1

I saw in another thread: Is using 7-8 random words from all words of a language as password a good idea?

These calculations:

If we assume that English has 171,476 words. Then with 8 words the entropy is:

$$P(171476,8) \approx 7.474 \times 10^{41} \approx 2^{140}$$

Therefore you will have lower entropy than Bip-39, again. And with 7 words:

$$P(171476,7)≈4.358×10^{36}≈2^{122}$$

I like to use this calculation method myself. I have the following related questions:

  1. What is the name of this mathematical formula called $P(x,y)$?

  2. Any online calculator available? Or even better, a formula for MS Excel or python?

  3. Is this method commonly used to calculate entropy? If not please hint me to a more widely used formula.

Maarten Bodewes
  • 88,868
  • 12
  • 146
  • 304
johnsmiththelird
  • 211
  • 1
  • 2
  • 5
  • https://crypto.stackexchange.com/q/374/18298 – kelalaka Jan 15 '20 at 14:14
  • thx! and do u know if there is ready Excel formula or python formula available? – johnsmiththelird Jan 15 '20 at 14:18
  • I did not read, however, first with google search [password entripy calculator excel](https://david.cheeseman.club/node/4) – kelalaka Jan 15 '20 at 15:34
  • Your $P$ is named _power_, with $P(x,y)=x^y$. In many languages it is called [`pow`](http://www.cplusplus.com/reference/cmath/pow/). It does not return the password entropy, but the number of distinct passwords. The password entropy in bit for uniform choice among these is the base-2 logarithm of the number of password, in other words $\log_2(x^y)=y\log_2(x)=y\log(x)/\log(2)$. In many languages $\log_2$ is called [`log2`](http://www.cplusplus.com/reference/cmath/log2/) and $\log$ is called [`log`](http://www.cplusplus.com/reference/cmath/log/) (but in others `log` could also be $\log_{10}$). – fgrieu Jan 15 '20 at 16:06
  • @fgrieu there it is Permutation. $P(n,r)$ – kelalaka Jan 15 '20 at 20:10
  • 1
    @kelalaka: Right. And, checking, the numbers are closer to your hypothesis than mine, and could have been obtained (checking the [source](https://crypto.stackexchange.com/a/76702/555): by you!) using a rounding down of the result with permutation. However the question is about 7 or 8 random words, not 7 or 8 random _distinct_ words, therefore the mathematically correct function is power, and there is no reason to invoke permutation. With the numbers at hand the difference is <0.00024 bit of entropy. – fgrieu Jan 15 '20 at 20:25
  • 1
    @fgrieu I've updated. – kelalaka Jan 15 '20 at 23:00

0 Answers0