#1 Download computer science & engineering books free           #2 Display your sponsored posts here. Reach 20,000+ students. Contact: info[at]cpentalk.com for quote           #3 Take the Ultimate Trivia Quiz. See where you rank globally.
0 votes
in Computer Networks by (user.guest)

1 Answer

0 votes
by (user.guest)
Best answer

The main purpose of the random nonces in the SSL handshake is to protect from playback attacks during connection.

• In the connection play back attack (playback attack), an attacker sniffs all the message transactions between a sender and receiver, and tires to connect receiver on some other time using the same sniffed messages.

• These types of attacks can’t be avoided by using only sequence numbers. Therefore, a nonce is used in SSL handshake to avoid playback attacks.

• If the nonces are used during the connection, the attacker’s messages will failed to pass integrity check.

• If the same nuance is used for each connection, the attacker can sniffs the messages, nonce and can send the same messages to receiver as the original sender. To avoid this problem, random nonces are used in SSL handshake. That is, a nonce used for one connection, is never reused for another connection.

Thus, the random nonces are used in the SSL handshake to prevent the “play back attack” connection.

If you found this answer helpful, please upvote and share with other students in your network.

Welcome to CPEN Talk
Solution-oriented students of computer engineering on one platform to get you that


Chuck Norris can retrieve anything from /dev/null.