generate a key for SJCL that expires automatically after a period of time?

Question

I want to encrypt and decrypt the data on client-side for that i am using SJCL library, but i want my key to be expired after a scheduled time , so my question here is -

1. is it possible to generate such a key while using SJCL(or any other library may be) ,

2. if yes how? provided that the key must be demolished on the client side only without any server interaction?

any help is greatly appreciated. thanks

Answer 1

No, outside help of a third party (keeping the key) or normal programming techniques (i.e. wiping the key using a timer) there is no key that has such an intrinsic time out.

Certificates have a validity period though. With such a certificate it is possible to sign messages, adding the certificate to the signed message. You then only accept those messages whose certificate has not expired. In other words, the key itself will still be available, but it has become useless.

For this use either the PGP or CMS container formats, which are able to store the certificates as well as the data and the signature. The data may be encrypted as well.