What is the difference between a “nonce” and a “GUID”?

后端 未结 2 1068
渐次进展
渐次进展 2021-02-20 11:40

This question here is about creating an authentication scheme. The accepted answer given by AviD states

Your use of a cryptographic nonce is also impo

2条回答
  •  清歌不尽
    2021-02-20 12:06

    Whenever you randomly generate a random number intended to be used in cryptography, you should be really sure that the number is really random. GUIDs tend to be generated based on values that can be discovered, guessed or inferred, such as current system time or a network card MAC address, and thus the nonce could potentially be guessed.

提交回复
热议问题