CWE-323

Reusing a Nonce, Key Pair in Encryption

Nonces should be used for the present occasion and only once.

Mitigation

Phase: Implementation

Description:

  • Refuse to reuse nonce values.
Mitigation

Phase: Implementation

Description:

  • Use techniques such as requiring incrementing, time based and/or challenge response to assure uniqueness of nonces.

No CAPEC attack patterns related to this CWE.

Back to CWE stats page