Topic: Entropy length 53 vs. 99 (Read 1222 times)

Thank you.

Question:
If I use an entropy which is larger than 256 bit and calculate for each of this entropy the private key: Do I then get a list, which contains some multiple identical private keys?
Why do I think so? Because the private key is only a 256 bit number.

And if yes: Am I right that it is a risk, to choose an entropy which is larger than 256 bit. Because maybe an entropy which is larger than 256 bit, could calculate a private key which is identically to the private key, which would be calculated through a 20 bit entropy, if I have bad fortune.

No, almost all are, but not all. The private key range goes from 0x0 to oxFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 which still encompasses an incomprehensibly large number of private keys.

256 bit is quite a big number. It is about 1.16e+77 in decimal system. Question: Is each of this number a private key? Are there 1.16e+77 private keys? Or are only a fraction of this numbers private keys?

No, it won't. Normally the entropy feeds into a Pseudo-Random Number Generator which is then used to actually generate your private key. However, because you are using BIP 39, it is directly encoded into the BIP 39 seed which is then converted using hashes and some other mathematical operations to get your private key. The operations only go one way, entropy to private key; you cannot go from private key back to the entropy data.

Thank you. This is a good explanation.


I have an other question:

Assumed I have generated an entropy which corresponds to the following number in the decimal system:
6179021094121108745210125512201665412

Does then the private key, which was created with this entropy, also have the following number in the decimal system:
6179021094121108745210125512201665412

(?)

Contrary to popular belief, private keys are not actually strings with randomly generated characters. They are actually 256 bit integers which are encoded as a string to be human readable.

More entropy means that it is harder for an attacker to be able to guess your private key. In order to do so, they would need to replicate exactly the same conditions to get exactly the same entropy to then generate your private key. This is harder and harder to do as you add more entropy as it means more things have to go correctly for them to exactly replicate the entropy that you got.

For example, in order to get your first private key with the 53 length entropy string, they would need to either guess correctly all 53 characters or roll a dice 53 times and get exactly what you got in order to get your private key. However, with 99 character entropy string, they would need to guess correctly all 99 characters or roll a dice 99 times and get exactly what you got to get your private key. It is much harder to do with the larger entropy than with the smaller, so that is more secure.

@achow101

Thank you for your answer.

But I do not understand, why it should be less easy to guess the private key when it is more random.

Why should a private key of
-"KzbeMzmeT5rYfA1rBQn3KyEz9Qpxpo9i7G9FSaFxvUwbWjfRFG6D" less easier to guess, as for example
-"KzKeKzmKTKrYfm1rKKnKKyKz9KmKpoKm7G9FSKFxvmKKKjfRFKKm" which includes 19 times "K" and  6 times "m"?

Isn't the probability of both private keys the same. (?)

The length of your public and private keys will be the same regardless of how much entropy you have because that is simply the way that ECDSA works. What entropy effects is how random your private key is; more entropy (longer entropy string) means that your private key is more random and less likely to be easily guessed.

The reason the entropy requirement goes up is because of the number of words for BIP 39 that you are using. The mnemonic encodes the entropy, so more words means that you need more entropy, and thus a larger entropy string.

What I wanted to do:
I wanted to generate a private key and an public Adress by dicing with a cube (by hand).

So I found this site: https://bip32jp.github.io/english/
There is a field "Input Your own Entropy". In this field I entered the result of my dicing with the cube: So I typed in there:
"05341254025432525532221405053254102350515215014014231"

So I was able to find my private key in "Private Key (WIF)". It is "KzbeMzmeT5rYfA1rBQn3KyEz9Qpxpo9i7G9FSaFxvUwbWjfRFG6D".

So I imported this private key into my online-Wallet. And yes my online Wallet says that my public adress ist "17PiZaNS9C2xT9tZqqKsNAeaFHBkGXBeW", which is exactly the same as the adress given to the site ttps://bip32jp.github.io/english/


Conclusion: As this worked as expected, it seems that I have understand the process right.

But I have a question:
The length of my entropy in the example above was 53. When I change on the site in the field "BIP39 passphrase" from 12 words to 24 words and I try to "generate New phrase", there is a message: "entropy incorrect". Yes, I understand, that if I now type in an entropy with a length of 99 it works. But I do not understand the difference between the length of 53 and 99. With a length of 53 I get a public adress with 33 characters and a private key with 52 characters. With the length of 99 I get also a public adress with 33 characters and a private key with 52 characters. So what is the advantage of choosing 99 instead of 53?

Would appreciate your explanations for a beginner.