问题
i have already asked a little similar question here but i am asking it in a different way and a little change. now my question is. is it possible to have a public key on the server side through which i can encrypt the message and have a private key on the client side with which i can decrypt the message , and this private key must be expire automatically after a given period of time (or must be so secured may be in some other way)?
so is possible? and if yes, how?
provided that i am using SJCL right now (though i don't have any constrain i just find it good till yet).
any help is greatly appreciated.
回答1:
No not really. As in your previous question, you can try and remove the key from memory using a timer. Even then, as long as a language/runtime does not support low level or secured memory accesss, some parts or all of the key may remain in memory. This is especially an issue for private keys, of course.
So you need to use a timer or a separate process to handle expiration of keys. Even then, it may be advisable to restart your process to wipe the key from memory and to sufficiently protect your swap file.
来源:https://stackoverflow.com/questions/23606742/ecc-with-sjcl-generate-a-key-that-expires-automatically