By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
424,678 Members | 2,155 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 424,678 IT Pros & Developers. It's quick & easy.

How secured is the .Net licensing component

P: n/a
Hi!

We have a .Net based product where we have implented a
user based licensing using encryption, strong key and com
components (we wrote it in C++ to avoid the license code
being visible).

We are planing to move the implementation to the .Net
licensing component. I was wondering if anybody has any
experience with such an implementation as regards to
security of such an implemention.

The concern is that if the licensing code is implemented
using the manage code, the logic will be visible to
anybody who can disassemble using tools like ILDASM etc.

Thanks
Dutta S.K.
Nov 18 '05 #1
Share this Question
Share on Google+
1 Reply


P: n/a
Any time that you store everything on the local machine, there is an
opportunity to read it. ILDASM doesn't introduce any capabilities that you
didn't have before, it just gives you more details. If you encrypt on the
local machine, then you have to be able to decrypt on the local machine, and
consequently the key must be stored on the local machine. If it is stored
there, then somebody can fetch it if they are determined enough.

What it boils down to is how much you need to tighten down your product.
Does it have a huge demand from unscrupulous people? For example, tons of
people will happily download Windows and crack it, so they have to implement
a hardware hash as well as a product key that is transmitted to servers that
they do have control over. However, at some point security is good enough,
and if you are selling a business component, then the demand from
unscrupulous folks might be comparatively low, and secure enough might be
adequate. You need to weigh the inconvenience to your customers and the
costs of implementation to determine how bulletproof you need this sucker to
be.

--
Chris Jackson
Software Engineer
Microsoft MVP - Windows Shell/UI
Windows XP Associate Expert
--
More people read the newsgroups than read my email.
Reply to the newsgroup for a faster response.
(Control-G using Outlook Express)
--

"S.K. Dutta" <sk******@hotmail.com> wrote in message
news:0d****************************@phx.gbl...
Hi!

We have a .Net based product where we have implented a
user based licensing using encryption, strong key and com
components (we wrote it in C++ to avoid the license code
being visible).

We are planing to move the implementation to the .Net
licensing component. I was wondering if anybody has any
experience with such an implementation as regards to
security of such an implemention.

The concern is that if the licensing code is implemented
using the manage code, the logic will be visible to
anybody who can disassemble using tools like ILDASM etc.

Thanks
Dutta S.K.

Nov 18 '05 #2

This discussion thread is closed

Replies have been disabled for this discussion.