ECC with SJCL , generate a key that expires automatically

允我心安 提交于 2019-12-12 01:38:44

问题


i have already asked a little similar question here but i am asking it in a different way and a little change. now my question is. is it possible to have a public key on the server side through which i can encrypt the message and have a private key on the client side with which i can decrypt the message , and this private key must be expire automatically after a given period of time (or must be so secured may be in some other way)?

so is possible? and if yes, how?

provided that i am using SJCL right now (though i don't have any constrain i just find it good till yet).

any help is greatly appreciated.


回答1:


No not really. As in your previous question, you can try and remove the key from memory using a timer. Even then, as long as a language/runtime does not support low level or secured memory accesss, some parts or all of the key may remain in memory. This is especially an issue for private keys, of course.

So you need to use a timer or a separate process to handle expiration of keys. Even then, it may be advisable to restart your process to wipe the key from memory and to sufficiently protect your swap file.



来源:https://stackoverflow.com/questions/23606742/ecc-with-sjcl-generate-a-key-that-expires-automatically

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!