![]() So with these things in place, let’s try it out. You probably know this as public/private key encryption, which is currently supported by Mail.app in the form of S/MIME, where you can send a letter to your friend using his public key, and only he will be able to read it, using his private key to decrypt it. Using symmetric encryption (like XOR, ROT13, or even DES/AES) the above won’t help much, since the user will only need to run our program through the debugger to see how it decrypts the license key, and from this, he can probably figure out how he should encrypt it (after making his changes to the checksum.)īut with asymmetric encryption this becomes much more difficult, because one cryptographic key is used for encryption, and another is used for decryption, and given one of them, you cannot easily find the other. To ensure that he cannot easily construct another name with the same checksum, we should use a cryptographic hash function to generate the checksum, and to ensure that he does not simply overwrite the checksum in his license key (with a checksum for a name he made up himself), we should give him the license key in an encrypted form, so that he would need to decrypt the license key, make the change, and then encrypt it, in order for him to spread a fake license key (i.e. So if a user wants to leak his license key, he also needs to include his name, which would probably discourage most. ![]() To remedy this problem we can store a checksum of the users name in the license key, and let our application verify this checksum. “42”) is not a good idea, since if one user leaks his license key, everybody will be able to use the program, and we won’t be able to tell which user actually leaked the license key. But giving all users the same license key (e.g. Since it will be used to unlock an application, it needs to contain an identifier which the application can recognize. Let us first consider what the license key actually is. In this article I will give an example of how one can generate and verify license keys (also known as serial numbers) using the tools included with Mac OS X, and in a way which should make it difficult for the cracker to generate his own fake license key(s). Next post: Disabled Image Buttons OpenSSL for License Keys
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |