A "nonce" is an arbitrary number or string used only once within the context of a specific cryptographic scheme. Nonces are used e.g. in authentication protocols to prevent replay attacks, as well as in stream ciphers (including CTR mode) to avoid keystream reuse.
A nonce is an arbitrary number or string used in a cryptographic scheme. The defining feature of a nonce is that it must be used only once within a particular context.
Nonces are used in various areas of cryptography. For example, they may be used in challenge–response authentication protocols as part of the challenge to prevent replay attacks. In stream ciphers (including streaming block cipher modes of operation, such as CTR) nonces are used to modify the keystream generation in order to avoid reusing the same keystream for multiple messages, which would significantly compromise security.
One common method of nonce generation is to simply use a counter value, such as a message number, that is known to be unique within the appropriate context (e.g. among messages encrypted with the same key). This method is simple and fast, but typically requires retaining some state (the counter value) between operation, and may be vulnerable to implementation mistakes (e.g. two parties using overlapping ranges of counter values).
An alternative method of generating nonces is to use random numbers of sufficient length (e.g. 96 bits or more) that the probability of collision is negligible. (Due to the birthday paradox, this generally requires at least $2n$ bits for an expected number of up to $2^n$ uses.) This method is more robust against some implementation mistakes, and can be implemented without any persistent state, but does require a source of cryptographically secure random numbers.
