If you are familiar with the , you may recognize the second law as dealing with entropy. In the realm of physics, entropy represents the degree of disorder in a system. Because systems tend to degrade over time, thermodynamic energy becomes less available to do mechanical work. In cryptography, has a distinct but similar meaning. laws of thermodynamics entropy In cryptography, refers to the randomness collected by a system for use in algorithms that require random data. A lack of good entropy can leave a cryptosystem vulnerable and unable to encrypt data securely. entropy Computers are Deterministic Deterministic machines do exactly what we tell them to do. Every. Single. Time. In order to coax a machine into doing something random, we have to introduce a source of random input from outside the machine. Linux Let's take a look at how the average Linux machine generates secure random numbers. Because Linux is conveniently open-source, here is a link to a file responsible for a randomness driver. By taking a look at the comments at the top of the file, we learn: random.c We must try to  gather "environmental noise" from the computer's environment, which must be hard for outside attackers to observe, and use that to generate random numbers. In a Unix environment, this is best done from inside the kernel. Sources of randomness from the environment include inter-keyboard timings, inter-interrupt timings from some interrupts, and other events which are both (a) non-deterministic and (b) hard for an outside observer to measure. When a user is clicking around or typing, those timings (along with other system timings), are used as inputs to a pool of randomness, an "entropy pool". Since these events could happen at any time, and it would be hard to predict when they will happen in advance. Again, from the comments: When random bytes are desired, they are obtained by taking the SHA hash of the contents of the "entropy pool". To sum up, random data is added to an entropy pool constantly.  This randomness is based on hard to predict events within the machine. When a user desires randomness, a is taken of the entropy pool and the result is supplied to the user. When we call any secure randomness function on a Linux machine, we are likely using this driver or one very similar to it. hash How Much Entropy? A Linux machine that has sufficient entropy in its pool will usually contain 4096 bits of randomness. This is more than enough for several secure calculations to be performed. For perspective, a very strong private key typically contains 256 bits of entropy. If you want to see how much your Linux machine currently has available, you can use the following command: cat /proc/sys/kernel/random/entropy_avail If you have any comments or questions, reach out to me on ! twitter Thanks For Reading Lane on Twitter: @wagslane Lane on Dev.to: wagslane Subscribe to Qvault: https://qvault.io

Twitter

Three Reasons Why Open Source Cryptography Is More Secure

Could Banning Cryptography Keep the Country Safe?

Learn to code on Boot.dev

Nominated for 2022 - HackerNoon Contributor of the Year - Algorithms

Nominated for 2022 - HackerNoon Contributor of the Year - Mathematics

Nominated for 2022 - HackerNoon Contributor of the Year - Cryptography

Nominated for Coding Guru of 2022

Nominated for 2022 - HackerNoon Contributor of the Year - Github

Nominated for 2022 - HackerNoon Contributor of the Year - Online Education

Nominated for 2022 - HackerNoon Contributor of the Year - Job Hunting

Nominated for Super Career Strategist of 2022

Too Long; Didn't Read

WTF is Entropy In Cryptography?

WTF is Entropy In Cryptography?

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

Untitled Story

A Complete Overview of Cryptography

$1B Capitalization: Meme Token Launch Strategy Under the Microscope

(1/100) Crypto Countdown: Golem

06/09/2018: Biggest Stories in the Cryptosphere

07/09/2018: Biggest Stories in the Cryptosphere

A Complete Overview of Cryptography

$1B Capitalization: Meme Token Launch Strategy Under the Microscope

(1/100) Crypto Countdown: Golem

06/09/2018: Biggest Stories in the Cryptosphere

07/09/2018: Biggest Stories in the Cryptosphere

Light-Mode

Classic

Newspaper

Dark-Mode

Neon Noir

Minty

HN StartUps