Sign in to follow this  

[.net] Registration Code Syste,

This topic is 4839 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

Hello, I have recently been designing a game and I need to intergrate a registration code system, because its shareware. I do not want to make it so its one registration code I want it to be so you enter a name such as Rob and the code maybe be G3G2456P. I think we use Hast Tables but in .NET there are only like 4 or 5 crypto algorithms and it would be so very easy to "crack". Do you guys have any suggestions on how I should build a robust registration code system? Thanks for your help, Robert A Heeley

Share this post


Link to post
Share on other sites
Typically the weak link in a registration system is..


if(!g_bRegistered)
{
// Display register me dialog box, or whatever..
}




The major thing to keep in mind is attempt to not include the key generation method in the application itself. I.e. when you validate what the user enters.

Other than that, your best bet is to make it more bother to crack than it is worth.

Share this post


Link to post
Share on other sites
Hello,
I know how to check if the user has registered its just trying to generate unique keys for them that work. So:

Name: James
S/N: A14J5F6

and then
Name: Joe
S/N: Q67J4F6

so they are unique to the registration name. How would I go about making this? I want it so each name and code is unique so I can add stolen keys etc.

How would I go about adding this without adding it directly into the code making it harder to crack?

Thanks,
Robert A Heeley

Share this post


Link to post
Share on other sites
Also make sure you strong name your executable files and DLLs. This your app will be cryptographically signed, and Windows will fail to run it if it has been altered.

This requires someone to forge/obtain your private key, or hack the entire .NET assembly loading framework. Or use a hacked version of Mono to run your program.

Share this post


Link to post
Share on other sites
Hi,
You learn something new every day. What do you mean by "Strong Name"? How do I do it and do I need any special software?

Has anybody got any code for creating a registration code system?

[Edited by - rob64464 on September 15, 2004 12:04:48 PM]

Share this post


Link to post
Share on other sites
The first thing you can do is sign your assemblies. This will make them harder (not impossible) to crack. Secondly, you can use remoting and verify the key entered is valid/not used by anyone else.

Understand though, these measures are far from perfect, and ultimately futile.

Share this post


Link to post
Share on other sites
You could have your applicationg deployment system, generate a Hash key based on several items on the PC.

For example Create a GUID for the application, then on install generate a new GUID that would represent the Applications serial number and save that to the registry or some where else. As the Application Guid is only known by you, I would then hash the two values together to give you a Registration Number.
Now you have the registration number then set in action a process that the would send you the registration number and also the application serial number (Generated earlier and saved to registry).

When you have the details you could then hash the two values together with some other code keys that Only you know that would represent the unluck code and send them back.

Then application would then have a registration form that would take all three values and would perform the calcs to unlock the app.

Hope this helps

Share this post


Link to post
Share on other sites
Signing assemblies is simple:
Create a private/public keypair.
(sn.exe -k mykeys.snk)

Go to your AssemblyInfo.cs/vb file and change the line about the keyfile.
[assembly: AssemblyKeyFile("..\\..\\mykeys.snk")]

Build.

Keep the private key PRIVATE!
When working in a team use delayed signing!

These thing are all described in the MSDN.

This will protect your assemblies from being tampered with BUT not from being disassembled. Use the Obfuscater for that.

Cheers

Share this post


Link to post
Share on other sites
Hello,
Is there any simple ways to make a registration code system because I think I will strugle with all that are tere any good sies about making hast tables etc because I am very new to hashing and crypto.

What is ment by a private and public key I have seen it on MSDN but they don describe what it is. Is it a type of password or something?

I really am interested in this kind of stuff but getting to know how these things work is strugling once I understand the basic concept then I will be able to move on and create advanced crypto and hast tables.

Thanks,
Rob

Share this post


Link to post
Share on other sites
A short description of encryption:
1. Symmetric encryption.
Use a secret word (key) to encrypt the data.
Use the same secret to decrypt.

E.g. Add to all bytes 7 (7 is the secret) and substract it to retrieve the original data.

Pro's: fast, easy to implement.
Con's: not very secure

Advise: do not use the same key to long, but generate new keys.

2. Asymmetric encryption
Use a private key to encrypt.
Recievers uses the public key to decrypt.

The algorithm used is quite simple when you're a mathmatician like me but for now you should trust the fact that modulo calculus is has no inverse and therefore you can not calculate the private key from the data ans the public key. (You can guess it; that is why these key are chosen in the range off 32 to 256 bit numbers)

The reciever now knows that the sender has sent the message because the private and the public key belong together. And the message can only be decrypted by using the other key.
Anyone can read the message because the public key is, well ehm, public. To solve this you encrypt a symmetric key with the sender's public key. That way the sender only can decrypt (with the private key) the symmetric key. From then on they can exchange data by using the symmetric key.

Pro's: very secure, almost unbreakable!
Con's: slow, processor consuming.

Advise: keep the private keys private and use this way of encryption just for things that need heavy encryption.

.NET: there are several algorithmes in .NET available. In the end they allway fall into one of these categories. Check out:

DESCryptoServiceProvider and RSACryptoServiceProvider.

Cheers

Share this post


Link to post
Share on other sites

This topic is 4839 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this