在.NET序列号(注册密钥)算法 [英] Serial number (registration key) algorithm in .NET
问题描述
已经有关于IP安全性之类的,但没有,我可以找到专门针对算法几及时上岗。在我目前的项目之一,我们决定去一个离线注册密钥系统的路径。
There have been a few timely posts about IP security and the like, but none that I can find that specifically address an algorithm. In one of my current projects, we've decided to go the route of an offline registration key system.
我想我们大多数的最终用户群将诚实,所以我不认为我们有太什么可担心的。在另一方面,我宁愿没有没有了大量的汗水和泪水不经意的裂解装置进行访问。
I imagine most of our eventual user base will be honest, so I don't think we have too much to worry about. On the other hand, I'd rather not have the casual cracker gain access without a good deal of sweat and tears.
那么,什么是一些选择如何生成(和验证)的关键?硬件密钥是最有可能,因为安装模式是从Samba共享内部网服务器上运行。此外,应主要是多久?
So, what are some options for how to generate (and verify) the key? Hardware keying is most likely out because the install model is to run from a samba share on an intranet server. Also, how long should the key be?
其次,有多大验证算法的危险,只不过是被体现了出来,哪怕是模糊处理?会是最好写的算法在不受控code呢?
Secondly, how big is the danger of the verification algorithm simply being Reflected out, even if it is obfuscated? Would it be better to write the algorithm in unmanaged code instead?
推荐答案
在我看来,你将面临的关键问题不在于混淆了您的注册算法和水平(或缺乏)。
In my opinion, the key problem you'll face is not with your registration algorithm and level (or lack) of obfuscation.
相反,那就是:在你的$ C $一些c点可以归结为简单的二元决策 - 运行,或者退出。黑客您的系统只需要找到和调整这个决策点。
Rather, it's this: At some point in your code it comes down to simple binary decision - to run, or to exit. Hacking your system only requires finding and tweaking this decision point.
其他的一切 - 混淆,强签约,篡改检测 - 是面向使这更困难,但不能让它的是的更难
Everything else - obfuscation, strong signing, tamper detection - is oriented to make this more difficult, but it can't make it that much harder.
这篇关于在.NET序列号(注册密钥)算法的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
