Cryptography - Nonce (Number Only used once)

About

In cryptography, a nonce is an arbitrary number that can only be used once. A value that is used only once.

It is similar in spirit to a wiki/nonce word, hence the name.

It is often a random or pseudo-random number issued in an authentication protocol to ensure that old communications cannot be reused in replay attacks.

Documentation / Reference





Discover More
Authentication - HTTP Digest Access Authentication

Digest access authentication is an http authentication method based on authorization entry. It is intended (as a security trade-off) to replace unencrypted HTTP basic access authentication. It is not,...
Card Puncher Data Processing
Code design - (Connection|Session)

During the use of a product, a session or connection is a execution context that holds identification data (if any) and group actions (such as interaction or transaction) that take place within...
Cryptography - Salt (init vector)

A salt is a text added to the password to make difficult an attack. See also: The salt value is public (not secret) and should be generated at random for each new encryption stored with the password...
HTTP - Content security policy (CSP)

CSP is a security response header that defines the behaviors that are trusted in your HTML page. In particular, it may restrict by defining the allowed host and origin of fetched resources. CSP can...
Oauth
In OAuth, what is the state query parameter known as Local State?

The state query parameter is an opaque value used by the client (app) in redirection flow to maintain the state between the and (response) (ie to restore or continue the navigation of the user). ...
Oauth
OAuth - Authorization Code

An authorization code is a intermediate credential used in a authorization code flow to retrieve a access token. It's a shared secret that does not long live because it's passed back via the query parameters...
What is a Cross-site request forgery attack (CSRF)? Web Security

A Cross-site request forgery (CSRF) is: a http request made by real users unknowingly with the help of the browser from a website to another target website (ie making the request a cross-site...
Oauth
What is a Oauth Access Token?

This page talks access token in the context of the OAuth specification. An access token is a token representing an access authorization created during: a implicit grant flow or a authorization code...
What is a Session Identifier?

A session identifier is a nonce that represents uniquely a session. Instead of storing session information (such as username, login, start time, ...) directly, the server creates a nonce and sends it...
What is an access token?

A token is a authentication material An access token is a token (string) representing an access authorization. It is equivalent to a session identifier in format. It's a token that serves as delegation-specific...



Share this page:
Follow us:
Task Runner