So now the only thing you need to do, is prove the "communication key" was generated by the program.
This goes far above my technical knowledge, but I'm very interested to see how this would actually work. Would this still work if the owner of the website can create an exact clone of the RAM and read everything (including encryption keys) in there?