0

I want to encrypt and decrypt the data on client-side for that i am using SJCL library, but i want my key to be expired after a scheduled time , so my question here is -

  1. is it possible to generate such a key while using SJCL(or any other library may be) ,

  2. if yes how? provided that the key must be demolished on the client side only without any server interaction?

any help is greatly appreciated. thanks

Novice
  • 401
  • 7
  • 27

1 Answers1

1

No, outside help of a third party (keeping the key) or normal programming techniques (i.e. wiping the key using a timer) there is no key that has such an intrinsic time out.

Certificates have a validity period though. With such a certificate it is possible to sign messages, adding the certificate to the signed message. You then only accept those messages whose certificate has not expired. In other words, the key itself will still be available, but it has become useless.

For this use either the PGP or CMS container formats, which are able to store the certificates as well as the data and the signature. The data may be encrypted as well.

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263
  • Please let me know if this solves your answer. Sorry but special hardware is required for "this key will self destruct" ;) – Maarten Bodewes Apr 15 '14 at 19:53
  • yes this answered my question thanks for the help but did not solve my problem. i have posted another question [here](http://stackoverflow.com/questions/23606742/ecc-with-sjcl-generate-a-key-that-expires-automatically), please have a look. – Novice May 12 '14 at 10:37