使用SJCL的ECC，生成自动过期的密钥 [英] ECC with SJCL , generate a key that expires automatically

问题描述

我已经问过一个类似的问题这里，但我要求一个不同的方式和一点点变化。现在我的问题是。可以在服务器端具有公钥，通过该公钥我可以对消息进行加密并且在客户端具有可以对其解密消息的私钥，并且该私钥必须在给定时间段之后自动过期（或必须这样安全可能以某种其他方式）？

i have already asked a little similar question here but i am asking it in a different way and a little change. now my question is. is it possible to have a public key on the server side through which i can encrypt the message and have a private key on the client side with which i can decrypt the message , and this private key must be expire automatically after a given period of time (or must be so secured may be in some other way)?

这样可能吗？
如果是，如何？

so is possible? and if yes, how?

如果我现在使用SJCL（虽然我没有任何约束，只是发现它还不错）

provided that i am using SJCL right now (though i don't have any constrain i just find it good till yet).

任何帮助都非常感谢。

推荐答案

。如在上一个问题，您可以尝试使用定时器从内存中删除该密钥。即使这样，只要语言/运行时不支持低级别或安全的存储器访问，一些部分或全部密钥可以保留在存储器中。这当然是私钥的问题。

No not really. As in your previous question, you can try and remove the key from memory using a timer. Even then, as long as a language/runtime does not support low level or secured memory accesss, some parts or all of the key may remain in memory. This is especially an issue for private keys, of course.

所以你需要使用一个计时器或一个单独的进程来处理密钥的过期。即使这样，也可以重新启动进程，从内存中擦除密钥，并充分保护您的交换文件。

So you need to use a timer or a separate process to handle expiration of keys. Even then, it may be advisable to restart your process to wipe the key from memory and to sufficiently protect your swap file.

这篇关于使用SJCL的ECC，生成自动过期的密钥的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！