Term

entropy

An information-theoretic measure (usually stated as a number of bits) of the amount of uncertainty that an attacker faces to determine the value of a secret. [SP63] (See: strength.)

Senses

1 (I)

An information-theoretic measure (usually stated as a number of bits) of the amount of uncertainty that an attacker faces to determine the value of a secret. [SP63] (See: strength.)

Example: If a password is said to contain at least 20 bits of entropy, that means that it must be as hard to find the password as to guess a 20-bit random number.

References

IETF RFC 4949 (Internet Security Glossary)Jan 06, 2026
RFC 4949 — Internet Security Glossary (Version 2)
https://www.rfc-editor.org/rfc/rfc4949.txt
RFC 4949 is published by the IETF Trust and marked as "Distribution of this memo is unlimited". Verify IETF Trust copyright/licensing terms for reuse.
Source: IETF RFC 4949 (rfc-editor.org).

2 (I)

An information-theoretic measure (usually stated as a number of bits) of the amount of information in a message; i.e., the minimum number of bits needed to encode all possible meanings of that message. [Schn] (See: uncertainty.)

References

IETF RFC 4949 (Internet Security Glossary)Jan 06, 2026
RFC 4949 — Internet Security Glossary (Version 2)
https://www.rfc-editor.org/rfc/rfc4949.txt
RFC 4949 is published by the IETF Trust and marked as "Distribution of this memo is unlimited". Verify IETF Trust copyright/licensing terms for reuse.
Source: IETF RFC 4949 (rfc-editor.org).