In this case it's just a fancy way of saying "random". What's important about a GCM nonce is that it never repeat, not that it's unpredictable (to me, a distinction between a "nonce" and an "IV"; a CBC IV must be unpredictable).
Because you only get 96 bits of nonce space with vanilla GCM, there's common advice to use a counter as the nonce.
tptacek|1 year ago
Because you only get 96 bits of nonce space with vanilla GCM, there's common advice to use a counter as the nonce.