Calculating entropy within xkcd 936: Password Strength

Clash Royale CLAN TAG#URR8PPP

up vote
1
down vote

favorite

When I calculate entropy for the xkcd Password Strength (comic 936) I don't get nearly the amount of entropy stated in the comic.

So why doesn't the the first password "Tr0ub4dor&3" have an entropy of around 50 bits? And why doesn't the passphrase sentence "correcthorsebatterystaple" represent over 100 bits of entropy?

passwords entropy

share|improve this question

edited 33 mins ago

Maarten Bodewes

48.1k567179

asked 1 hour ago

Blafasel

132

New contributor

Blafasel is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

• 
  
  
  

  
  

  
  
  
  
  
  

  
  this article might be a good place to begin
  – hunter
  1 hour ago
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  I've reformatted your question, but note that "I don't get nearly the amount" assumes that you calculate less entropy rather than more entropy. Please fix that if that isn't the case and your entropy calculation seems to overshoot. (2) Please try and format any followup question to the best of your abilities and include enough info so that it doesn't rely on external resources (even if that external resource is xkcd, which presumably will survive another 100 years or so).
  – Maarten Bodewes
  34 mins ago
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  This comic was discussed on security.stackexchange.com; in particular, this answer contains a detailed analysis of the entropy calculations.
  – Thomas Pornin
  3 mins ago
  

  
  
  
  

add a comment | 

up vote
1
down vote

favorite

When I calculate entropy for the xkcd Password Strength (comic 936) I don't get nearly the amount of entropy stated in the comic.

So why doesn't the the first password "Tr0ub4dor&3" have an entropy of around 50 bits? And why doesn't the passphrase sentence "correcthorsebatterystaple" represent over 100 bits of entropy?

passwords entropy

share|improve this question

edited 33 mins ago

Maarten Bodewes

48.1k567179

asked 1 hour ago

Blafasel

132

New contributor

Blafasel is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

• 
  
  
  

  
  

  
  
  
  
  
  

  
  this article might be a good place to begin
  – hunter
  1 hour ago
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  I've reformatted your question, but note that "I don't get nearly the amount" assumes that you calculate less entropy rather than more entropy. Please fix that if that isn't the case and your entropy calculation seems to overshoot. (2) Please try and format any followup question to the best of your abilities and include enough info so that it doesn't rely on external resources (even if that external resource is xkcd, which presumably will survive another 100 years or so).
  – Maarten Bodewes
  34 mins ago
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  This comic was discussed on security.stackexchange.com; in particular, this answer contains a detailed analysis of the entropy calculations.
  – Thomas Pornin
  3 mins ago
  

  
  
  
  

add a comment | 

up vote
1
down vote

favorite

up vote
1
down vote

favorite

When I calculate entropy for the xkcd Password Strength (comic 936) I don't get nearly the amount of entropy stated in the comic.

So why doesn't the the first password "Tr0ub4dor&3" have an entropy of around 50 bits? And why doesn't the passphrase sentence "correcthorsebatterystaple" represent over 100 bits of entropy?

passwords entropy

share|improve this question

edited 33 mins ago

Maarten Bodewes

48.1k567179

asked 1 hour ago

Blafasel

132

New contributor

Blafasel is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

When I calculate entropy for the xkcd Password Strength (comic 936) I don't get nearly the amount of entropy stated in the comic.

So why doesn't the the first password "Tr0ub4dor&3" have an entropy of around 50 bits? And why doesn't the passphrase sentence "correcthorsebatterystaple" represent over 100 bits of entropy?

passwords entropy

passwords entropy

share|improve this question

edited 33 mins ago

Maarten Bodewes

48.1k567179

asked 1 hour ago

Blafasel

132

New contributor

Blafasel is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

share|improve this question

edited 33 mins ago

Maarten Bodewes

48.1k567179

asked 1 hour ago

Blafasel

132

New contributor

Blafasel is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

share|improve this question

share|improve this question

edited 33 mins ago

Maarten Bodewes

48.1k567179

edited 33 mins ago

Maarten Bodewes

48.1k567179

edited 33 mins ago

Maarten Bodewes

48.1k567179

48.1k567179

asked 1 hour ago

Blafasel

132

New contributor

Blafasel is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

asked 1 hour ago

Blafasel

132

asked 1 hour ago

Blafasel

132

132

New contributor

Blafasel is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

New contributor

Blafasel is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

Blafasel is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

• 
  
  
  

  
  

  
  
  
  
  
  

  
  this article might be a good place to begin
  – hunter
  1 hour ago
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  I've reformatted your question, but note that "I don't get nearly the amount" assumes that you calculate less entropy rather than more entropy. Please fix that if that isn't the case and your entropy calculation seems to overshoot. (2) Please try and format any followup question to the best of your abilities and include enough info so that it doesn't rely on external resources (even if that external resource is xkcd, which presumably will survive another 100 years or so).
  – Maarten Bodewes
  34 mins ago
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  This comic was discussed on security.stackexchange.com; in particular, this answer contains a detailed analysis of the entropy calculations.
  – Thomas Pornin
  3 mins ago
  

  
  
  
  

add a comment | 

• 
  
  
  

  
  

  
  
  
  
  
  

  
  this article might be a good place to begin
  – hunter
  1 hour ago
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  I've reformatted your question, but note that "I don't get nearly the amount" assumes that you calculate less entropy rather than more entropy. Please fix that if that isn't the case and your entropy calculation seems to overshoot. (2) Please try and format any followup question to the best of your abilities and include enough info so that it doesn't rely on external resources (even if that external resource is xkcd, which presumably will survive another 100 years or so).
  – Maarten Bodewes
  34 mins ago
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  This comic was discussed on security.stackexchange.com; in particular, this answer contains a detailed analysis of the entropy calculations.
  – Thomas Pornin
  3 mins ago
  

  
  
  
  

this article might be a good place to begin
– hunter
1 hour ago

this article might be a good place to begin
– hunter
1 hour ago

I've reformatted your question, but note that "I don't get nearly the amount" assumes that you calculate less entropy rather than more entropy. Please fix that if that isn't the case and your entropy calculation seems to overshoot. (2) Please try and format any followup question to the best of your abilities and include enough info so that it doesn't rely on external resources (even if that external resource is xkcd, which presumably will survive another 100 years or so).
– Maarten Bodewes
34 mins ago

I've reformatted your question, but note that "I don't get nearly the amount" assumes that you calculate less entropy rather than more entropy. Please fix that if that isn't the case and your entropy calculation seems to overshoot. (2) Please try and format any followup question to the best of your abilities and include enough info so that it doesn't rely on external resources (even if that external resource is xkcd, which presumably will survive another 100 years or so).
– Maarten Bodewes
34 mins ago

This comic was discussed on security.stackexchange.com; in particular, this answer contains a detailed analysis of the entropy calculations.
– Thomas Pornin
3 mins ago

This comic was discussed on security.stackexchange.com; in particular, this answer contains a detailed analysis of the entropy calculations.
– Thomas Pornin
3 mins ago

add a comment | 

1 Answer
1

active

oldest

votes

up vote
3
down vote



accepted

I don't get nearly the amount of entropy stated in the comic.

Interestingly enough the reasoning for the entropy rating are actually justified in the comic by the little boxes which each represent 1 bit of uncertainty.

This means for Tr0ob4dor&3

• It's estimatated that the word itself "Troubador" comes up in dictionaries which contain about $2^16$ words


• It adds one bit for each of o,a,o of the word to encode whether the letter was replaced or not


• It adds one bit to decide whether the word was capitalized or not


• It adds one bit for the ordering of the trailing numeral and special character


• It adds 3 bits for the unknown numeral, approximating $10$ with $2^3$ instead of $2^4$ which is more accurate


• It adds 4 bits for the unknown punctuation, ie which of the approximately 16 standard ones it is

This sums up to $16+3+1+1+3+4=28$

For correct horse battery staple the reasoning is that each of the four words is drawn from a dictionary of size $2^11$ which means $4times 11=44$ bits of entropy.

In both cases it can be assumed that the attacker knows the possible choices influencing the entropy estimation and that it's actually a uniformly random decision which word / pick is done.

share|improve this answer

answered 26 mins ago

SEJPM♦

26.7k350128

• 
  
  
  

  
  

  
  
  
  
  
  

  
  perfect, thank you.
  – Blafasel
  2 mins ago
  

  
  
  
  

add a comment | 

Your Answer

StackExchange.ifUsing("editor", function ()
return StackExchange.using("mathjaxEditing", function ()
StackExchange.MarkdownEditor.creationCallbacks.add(function (editor, postfix)
StackExchange.mathjaxEditing.prepareWmdForMathJax(editor, postfix, [["$", "$"], ["\\(","\\)"]]);
);
);
, "mathjax-editing");

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "281"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: false,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);

Blafasel is a new contributor. Be nice, and check out our Code of Conduct.

 

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name Email

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f62597%2fcalculating-entropy-within-xkcd-936-password-strength%23new-answer', 'question_page');

);

Post as a guest

Name Email

1 Answer
1

active

oldest

votes

1 Answer
1

active

oldest

votes

active

oldest

votes

active

oldest

votes

up vote
3
down vote



accepted

I don't get nearly the amount of entropy stated in the comic.

Interestingly enough the reasoning for the entropy rating are actually justified in the comic by the little boxes which each represent 1 bit of uncertainty.

This means for Tr0ob4dor&3

• It's estimatated that the word itself "Troubador" comes up in dictionaries which contain about $2^16$ words


• It adds one bit for each of o,a,o of the word to encode whether the letter was replaced or not


• It adds one bit to decide whether the word was capitalized or not


• It adds one bit for the ordering of the trailing numeral and special character


• It adds 3 bits for the unknown numeral, approximating $10$ with $2^3$ instead of $2^4$ which is more accurate


• It adds 4 bits for the unknown punctuation, ie which of the approximately 16 standard ones it is

This sums up to $16+3+1+1+3+4=28$

For correct horse battery staple the reasoning is that each of the four words is drawn from a dictionary of size $2^11$ which means $4times 11=44$ bits of entropy.

In both cases it can be assumed that the attacker knows the possible choices influencing the entropy estimation and that it's actually a uniformly random decision which word / pick is done.

share|improve this answer

answered 26 mins ago

SEJPM♦

26.7k350128

• 
  
  
  

  
  

  
  
  
  
  
  

  
  perfect, thank you.
  – Blafasel
  2 mins ago
  

  
  
  
  

add a comment | 

up vote
3
down vote



accepted

I don't get nearly the amount of entropy stated in the comic.

Interestingly enough the reasoning for the entropy rating are actually justified in the comic by the little boxes which each represent 1 bit of uncertainty.

This means for Tr0ob4dor&3

• It's estimatated that the word itself "Troubador" comes up in dictionaries which contain about $2^16$ words


• It adds one bit for each of o,a,o of the word to encode whether the letter was replaced or not


• It adds one bit to decide whether the word was capitalized or not


• It adds one bit for the ordering of the trailing numeral and special character


• It adds 3 bits for the unknown numeral, approximating $10$ with $2^3$ instead of $2^4$ which is more accurate


• It adds 4 bits for the unknown punctuation, ie which of the approximately 16 standard ones it is

This sums up to $16+3+1+1+3+4=28$

For correct horse battery staple the reasoning is that each of the four words is drawn from a dictionary of size $2^11$ which means $4times 11=44$ bits of entropy.

In both cases it can be assumed that the attacker knows the possible choices influencing the entropy estimation and that it's actually a uniformly random decision which word / pick is done.

share|improve this answer

answered 26 mins ago

SEJPM♦

26.7k350128

• 
  
  
  

  
  

  
  
  
  
  
  

  
  perfect, thank you.
  – Blafasel
  2 mins ago
  

  
  
  
  

add a comment | 

up vote
3
down vote



accepted

up vote
3
down vote



accepted

I don't get nearly the amount of entropy stated in the comic.

Interestingly enough the reasoning for the entropy rating are actually justified in the comic by the little boxes which each represent 1 bit of uncertainty.

This means for Tr0ob4dor&3

• It's estimatated that the word itself "Troubador" comes up in dictionaries which contain about $2^16$ words


• It adds one bit for each of o,a,o of the word to encode whether the letter was replaced or not


• It adds one bit to decide whether the word was capitalized or not


• It adds one bit for the ordering of the trailing numeral and special character


• It adds 3 bits for the unknown numeral, approximating $10$ with $2^3$ instead of $2^4$ which is more accurate


• It adds 4 bits for the unknown punctuation, ie which of the approximately 16 standard ones it is

This sums up to $16+3+1+1+3+4=28$

For correct horse battery staple the reasoning is that each of the four words is drawn from a dictionary of size $2^11$ which means $4times 11=44$ bits of entropy.

In both cases it can be assumed that the attacker knows the possible choices influencing the entropy estimation and that it's actually a uniformly random decision which word / pick is done.

share|improve this answer

answered 26 mins ago

SEJPM♦

26.7k350128

I don't get nearly the amount of entropy stated in the comic.

Interestingly enough the reasoning for the entropy rating are actually justified in the comic by the little boxes which each represent 1 bit of uncertainty.

This means for Tr0ob4dor&3

• It's estimatated that the word itself "Troubador" comes up in dictionaries which contain about $2^16$ words


• It adds one bit for each of o,a,o of the word to encode whether the letter was replaced or not


• It adds one bit to decide whether the word was capitalized or not


• It adds one bit for the ordering of the trailing numeral and special character


• It adds 3 bits for the unknown numeral, approximating $10$ with $2^3$ instead of $2^4$ which is more accurate


• It adds 4 bits for the unknown punctuation, ie which of the approximately 16 standard ones it is

This sums up to $16+3+1+1+3+4=28$

For correct horse battery staple the reasoning is that each of the four words is drawn from a dictionary of size $2^11$ which means $4times 11=44$ bits of entropy.

In both cases it can be assumed that the attacker knows the possible choices influencing the entropy estimation and that it's actually a uniformly random decision which word / pick is done.

share|improve this answer

answered 26 mins ago

SEJPM♦

26.7k350128

share|improve this answer

share|improve this answer

answered 26 mins ago

SEJPM♦

26.7k350128

answered 26 mins ago

SEJPM♦

26.7k350128

answered 26 mins ago

SEJPM♦

26.7k350128

26.7k350128

• 
  
  
  

  
  

  
  
  
  
  
  

  
  perfect, thank you.
  – Blafasel
  2 mins ago
  

  
  
  
  

add a comment | 

• 
  
  
  

  
  

  
  
  
  
  
  

  
  perfect, thank you.
  – Blafasel
  2 mins ago
  

  
  
  
  

perfect, thank you.
– Blafasel
2 mins ago

perfect, thank you.
– Blafasel
2 mins ago

add a comment | 

Blafasel is a new contributor. Be nice, and check out our Code of Conduct.

 

draft saved

draft discarded

Blafasel is a new contributor. Be nice, and check out our Code of Conduct.

Blafasel is a new contributor. Be nice, and check out our Code of Conduct.

Blafasel is a new contributor. Be nice, and check out our Code of Conduct.

 

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name Email

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f62597%2fcalculating-entropy-within-xkcd-936-password-strength%23new-answer', 'question_page');

);

Post as a guest

Name Email

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name Email

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name Email

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name Email

Name Email

Name

Email

Name Email

Name

Email