nonce (number used once or number once)

Contributor(s): Yogesh M. Devi

A nonce, in information technology, is a number generated for a specific use, such as session authentication. In this context, "nonce" stands for "number used once" or "number once."

Typically, a nonce is some value that varies with time, although a very large random number is sometimes used. A nonce can be a time stamp, a visit counter on a Web page, or a special marker intended to limit or prevent the unauthorized replay or reproduction of a file.

An initialization vector (IV) is a nonce used for data encryption. The IV, used only once in any session, prevents repetition of sequences in encrypted text. Identifying such repetitions can help an attacker break a cipher.

In general usage, nonce means "for the immediate occasion" or "for now." Here's an explanation of the word's development from Merriam-Webster:

"Nonce" first appeared in Middle English as a noun spelled "nanes." The spelling likely came about from a misdivision of the phrase "then anes" ("Then" was the Middle English equivalent of "the" and "anes" meant "one purpose.") The word was especially used in the phrase "for the nonce," meaning "for the one purpose," as in Geoffrey Chaucer's Prologue of "Canterbury Tales:" A cook they hadde with hem for the nones To boille the chiknes with the marybones.

A nonce word is a neologism (newly coined word) that is created for a single use, such as inclusion in a work of fiction. However, once created, nonce words often make their way into common language. For example, Lewis Carroll coined the word "chortle" for the poem "Jabberwocky" and James Joyce created the word "quark" for his novel "Finnegan's Wake."

This was last updated in September 2008

Continue Reading About nonce (number used once or number once)

Dig Deeper on Web application and API security best practices

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.


File Extensions and File Formats