Software license decryption with a public key stored in the application binary

Question

With reference to the answer of this question I can not understand how can the software licensing scheme works if the Private Key is kept on the license server and the public key is shipped in the application executable, and not vice verse.

I'm trying to do the following software licensing scheme:

User gets a Product ID (based on GUID) upon purchase and uses this inside the application to activate it.
The application connects to the license server which sends back encrypted text using RSA public key. This text (license) will be stored on the user's hard disk.
Each time the application starts it needs to decrypt this license using RSA private key, in order to extract different parameters like product edition, product limitations, registered to what company etc.

How can the application decrypt this license text if it does not have the private key but the public key?

Thanks!

EDIT:

If the key used to encrypt the license is available only on the server side and not to the public, can we call this a private key? In this case, if one side has the key for encryption and the other side (the public) has the key for decryption, can the side that has the key for decryption obtain the key for encryption? The concern is based on the various topics on stackoverflow that it's not that difficult to generate the public key given the private key. If you have the private key, you effectively can have both keys.
The idea is that once the software is activated it should no longer need to connect to the license server.

SLaks · Accepted Answer

The application should store its details in plain text.

When registering, the server should sign those details (including machine identification) using the private key.

Each time the application starts, it should verify that signature using the public key.

Software license decryption with a public key stored in the application binary

Answers (2)

Related Questions