Cryptographic Nonce
A random or non-repeating value that is included in data exchanged by a protocol, usually for the purpose of guaranteeing the transmittal of live data rather than replayed data, thus detecting and protecting against replay attacks.
Source(s):
CNSSI 4009-2015
IETF RFC 4949 Ver 2
A time-varying value that has at most a negligible chance of repeating, for example, a random value that is generated anew for each use, a timestamp, a sequence number, or some combination of these.
Source(s):
NIST SP 800-102
under Nonce
A time-varying value that has at most a negligible chance of repeating – for example, a random value that is generated anew for each use, a timestamp, a sequence number, or some combination of these.
Source(s):
NIST SP 800-108
under Nonce
NIST SP 800-56C
under Nonce
[Superseded]
A time-varying value that has at most a negligible chance of repeating; for example, a random value that is generated anew for each use, a time-stamp, a sequence number, or some combination of these. It can be a secret or non-secret value.
Source(s):
NIST SP 800-135 Rev. 1
under Nonce
A value that is used only once.
Source(s):
NIST SP 800-38A
under Nonce
A value that is used only once within a specified context.
Source(s):
NIST SP 800-38C
under Nonce
NIST SP 800-38D
under Nonce
A randomly generated value used to defeat “playback” attacks in communication protocols. One party randomly generates a nonce and sends it to the other party. The receiver encrypts it using the agreed upon secret key and returns it to the sender. Because the sender randomly generated the nonce, this defeats playback attacks because the replayer cannot know in advance the nonce the sender will generate. The receiver denies connections that do not have the correctly encrypted nonce.
Source(s):
NIST SP 800-44 Version 2
under Nonce
A time-varying value that has at most an acceptably small chance of repeating. For example, the nonce may be a random value that is generated anew for each use, a timestamp, a sequence number, or some combination of these.
Source(s):
NIST SP 800-56A Rev. 2
under Nonce
[Superseded]
A value used in security protocols that is never repeated with the same key. For example, nonces used as challenges in challenge-response authentication protocols SHALL not be repeated until authentication keys are changed. Otherwise, there is a possibility of a replay attack. Using a nonce as a challenge is a different requirement than a random challenge, because a nonce is not necessarily unpredictable.
Source(s):
NIST SP 800-63-3
under Nonce
A time-varying value that has at most a negligible chance of repeating, e.g., a random value that is generated anew for each use, a timestamp, a sequence number, or some combination of these.
Source(s):
NIST SP 800-90A Rev. 1
under Nonce
A time-varying value that has an acceptably small chance of repeating. For example, a nonce is a random value that is generated anew for each use, a timestamp, a sequence number, or some combination of these.
Source(s):
NIST SP 800-56B Rev. 2
under Nonce
See Nonce
Source(s):
NISTIR 8202
under Cryptographic Nonce
NISTIR 8202
See Cryptographic Nonce
Source(s):
NISTIR 8202
under Nonce
A time-varying value that has, at most, an acceptably small chance of repeating. For example, a nonce is a random value that is generated anew for each use, a timestamp, a sequence number, or some combination of these.
Source(s):
NIST SP 800-56B Rev. 1
under Nonce
[Superseded]
A value used in security protocols that is never repeated with the same key. For example, nonces used as challenges in challenge-response authentication protocols must not be repeated until authentication keys are changed. Otherwise, there is a possibility of a replay attack. Using a nonce as a challenge is a different requirement than a random challenge, because a nonce is not necessarily unpredictable.
Source(s):
NIST SP 800-63-2
under Nonce
[Superseded]