What would you like to read about?

  1. Homepage
  2. Posts
  3. Your Crypto Wouldn't Be Secure Without Entropy

Your Crypto Wouldn't Be Secure Without Entropy

September 16th, 2021

Entropy on its own is an important law of thermodynamics and is a deep topic that involves... thermodynamics.

What makes entropy interesting to us is the fact that entropy is vital to cryptography and cryptocurrency.

Cryptocurrency wouldn’t be secure without entropy.

What is Entropy?

"We both know entropy can't be reversed. You can't turn smoke and ash back into a tree." - Isaac Asimov’s The Last Question

Entropy is a law of thermodynamics that is often defined as “a measure of disorder” or randomness.

A more easily understandable definition might be that it’s a “measure of how spread out energy is.”

On a large scale, energy is always spreading, and there’s nothing stopping it.

To heat up a pot of water, you might use a stove. The act of using the stove’s gas or electricity to heat up that water is taking energy from the initial source and spreading it to another source - in this case, the energy is taken from the electricity or gas and is transferred to the pot, which is then transferred to the water. After the water is hot and the electricity or gas is no longer being used, the heat from the water turns some of that water into steam, which shifts energy from the pot of water into the air. If that pot of water sat still for days, water might naturally evaporate as well - thus continuing the spread of energy.

That’s a lot of energy being spread around, and that energy can never be contained or put back together completely in its original state.

That constant spread is the increase of entropy.


Explaining Entropy Further

There are levels of entropy; some things have higher entropy and some things have lower entropy. What defines the level of entropy is the range of how random or disordered something can end up being.

The pot of water example works well to explain what entropy is, but doesn’t do the best job of explaining different levels of entropy. Let’s instead use a piece of string:

If you took a short piece of string, put it in your pocket, and walked around, and then pulled that string out of your pocket later, the string would likely be exactly the same as it was before - just an unremarkable piece of string.

However, if you had a pair of headphones that were neatly laid out and untangled, put those into your pocket, and walked around, there’s an extremely high chance that those headphones would be tangled up when you pulled them out of your pocket later.

The difference in likelihood of a single piece of string and a pair of headphones becoming tangled is comparable to how we think of levels of entropy; in this sense, the string has low entropy because it’s not going to end up disordered, and the headphones have high entropy because it’s definitely going to end up disordered.

Of course, the single piece of string still does have some entropy in reality, because energy is slowly shifting around even if the string looks the same. Over a period of days, weeks, and years, that piece of string will decay and the energy will become disordered all the same -- it just has lower entropy (or chance for chaos/randomness/disorder) than the headphones.


Entropy is unstoppable and irreversible because every spread/transfer/exchange of energy results in some energy (however small of an amount it may be) being transferred/dissipated into our surroundings.

Eventually, all the energy in the universe will be dissipated into itself and all energy will reach a thermodynamic equilibrium. This is what’s referred to as the heat death of the universe, because all energy is equal, therefore no energy can be transferred anymore.

But don’t worry - that won’t happen for a while.

The “heat death” of the universe doesn’t actually refer to a specific temperature, but it sounds provocative. Another, less popular term for this thermodynamic equilibrium is the “Big Freeze.”

What is Entropy in Cryptocurrency

When you create a new cryptocurrency wallet, you’re harnessing entropy to create the private key.

Private key creation uses such a high level of entropy (randomness) that’s SO random and disordered that, for all intents and purposes, it’s impossible to see the same combination twice.

It’s similar to a deck of cards. A deck has 52 cards, which means that each time you shuffle a deck, each of those 52 cards is likely to be in a different position, and that deck is likely to end up in a combination that’s extremely unlikely to ever be seen again. In fact, the amount of possible combinations of one deck of cards is 8.06e+67, which translates to about 80,658,175,170,943,878,571,660,636,856,403,766,975,289,505,440,883,277,824,000,000,000,000. This also translates to 225.58 bits of entropy.

It’s similar in cryptocurrency. Many wallets are created with Secret Recovery Phrases (also known as seed phrases, mnemonic phrases, etc.) that are made up of 12 or 24 words.

These 12 (or 24) words are randomly plucked out from a pool of 2048 possible words and are then put through mechanisms that generate an infinite amount of keypairs (public keys and private keys) that you can use as wallets.

But what makes these 12 words secure? Two things: It’s the randomness of how they’re selected and the mechanism that uses this random selection as a seed.

Using 12 random words means using 128 bits of entropy. That’s less entropy than a deck of cards but it’s still quite enough because, with our current technology, it would take millions of millions of years to crack it by brute force. Of course, if we make a few breakthroughs in quantum technology and create quantum computers, it’ll be a lot sooner… but that’s a ways away.


Are 24-word phrases more secure than 12?

Marginally, and not enough to really make it worth it. In fact, there are some downsides that make it unfavorable.

Using 24 words means using 256 bits of entropy. Sounds super secure, right? Right, but it’s unnecessary. The mechanisms that take the words and turn them into actual keypairs don’t utilize more than 128 bits, therefore anything extra is unused and unnecessary.

Using a 24-word phrase may actually be detrimental to your security; when you have to store twice as many words securely, you’re introducing a lot of unnecessary risk: risk of memorizing the words improperly, risk of writing them down improperly, risk of storing them improperly.

12 words are enough!

In Randomness, We Trust

Cryptocurrency is touted as a trustless environment. For the most part, it is trustless; you don’t have to trust decentralized projects with open-source code and you don’t have to trust the blockchain because it’s all right there for you to see and verify yourself.

It can feel a little bit backwards then to realize that at the highest level of all of this, cryptography is informed by entropy, and entropy is completely random. We’re trusting that this entropy is random enough that the cryptography will remain secure forever.

In reality, entropy and cryptography are marvelous mechanisms that should be trusted for a reason, but this is a healthy reminder that nothing is truly, truly trustless, and there’s not much we can do about it.

We’re all trusting it together.



Talk To Us & Share Your Thoughts

MyCrypto is an open-source tool that allows you to manage your Ethereum accounts privately and securely. Developed by and for the community since 2015, we’re focused on building awesome products that put the power in people’s hands.

© 2022 MyCrypto, Inc.


Subscribe to MyCrypto

Get updates from MyCrypto straight to your inbox!

By submitting your email, you affirmatively agree to our Privacy Policy