Generate And Validate A Software License Key

Posted on
Generate And Validate A Software License Key Average ratng: 7,9/10 8513 votes
  1. Generate And Validate A Software License Key Icon
  2. Validate License Key
  3. Generate And Validate A Software License Key Download

May 23, 2007 Create and validate secure 'License Keys' for your proprietary code and embed up to 16-bits of 'configuration data' into the key. This code is flexible and may be used in many different licensing schemes. Everyone is familiar with getting license keys to activate software. There are multiple techniques to develop key based software activation. Mostly, you can classify them into offline and online approaches. Offline activation is simple to implement.


Generate And Validate A Software License Key Icon


How can I create a product key for my C# application? (6)

Simple answer - No matter what scheme you use it can be cracked.

Don't punish honest customers with a system meant to prevent hackers, as hackers will crack it regardless.

A simple hashed code tied to their email or similar is probably good enough. Hardware based IDs always become an issue when people need to reinstall or update hardware.

Good thread on the issue:http://discuss.joelonsoftware.com/default.asp?biz.5.82298.34

How can I create a product key for my C# Application?

I need to create a product (or license) key that I update annually. Additionally I need to create one for trial versions.

Related:

This new mode forces players to reconsider everything they thought they knew about portals. Portal 2 ps3 steam key generator no password no survey. About This GamePortal 2 draws from the award-winning formula of innovative gameplay, story, and music that earned the original Portal over 70 industry accolades and created a cult following.The single-player portion of Portal 2 introduces a cast of dynamic new characters, a host of fresh puzzle elements, and a much larger set of devious test chambers. Players will explore never-before-seen areas of the Aperture Science Labs and be reunited with GLaDOS, the occasionally murderous computer companion who guided them through the original game.The game’s two-player cooperative mode features its own entirely separate campaign with a unique story, test chambers, and two new player characters.

Key

There are many ways to generate license keys, but very few of those ways are truly secure. And it's a pity, because for companies, license keys have almost the same value as real cash.

Ideally, you would want your license keys to have the following properties:

Validate License Key

  1. Only your company should be able to generate license keys for your products, even if someone completely reverse engineers your products (which WILL happen, I speak from experience). Obfuscating the algorithm or hiding an encryption key within your software is really out of the question if you are serious about controlling licensing. If your product is successful, someone will make a key generator in a matter of days from release.

  2. A license key should be useable on only one computer (or at least you should be able to control this very tightly)

  3. A license key should be short and easy to type or dictate over the phone. You don't want every customer calling the technical support because they don't understand if the key contains a 'l' or a '1'. Your support department would thank you for this, and you will have lower costs in this area.

So how do you solve these challenges ?

Generate And Validate A Software License Key Download

  1. The answer is simple but technically challenging: digital signatures using public key cryptography. Your license keys should be in fact signed 'documents', containing some useful data, signed with your company's private key. The signatures should be part of the license key. The product should validate the license keys with the corresponding public key. This way, even if someone has full access to your product's logic, they cannot generate license keys because they don't have the private key. A license key would look like this: BASE32(CONCAT(DATA, PRIVATE_KEY_ENCRYPTED(HASH(DATA))))The biggest challenge here is that the classical public key algorithms have large signature sizes. RSA512 has an 1024-bit signature. You don't want your license keys to have hundreds of characters.One of the most powerful approaches is to use elliptic curve cryptography (with careful implementations to avoid the existing patents). ECC keys are like 6 times shorter than RSA keys, for the same strength. You can further reduce the signature sizes using algorithms like the Schnorr digital signature algorithm (patent expired in 2008 - good :) )

  2. This is achievable by product activation (Windows is a good example). Basically, for a customer with a valid license key, you need to generate some 'activation data' which is a signed message embedding the computer's hardware id as the signed data. This is usually done over the internet, but only ONCE: the product sends the license key and the computer hardware id to an activation server, and the activation server sends back the signed message (which can also be made short and easy to dictate over the phone). From that moment on, the product does not check the license key at startup, but the activation data, which needs the computer to be the same in order to validate (otherwise, the DATA would be different and the digital signature would not validate). Note that the activation data checking do not require verification over the Internet: it is sufficient to verify the digital signature of the activation data with the public key already embedded in the product.

  3. Well, just eliminate redundant characters like '1', 'l', '0', 'o' from your keys. Split the license key string into groups of characters.