Cryptographic nonce

Cryptographic nonce
Typical client-server communication during a nonce-based authentication process including both a server nonce and a client nonce.

In security engineering, nonce is an arbitrary number used only once to sign a cryptographic communication. It is similar in spirit to a nonce word, hence the name. It is often a random or pseudo-random number issued in an authentication protocol to ensure that old communications cannot be reused in replay attacks. For instance, nonces are used in HTTP digest access authentication to calculate an MD5 digest of the password. The nonces are different each time the 401 authentication challenge response code is presented, thus making replay attacks virtually impossible. It is basically a cryptographic cookie.

A nonce may be used to ensure security for a stream cipher. Where the same key is used for more than one message then a different nonce is used to ensure that the keystream is different for different messages encrypted with that key. Often the message number is used.

Some also refer to initialization vectors as nonces for the above reasons. To ensure that a nonce is used only once, it should be time-variant (including a suitably fine-grained timestamp in its value), or generated with enough random bits to ensure a probabilistically insignificant chance of repeating a previously generated value. Some authors define pseudorandomness (or unpredictability) as a requirement for a nonce.[1]

See also


  1. ^ Nonce-Based Symmetric Encryption

External links

Wikimedia Foundation. 2010.

Look at other dictionaries:

  • Nonce — may refer to: Nonce, time being: the present occasion; for the nonce Nonce word, a word used to meet a need that is not expected to recur Cryptographic nonce, a number or bit string used only once, in security engineering The Nonce, American rap… …   Wikipedia

  • Cryptographic engineering — is the discipline of using cryptography to solve human problems. Cryptography is typically applied when trying to ensure data confidentiality, to authenticate people or devices, or to verify data integrity in risky environments. Cryptographic… …   Wikipedia

  • Cryptographic hash function — A cryptographic hash function (specifically, SHA 1) at work. Note that even small changes in the source input (here in the word over ) drastically change the resulting output, by the so called avalanche effect. A cryptographic hash function is a… …   Wikipedia

  • Challenge-response authentication — For the spam filtering technique, see Challenge response spam filtering. For other uses, see CRAM (disambiguation). In computer security, challenge response authentication is a family of protocols in which one party presents a question (… …   Wikipedia

  • Salt (cryptography) — In cryptography, a salt consists of random bits, creating one of the inputs to a one way function. The other input is usually a password or passphrase. The output of the one way function can be stored rather than the password, and still be used… …   Wikipedia

  • Initialization vector — In cryptography, an initialization vector (IV) is a block of bits that is required to allow a stream cipher or a block cipher to be executed in any of several streaming modes of operation to produce a unique stream independent from other streams… …   Wikipedia

  • Криптографически стойкий генератор псевдослучайных чисел — (англ. Cryptographically secure pseudorandom number generator, CSPRNG)  это генератор псевдослучайных чисел с определенными свойствами, позволяющими использовать его в криптографии. Многие прикладные задачи криптографии требуют случайных… …   Википедия

  • Phelix — – высокоскоростной поточный шифр, использующий одноразовый код аутентичности сообщения. Шифр был представлен на конкурсе eSTREAM в 2004 году. Авторами являются Брюс Шнайер, Дуг Уитинг, Стефан Люкс и Фредерик Мюллер. Агоритм содержит операции… …   Википедия

  • DNS cache poisoning — is a security or data integrity compromise in the Domain Name System (DNS). The compromise occurs when data is introduced into a DNS name server s cache database that did not originate from authoritative DNS sources. It may be a deliberate… …   Wikipedia

  • MicroID — is a decentralized identity protocol. It was originally developed in 2005 by Jeremie Miller [1]. A MicroID is a simple identifier comprising a hashed communication/identity URI (e.g. Email, OpenID, and/or Yadis) and claimed URL. Together, the two …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”