productively control phenomena that have appeared to be random.
Partly due to these advances in applying entropy, cryptography is more reliable and useful.
What is entropy, and why does it matter?
Let's take a closer look at what entropy is.
Entropy is a measure of the disorganization and unpredictability of a complex system. The more entropy something has, the less predictable it is ... in other words, the less guessable it is. You can think of entropy as randomness (although true randomness is very rare, so in practice, we often settle for as close to random as we can get: pseudo-randomness, as we explain in the article "What is a Random Number Generator?" ).
Entropy becomes important to crypto wallets because it is the unguessability of your private encryption keys that keeps your crypto wallet secure. Your private keys must be both secret and unguessable. You might do a great job of keeping your encryption keys secret, but if someone can just guess it, all of that secret-keeping would be for naught. Conversely, if your encryption keys are not guessable, but you allow them to be stolen, then they would be compromised, and your digital assets stolen.
Let's take a moment to consider how randomness leads to entropy, which is relied upon by your crypto wallet.
Your unique seed phrase is used to generate your digital wallet
Think back to when you created your first crypto wallet. As you set up your wallet, you chose or accepted a seed phrase, and then your wallet used it to manage your digital asset transactions as you happily bought and sold crypto and NFTs.
Transparently to you, in that setup process, your wallet relied on the BIP-39 standard to transform your seed phrase into encryption keys and blockchain addresses. (We offer another article that explains more about how that BIP-39 wallet generation process works.)
Because your seed phrase was used to generate your private and public encryption keys, you can also restore your crypto wallet from your backup copy of your seed phrase using any other BIP-39-compatible wallet. Or you could install your crypto wallet on more than one of your own devices. This is a great convenience!
However, if a bad actor were to guess your randomly-selected seed phrase, they could restore your crypto wallet using any other BIP-39-compatible wallet. Obviously, this would be bad!
Your seed phrase must have high entropy!
You can see how important it is that the words that you choose for your seed phrase - or which are chosen for you by a seed phrase generator - are random. This also explains why you can not just pick and choose your favorite words from the BIP-39 word list as your seed phrase: you would not be able to achieve true randomness in your word selections, and as a result, your seed phrase would be more likely to be guessed through brute-force attacks.
In other words, if you did not incorporate a good source of randomness in your seed phrase selection, your result would have a lower level of entropy than if you randomly selected them. The more random the inputs, and the more of them, the more entropy in the output, and the more unique (and secure!) the output will be.
At a certain level, sufficient entropy in seed phrases protects them from being guessed by even the fastest computers imaginable. This is why a 12-word, randomly-selected seed phrase, which has 128 bits of entropy, is all that is considered necessary to protect your crypto. After achieving this level, additional bits of entropy would not add significant security against brute-force guessing attacks.
How can you produce random numbers with high entropy?
Random numbers can be sampled from highly-variable natural events like radioactive decay, heat changes, or noise levels. Clearly, this requires sensitive instruments.
Modern computers do a much better job of choosing random numbers than in decades past. After years of learning from incorrect assumptions and buggy implementations, developers now leverage software and hardware random number generators that incorporate unpredictable realtime environmental inputs to derive reliably-unpredictable numbers. These random numbers can be strung together into sets that, as they get longer, contain more and more bits of entropy.
Many crypto wallets offer to generate seed phrases for users, and these are generally considered effective and secure.
Some people will never trust a computer to choose random numbers for them, and they may turn to using techniques like rolling dice to generate highly-random numbers to select their seed phrase words, as explained in the article "Generate a Seed Phrase Using Dice". This type of offline seed selection technique is especially recommended for high-value wallets.
Vault12 Digital Vault can generate high-entropy seed phrases
Among the many convenient and high-security features offered by the Vault12 Digital Vault, it can generate a high-entropy seed phrase for you. Read more about how it works in the article "How to Generate a Seed Phrase with Vault12." Give it a try!
Vault12 Crypto Security
Social Recovery Vault for Digital Asset Security + Digital Inheritance for protecting the future of money.
Art is a crypto-security expert and researcher with serial entrepreneurship background. Having a degree in physics and experiences in multiple cutting-edge industries like fintech, secure hardware and semiconductors, and identity gave him a unique multi-faceted perspective on the problem of key management for individuals in the crypto networks and the evolution of the internet in general.
In his current work, he is specifically researching how cryptographic keys can be inherited without posing a threat to 3rd parties in edge cases. In addition, he advocates for "fault-tolerance via secrets automation". He discusses the quantitative impact of user experience factors on the uptake of non-custodial solutions.
As one of his most notable accomplishments, he co-founded and led through the early years of the company that contributed to the complex technology behind Apple's recent M-series CPUs. He is also the creator of the most friendly and aesthetically pleasing, but nonetheless super secure and fault-tolerant hardware wallet - U•HODL.
Backup and Inheritance for BitcoinVault12 Guard Explainer