Nonce

A nonce is an input that must not repeat within the lifetime of a key, used by symmetric ciphers, AEAD modes, signature schemes, and authentication protocols to ensure each operation is unique. In AEAD modes like AES-GCM or ChaCha20-Poly1305, nonces are typically 96 bits and may be generated as random values or as a deterministic counter; reusing an AES-GCM nonce under the same key catastrophically breaks confidentiality and authentication. Nonces also appear in TLS handshakes, OAuth/OIDC challenges, Bitcoin block headers, and signature schemes such as ECDSA, where nonce reuse leaks the private key. Best practice is to use either random nonces of sufficient length or a strictly monotonic counter, and to switch to misuse-resistant modes (AES-GCM-SIV, XChaCha20-Poly1305) when collisions cannot be ruled out.