Nonce Value, is it used properly in Authentication?

Hi there,
Could any one please tell me how the “nonce” field of the SIP header is generated? Or is it just a random number?
Does the Asterisk server really use that nonce value in the authentication process?

 Thank you very much