What Is a Cryptographic Nonce? Definition and Meaning

Okta
Updated: 11/06/2023 - 12:16
Time to read: 4 minutes

A random or pseudo-random number used in communication protocols, a cryptographic nonce helps to keep communications private. It is an arbitrary and randomly generated number that can only be used once and often also includes a timestamp. 

A cryptographic nonce can help to prevent replay attacks, ensuring that old communications cannot be reused by bad actors. Cryptographic nonces are used in authentication protocols, cryptographic hash functions, and initialization vectors.

What is a cryptographic nonce?

Used in live data transmitting services, a cryptographic nonce is a randomly generated number designed to keep communications private and protect against replay attacks. Nonce in cryptography means “number once,” and this arbitrary number is only used one time in a cryptographic communication. 

A nonce often includes a timestamp, which means it is only valid during a specific amount of time, to help ensure that it is only used once. If it does not have a time-variant, the nonce will need to be generated with enough random bits to make sure that the probability of it repeating a value that has been generated previously is nearly insignificant.

Examples of a nonce

A nonce can be used in an authentication protocol as a method of preventing replay attacks by ensuring that old communications are not being reused. The nonce helps to prove that the message received was sent by the intended sender and was not intercepted and resent by a bad actor. To optimize a nonce, it should have both sequential parts and random parts.

The following are usage examples of a nonce:

  • Authentication protocols: A nonce can be used to calculate the MD5 digest of the password in HTTP digest access authentication. Every time a 401 authentication challenge response code is issued, the nonce will be different. This is especially beneficial for online retail transactions to ensure they are legitimate.

Using a nonce for authentication ensures that old communications are not being reprocessed and reused. For example, an e-commerce site can add a nonce to each purchase made by a client to prevent a bad actor from using the initial order to place additional orders with the client’s information.

  • Asymmetric cryptography: Nonce values can be used in public-key cryptography like with the SSL/TLS (secure socket layer/transport layer security) handshake, where two unique nonce values are generated and exchanged. Both the client and the server will generate a unique nonce value to be validated with the private/public key pair.
  • Digital signatures: A nonce can be used to create, compare, and verify digital signatures using e-signature tools.
  • Identity management: Several identity management features such as SSO (single sign-on), 2FA (2-factor authentication), and account recovery can use nonces.
  • Hashing: In proof-of-work systems, a nonce can be used to vary the input to a cryptographic hash function to fulfill arbitrary conditions with a desired amount of difficulty.
  • Initialization: Used for data encryption, an initialization vector is a nonce since it is often random or pseudo-random and only used once during a session.
  • Cryptocurrency: A nonce can be used to create a cryptographic hash that connects to a bitcoin blockchain. With bitcoin mining, a nonce can be added to the values being hashed to change the hash algorithm output.

Benefits of a cryptographic nonce

Using a nonce gives the communication being sent originality. It can ensure that old communications are not being reused, which is the case in replay attacks. 

With a replay attack, a threat actor intercepts a communication between two parties and uses the captured message to gain unauthorized access. For example, when you send a request to a server, a hacker could intercept this request and resend the same request to the server pretending to be you. It can look like the data is coming from your browser. 

When you use a nonce, however, the communication cannot be reused even if it is intercepted, as the server will not accept the unauthorized message. The nonce is only used one time so any reuse of old communications will be invalid and blocked. The randomness of the nonce, sometimes with an added timestamp, can be used by an application to verify the user and make it more difficult for bad actors to impersonate legitimate clients.

Additional resources

The National Institute of Standards and Technology (NIST) publishes several resources regarding nonces, best practices, and their uses. With bitcoin mining, a golden nonce refers to a hash value that is less than the target value. The Blockchain Council has more information on blockchain and how nonces can be applied.

References

Replay Attack. National Institute of Standards and Technology (NIST).

Nonce. National Institute of Standards and Technology (NIST).

What Is a Golden Nonce and What Is Its Usage in Blockchain? (2022). Blockchain Council.