问题描述
我已经提出了一个类似的问题,但我是以不同的方式和一点点改变。现在我的问题是。是否可以在服务器端拥有一个公共密钥,通过该密钥我可以加密该消息,并在客户端拥有私钥,我可以使用该密钥来解密该消息,该私钥必须在给定的时间段后自动过期(或必须如此安全可能以某种其他方式)?
i have already asked a little similar question here but i am asking it in a different way and a little change. now my question is. is it possible to have a public key on the server side through which i can encrypt the message and have a private key on the client side with which i can decrypt the message , and this private key must be expire automatically after a given period of time (or must be so secured may be in some other way)?
是可能吗?
,如果是,如何?
so is possible?and if yes, how?
只要我现在使用SJCL(虽然我没有任何约束,我只是发现它很好)
provided that i am using SJCL right now (though i don't have any constrain i just find it good till yet).
非常感谢任何帮助。
推荐答案
不是真的。与以前的问题一样,您可以使用定时器尝试从内存中删除该键。即使这样,只要语言/运行时不支持低级别或安全的内存访问,则某些部分或全部密钥可能会保留在内存中。这当然是私钥的一个问题。
No not really. As in your previous question, you can try and remove the key from memory using a timer. Even then, as long as a language/runtime does not support low level or secured memory accesss, some parts or all of the key may remain in memory. This is especially an issue for private keys, of course.
所以你需要使用一个计时器或一个单独的进程来处理密钥的到期。即使如此,建议您重新启动进程以从内存中擦除密钥,并充分保护您的交换文件。
So you need to use a timer or a separate process to handle expiration of keys. Even then, it may be advisable to restart your process to wipe the key from memory and to sufficiently protect your swap file.
这篇关于ECC与SJCL生成一个自动过期的密钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!