473,327 Members | 1,892 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,327 software developers and data experts.

Licence Key generator

Hi,
We would like to develop a product in VB.Net. This is the first time I'm
involving in such type of practice. Can any one please provide the
information about the fallowing???
1. How to generate Licence Key(s) for the product? Are there any components
available to do so?
2. Since the product is distributed thru CDs, what is the process to provide
licence keys for the clients?

Please help.
Jul 19 '05 #1
2 27926
Hello,

Providing a licensing system can be difficult. There are many
approaches you can take.

On the simple end, you can use a simple algorithm with an encryption
algorithm. An example of this would be to use an int32 and every
number divisible by 13 is valid. Then encrypt the number with
Rijndael and use that as the key. Simple to generate, looks random to
the user.

More advanced, you could require some input from the user to generate
the code, via registration. In this scenario you'd have the user
register his name, and you'd issue a key that is linked to his name.
Again, using Rijndael or some other encryption algorithm would provide
the necessary key. Another way is using a hash and then requiring
some characteristics of the output. This requires you to spend a lot
of computing time finding hashes that work, but can be successful at
limiting key-generators.

For even more protection, you could use a hardware dongle, or require
per-computer activation (like Windows XP). This is best way to
prevent "casual" piracy, where a company buys 1 license, and installs
it on multiple computers.

Regardless, you should most likely develop your own algorithm. Using
a prepackaged protection system can be easier to crack because many
times most of the work has been done before for another product. To
give them to the client, you'll just need to print off one key out of
the sequence of keys available. Your CD manufacturer can give you
more details. Sometimes it's possible to have each CD have a serial
or volume encoded on it, which you can use to require a specific key.
Again, your CD manufacturer can give you more details.

Another thing you need to do are find a way to transfer the licenses
(sending a long binary or Base64 string isn't nice for users). A
packed (where the transform works on one byte at a time instead of
multiple bytes), modified (modify the output so that the 32 characters
are easy to distinguish, for instance, don't use 0 and O, I and l)
Base32 algorithm is a good way to do this.

The most important issue, no matter which scheme you use, is
providing anti-cracking measures. Ignoring this is like having a door
with an advanced digital lock, but having the actual door made of
rotten wood - an attacker will just bypass the lock and break down the
door. If your app just simply does something like this:
If CheckForLicense() Then
MessageBox.Show("Valid license!")
Else
MessageBox.Show("Invalid license!")
Return
End
It will be cracked extremely fast, even if it is obfuscated. An
attacker will simply add a breakpoint for MessageBox.Show, and then
trace the code back up to the branch. For an added bonus, they'll
jump into the CheckForLicense() and reverse engineer it and make a key
generator which will most likely work even across-versions of your
software. This can be easy in x86, and extremely easy in IL.

The use of multiple threads or processes can make debugging much
harder. As well, writing code in IL or x86 embedded in IL that's
designed to be hard to read. The CLR is very flexible and we can take
advantage of this to write very confusing code, if don't mind loosing
verifiability.

Finally, a strong obfuscator that encrypts strings and hides calls to
your code and to system code will make all your code even harder to
read. Then, an encrypted loader (where your .exe has a data section
that contains the encrypted program, and the IL inside the .exe is
just to load it up) can raise the bar very high to even get to your
IL.

If you are interested, I can help you design these features and write
code to do this. As well, I have an internal program that creates an
encrypted loader, as well as does some interesting obfuscation
techniques that have been successful in stopping the .NET debuggers
from attaching to a process and prevent ILDASM/ASM round-tripping. My
email address is mg*@Atrevido.net.

Thanks,
-mike
MVP
"Kiran" <ki********@nunet-tech.com> wrote in message
news:uu**************@TK2MSFTNGP12.phx.gbl...
Hi,
We would like to develop a product in VB.Net. This is the first time I'm involving in such type of practice. Can any one please provide the
information about the fallowing???
1. How to generate Licence Key(s) for the product? Are there any components available to do so?
2. Since the product is distributed thru CDs, what is the process to provide licence keys for the clients?

Please help.

Jul 19 '05 #2
Sorry, I meant RC2, not Rijndael (the output will be smaller, which is
useful for codes the user has to type in). Here is a small example
and it's output. As you can see, the results are quite varied, and
make it impossible for someone to determine any algorithm just by
looking at masses of keycodes.

----
13 = MTYzRrmgAS8=
26 = FJ3UJexjokY=
39 = aQvGR1KY4Xg=
52 = R87PYZsb1KM=
65 = SuX6VixFu8A=
78 = ELNcDX4L6Dk=
91 = QSXQi8LCyJY=
104 = XoUHL7Jgqmw=
117 = DJsLb8H8Htc=
130 = 4HNg2zLLXGQ=
143 = aOPKYj056kU=
156 = ewCz0BMCrS8=
169 = hL4zLl7hZ7o=
182 = xHFVolS4h2g=
195 = 5zKC1O0GhAQ=
----

using System;
using System.Security.Cryptography;

namespace testY {
public class Class1 {
static void Main() {
RC2 r = RC2.Create();
r.GenerateIV();
r.GenerateKey();

for (short i = 13; i < 200; i+=13) {
byte[] data = System.BitConverter.GetBytes(i);
byte[] enc = r.CreateEncryptor().TransformFinalBlock(data, 0, 2);
Console.WriteLine("{0}\t= {1}", i, Convert.ToBase64String(enc));
}
Console.ReadLine();
}

}
}

-mike
"Michael Giagnocavo [MVP]" <mg*******@Atrevido.net> wrote in message
news:uU*************@TK2MSFTNGP10.phx.gbl...
Hello,

Providing a licensing system can be difficult. There are many
approaches you can take.

On the simple end, you can use a simple algorithm with an encryption algorithm. An example of this would be to use an int32 and every
number divisible by 13 is valid. Then encrypt the number with
Rijndael and use that as the key. Simple to generate, looks random to the user.

More advanced, you could require some input from the user to generate the code, via registration. In this scenario you'd have the user
register his name, and you'd issue a key that is linked to his name.
Again, using Rijndael or some other encryption algorithm would provide the necessary key. Another way is using a hash and then requiring
some characteristics of the output. This requires you to spend a lot of computing time finding hashes that work, but can be successful at
limiting key-generators.

For even more protection, you could use a hardware dongle, or require per-computer activation (like Windows XP). This is best way to
prevent "casual" piracy, where a company buys 1 license, and installs it on multiple computers.

Regardless, you should most likely develop your own algorithm. Using a prepackaged protection system can be easier to crack because many
times most of the work has been done before for another product. To
give them to the client, you'll just need to print off one key out of the sequence of keys available. Your CD manufacturer can give you
more details. Sometimes it's possible to have each CD have a serial
or volume encoded on it, which you can use to require a specific key. Again, your CD manufacturer can give you more details.

Another thing you need to do are find a way to transfer the licenses (sending a long binary or Base64 string isn't nice for users). A
packed (where the transform works on one byte at a time instead of
multiple bytes), modified (modify the output so that the 32 characters are easy to distinguish, for instance, don't use 0 and O, I and l)
Base32 algorithm is a good way to do this.

The most important issue, no matter which scheme you use, is
providing anti-cracking measures. Ignoring this is like having a door with an advanced digital lock, but having the actual door made of
rotten wood - an attacker will just bypass the lock and break down the door. If your app just simply does something like this:
If CheckForLicense() Then
MessageBox.Show("Valid license!")
Else
MessageBox.Show("Invalid license!")
Return
End
It will be cracked extremely fast, even if it is obfuscated. An
attacker will simply add a breakpoint for MessageBox.Show, and then
trace the code back up to the branch. For an added bonus, they'll
jump into the CheckForLicense() and reverse engineer it and make a key generator which will most likely work even across-versions of your
software. This can be easy in x86, and extremely easy in IL.

The use of multiple threads or processes can make debugging much
harder. As well, writing code in IL or x86 embedded in IL that's
designed to be hard to read. The CLR is very flexible and we can take advantage of this to write very confusing code, if don't mind loosing verifiability.

Finally, a strong obfuscator that encrypts strings and hides calls to your code and to system code will make all your code even harder to
read. Then, an encrypted loader (where your .exe has a data section
that contains the encrypted program, and the IL inside the .exe is
just to load it up) can raise the bar very high to even get to your
IL.

If you are interested, I can help you design these features and write code to do this. As well, I have an internal program that creates an encrypted loader, as well as does some interesting obfuscation
techniques that have been successful in stopping the .NET debuggers
from attaching to a process and prevent ILDASM/ASM round-tripping. My email address is mg*@Atrevido.net.

Thanks,
-mike
MVP
"Kiran" <ki********@nunet-tech.com> wrote in message
news:uu**************@TK2MSFTNGP12.phx.gbl...
Hi,
We would like to develop a product in VB.Net. This is the first
time I'm
involving in such type of practice. Can any one please provide the
information about the fallowing???
1. How to generate Licence Key(s) for the product? Are there any components
available to do so?
2. Since the product is distributed thru CDs, what is the process

to provide
licence keys for the clients?

Please help.


Jul 19 '05 #3

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
by: Google alias | last post by:
My trial period for Zend studio has just ended, I've requested a personal licence, and got it. After I've entered and rebooted by computer I still get a popup saying "Licence expired!" everytime I...
0
by: Jakov | last post by:
Ok there are some issues about LGPL licence. I am not a lawyer, and reading LGPL licence is making me confused. This is my problem. I have woking on some commercial application, all the software...
17
by: Laszlo Zsolt Nagy | last post by:
Hi All! I know there has been a post about Python licencing but I have different questions. I tried to Google for "Python Licence" and "Python Licencing" but I could not find the answer. Is...
2
by: Dave | last post by:
Hi, Can anyone suggest a way to generate a licence key from C/C++ program? I want to create a licence file include an encrypted text and an expiry date. The private key is hard coded in the...
2
by: Kiran | last post by:
Hi, We would like to develop a product in VB.Net. This is the first time I'm involving in such type of practice. Can any one please provide the information about the fallowing??? 1. How to...
3
by: DD | last post by:
I am after help in generating the code... The end user enters a licence no in the software to use the software as you do with Microsoft products. Can anyone help Regards DD
6
by: Hani Atassi | last post by:
If i am using a form type authintication, do I need a licence for each logged in user? The application maintain their own user list and they are not Windows accounts. If I am using SQL Server...
84
by: John Perks and Sarah Mount | last post by:
we have some Python code we're planning to GPL. However, bits of it were cut&pasted from some wxPython-licenced code to use as a starting point for implementation. It is possible that some...
1
by: IanWright | last post by:
I'm trying to think of a suitable licence model for a toolkit that I'm designing, and have come up with the following, and would like thoughts / opinions or suggestions that people can offer. The...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.