Why it is highly recommended to use a nonce once and only once in SSL/TLS? Same question with key streams in stream ciphers? What sort of attack(s) could take place if ever a nonce/key stream is used more than once? During the SSL/TLS handshake, is the client nonce/server nonce session related or connection related ?
Asked
Active
Viewed 313 times
-1
-
Why downvoting my question? – sasuke_X220 Jul 08 '17 at 11:06
-
Not sure… but it could be due to the fact we've got similar Q&As already handling your question. For example: Nonces being used in SSL and MAC to prevent replay attacks, Reuse nonce with Salsa20 stream cipher with counter, Repeated NONCE in CTR mode, What happens if a nonce is reused in ChaCha20-Poly1305?, Why do stream ciphers use a nonce?, etc. – e-sushi Jul 08 '17 at 11:24
1 Answers
0
Well, in general, reusing a nonce enables replay attacks. This is a fundamental concept in authentication protocols.
Russ
- 273
- 1
- 8