Cryptographic nonce

A nonce (English) called outside of cryptography a preliminary word, a letter or series of numbers that have been selected with the intention of short-term, soon to be replaced by something better.


The English word " nonce " goes back to the medieval phrase "for the nonce " = " for this one time, for the time being " ( by re-segmentation in Middle English from "for than anes " emerged ) back, so a provisional statement or regulation, the soon to change was. The use changed in the printing industry to " nonce word " = " preliminary word placeholder". In linguistics is called a " nonce word " ( German " nonce " ) which spontaneously invented word to (possibly temporary) names a thing for which there are still lacked proper name.

Used in cryptography

In cryptography, the term nonce (short for: "used only once" or "number used once" ) has been taken to refer to single numbers or a combination of letters that are used only once in the respective context. Thus, a nonce is a randomly generated and unique session key in principle. In many protocols, the security of the method is compromised, a nonce should be used twice. Similar to the use of weak random numbers can be difficult to detect this error, because the logs viewed from the outside usually still work but are vulnerable to attack. Typical ways to generate a nonce, the use of ( cryptographically secure ) random values ​​, which are sufficiently large so that the probability of double use is negligible (see birthday paradox), or the use of a counter. Nonces are used, for example, to prevent replay attacks.


  • Cryptology