实现产品密钥 [英] implementation for product keys
问题描述
然而,我遇到的问题是我不是相当确定如何实施产品密钥验证。我想到的是,客户可以在我的网页上注册(在尝试产品一段时间后),支付产品,并通过ea -mail(或者可以通过我的网站上的个人资料)。到目前为止没有问题。然后他/她将钥匙放在我应用程序中的相应关键字段中,并且 应用程序已注册。
从我可以收集的内容远方,人们推荐使用AES或RSA。说实话,我在大学的另一个方向(而不是加密)和我刚才所说的一个加密类。但是从我记得,AES是一种对称的加密算法,这意味着我只有一个加密和解密密钥,对吗?那么我怎么可以产生数千个产品密钥,并且仍然在我的应用程序中验证它们(这样就不需要互联网访问....所以不用服务器检查)?
所以我猜RSA会走的路了吗?但是,RSA不会产生很长的密钥(至少比上面要求的25个字符更长)?
在另一个线程我读到有些产品甚至不会对产品密钥生成使用加密/验证,而只是使用一些检查,如添加2.和17.字符,应该总计x。
什么是最快,最简单和最安全的方式去这里? :--)代码样本将是糖!
请问,
Sebastian
PS:哦,请不要告诉我我的密钥是否可以在某些时候被破解.....我知道,这主要是为什么我不想在这个问题上花费大量的时间,但同时也不会让偶尔的破解者变得容易。
对称算法是有限的,因为任何具有反汇编程序的新手破解者都可以找到您的密钥(或用于生成一个密钥的算法),并创建一个keygen。
原因,非对称密码学是要走的路。基本的前提是这样的:
- 当用户从您那里购买许可证时,您将收集有关用户的某些标识详细信息和/或他们的环境(通常这只是一个全名,有时也是一个公司)。
- 你做这个信息的128位MD5哈希。
- 使用128位椭圆曲线加密,使用私有密码加密此散列
- 128位密码可以由用户表示为一个由字母和数字组成的25个字符的字符串(加上可分辨的破折号) 。请注意,26个字母+ 10位= 36个谨慎的值,而36 ^ 25> 2 ^ 128。
- 用户将此产品密钥输入到注册对话框中。客户端软件将其重新转换为128位数(16字节),使用您的EC加密公钥解密,并将结果与用户个人信息的MD5哈希进行比较,这与用于注册的信息相匹配
当然这只是基本的想法。有关更多详细信息和源代码,请参阅基于椭圆曲线密码术的产品密钥。
I'm implementing a small application in C, which I would like to sell as shareware for a reasonable price later on. It will start of with a 30-day trial, which I am already quite certain of how to implement it.
The problem I have, though, is that I am not quite sure how to implement the product key verification. What I have in mind is that the customer can sign up on my webpage (after trying the product for a while), pay for the product, and get a product key in the form of aaaaa-bbbbb-ccccc-ddddd-eeeee via e-mail (or maybe available via his profile on my website). No problem so far. He/She then drops the key in the appropriate key fields in my app and boom the app is registered.
From what I could gather so far, people either recommend AES or RSA for this. To be honest, I in another direction in college (not cryptography) and the one cryptography class I took was some time ago. But from what I remember, AES is a symmetric encryption algorithm, which would mean that I would only have one key for encryption and decryption, right? How could I then generate thousands of product keys and still validate them in my app (which by the way won't require internet access....so no checking back with a server)?
So I guess RSA would be the way to go? But doesn't RSA produce pretty long keys (at least longer than the required 25 characters from above)?
In another thread I read that some products won't even use encryption for the product key generation/verification, but instead just employ some checks like "add the 2. and the 17. character and that should total to x".
What's the fastest, easiest and most secure way to go here? :-) Code samples would be sugar!
Regards,
Sebastian
P.S.: Oh...and please don't tell me how my key can and will be cracked at some point.....I know about that, which is primarily why I don't want to spend a lot of time with this issue, but at the same time not make it too easy for the occasional cracker.
Symmetric algorithms are limited, in that any novice cracker with a disassembler can find your key (or the algorithm used to generate one) and make a "keygen".
For this reason, asymmetric cryptology is the way to go. The basic premise is something like this:
- When the user purchases a license from you, you collect certain identifying details about the user and/or their environment (typically, this is just a full name; sometimes a company, too).
- You make a 128-bit MD5 hash of this information.
- Using a 128-bit Elliptic Curve crypto, encrypt this hash using the private key on the server.
- The 128-bit cipher text can be represented to the user as a 25-character string consisting of letters and digits (plus separating dashes for readability). Notice that 26 letters + 10 digits = 36 discreet values, and that 36^25 > 2^128.
- The user types this product key into your registration dialog. The client software converts it back to a 128-bit number (16 bytes), decrypts that using the public key of your EC crypto, and compares the result to an MD5 hash of the user's personal information, which must match what was used for registration.
This is just the basic idea, of course. For more details and source code, see Product Keys Based on Elliptic Curve Cryptography.
这篇关于实现产品密钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
