Reputation: 3899
How to generate a product license key which includes decodable product information
I want to issue a product security key which can encode details of the licensing restrictions. For example, a key could contain the maximum number of licensed users, and/or start/end dates to control license expiry.
I know that a simple way of creating a key is to use an MD5 hash - simply concatenate the details and apply the MD5 hash algorithm. But that is a one way process i.e. you cannot decode the key to see the initial parameters.
What I want to do is issue a key which can be decoded at the user site, and gives them all the licensing parameters.
So the user would get something like this:
1234-5678-9012-3456
which is created using a string composed of the following parameters, concatenated, then hashed
Max users: 50
Start date: 17/01/17
End date: 17/01/18
In the past I've installed software products which come with a license key , and the key somehow has all the information such as expiry date built in. How is this done? Does the software contact a central server to determine the expiry date by consulting a database? But I'm sure these license keys worked when the application was offline. Am I mistaken?
Upvotes: 2
Views: 5788
Answers (2)
Reputation: 151
I have developed an open source solution for that.
I'd be happy if someone would give it a try. https://github.com/mitch-haraldsson/greenLicense
It is exactly what you are looking for, since I had the same requirements for my software.
Keep in mind that no software is uncrackable. An attacker determined enough will crack every - offline - license.
I am using a pretty standard approach. A key pair (public is shipped with the software) to encrypt a unique symmetric key in the license which encrypts your payload of any size.
A signature ensures that the file has not been tempered with.
In addition you can bind the license to certain system attributes like
- mac address
- ip address
- host name
- os name
Of course, as stated before, determined attackers will get through almost anything. The goal is not to make it too easy to illegally redistribute your software.
Upvotes: 1
Reputation: 10287
basically what you can do is: create a datastructure holding your information, encode that as bytes, pipe through a compression function if too large.
create a keypair for your favourite signing algo like RSA
sign the data structure / the compressed bytes
truncate the signature to a fitting size like the last X hex digits
ship the public key with your product
the longer the signature part, the harder to make a working keygen
it's more likely someone will replace you key or the checking logic in your binary, but yes... that's how you could do this...
Upvotes: 0
Related Questions
- How can I create a product key for my C# application?
- Secure algorithm for creating license keys?
- Java - generate machine specific encryption key
- Crypto key generation
- An effective method for encrypting a license file?
- Generating serial or hex code for product licensing
- Producing Product Key for Softwares
- Creating license keys containing data
- How to create serials key to protect an application
- How to generate a license key using java