[.net] Registration Code Syste,
Author
Hello,
I have recently been designing a game and I need to intergrate a registration code system, because its shareware. I do not want to make it so its one registration code I want it to be so you enter a name such as Rob and the code maybe be G3G2456P. I think we use Hast Tables but in .NET there are only like 4 or 5 crypto algorithms and it would be so very easy to "crack". Do you guys have any suggestions on how I should build a robust registration code system?
Thanks for your help,
Robert A Heeley
Typically the weak link in a registration system is..
The major thing to keep in mind is attempt to not include the key generation method in the application itself. I.e. when you validate what the user enters.
Other than that, your best bet is to make it more bother to crack than it is worth.
if(!g_bRegistered){ // Display register me dialog box, or whatever..}The major thing to keep in mind is attempt to not include the key generation method in the application itself. I.e. when you validate what the user enters.
Other than that, your best bet is to make it more bother to crack than it is worth.
Author
Hello,
I know how to check if the user has registered its just trying to generate unique keys for them that work. So:
Name: James
S/N: A14J5F6
and then
Name: Joe
S/N: Q67J4F6
so they are unique to the registration name. How would I go about making this? I want it so each name and code is unique so I can add stolen keys etc.
How would I go about adding this without adding it directly into the code making it harder to crack?
Thanks,
Robert A Heeley
I know how to check if the user has registered its just trying to generate unique keys for them that work. So:
Name: James
S/N: A14J5F6
and then
Name: Joe
S/N: Q67J4F6
so they are unique to the registration name. How would I go about making this? I want it so each name and code is unique so I can add stolen keys etc.
How would I go about adding this without adding it directly into the code making it harder to crack?
Thanks,
Robert A Heeley
Also make sure you strong name your executable files and DLLs. This your app will be cryptographically signed, and Windows will fail to run it if it has been altered.
This requires someone to forge/obtain your private key, or hack the entire .NET assembly loading framework. Or use a hacked version of Mono to run your program.
This requires someone to forge/obtain your private key, or hack the entire .NET assembly loading framework. Or use a hacked version of Mono to run your program.
Author
Hi,
You learn something new every day. What do you mean by "Strong Name"? How do I do it and do I need any special software?
Has anybody got any code for creating a registration code system?
[Edited by - rob64464 on September 15, 2004 12:04:48 PM]
You learn something new every day. What do you mean by "Strong Name"? How do I do it and do I need any special software?
Has anybody got any code for creating a registration code system?
[Edited by - rob64464 on September 15, 2004 12:04:48 PM]
The first thing you can do is sign your assemblies. This will make them harder (not impossible) to crack. Secondly, you can use remoting and verify the key entered is valid/not used by anyone else.
Understand though, these measures are far from perfect, and ultimately futile.
Understand though, these measures are far from perfect, and ultimately futile.
You could have your applicationg deployment system, generate a Hash key based on several items on the PC.
For example Create a GUID for the application, then on install generate a new GUID that would represent the Applications serial number and save that to the registry or some where else. As the Application Guid is only known by you, I would then hash the two values together to give you a Registration Number.
Now you have the registration number then set in action a process that the would send you the registration number and also the application serial number (Generated earlier and saved to registry).
When you have the details you could then hash the two values together with some other code keys that Only you know that would represent the unluck code and send them back.
Then application would then have a registration form that would take all three values and would perform the calcs to unlock the app.
Hope this helps
For example Create a GUID for the application, then on install generate a new GUID that would represent the Applications serial number and save that to the registry or some where else. As the Application Guid is only known by you, I would then hash the two values together to give you a Registration Number.
Now you have the registration number then set in action a process that the would send you the registration number and also the application serial number (Generated earlier and saved to registry).
When you have the details you could then hash the two values together with some other code keys that Only you know that would represent the unluck code and send them back.
Then application would then have a registration form that would take all three values and would perform the calcs to unlock the app.
Hope this helps
Signing assemblies is simple:
Create a private/public keypair.
(sn.exe -k mykeys.snk)
Go to your AssemblyInfo.cs/vb file and change the line about the keyfile.
[assembly: AssemblyKeyFile("..\\..\\mykeys.snk")]
Build.
Keep the private key PRIVATE!
When working in a team use delayed signing!
These thing are all described in the MSDN.
This will protect your assemblies from being tampered with BUT not from being disassembled. Use the Obfuscater for that.
Cheers
Create a private/public keypair.
(sn.exe -k mykeys.snk)
Go to your AssemblyInfo.cs/vb file and change the line about the keyfile.
[assembly: AssemblyKeyFile("..\\..\\mykeys.snk")]
Build.
Keep the private key PRIVATE!
When working in a team use delayed signing!
These thing are all described in the MSDN.
This will protect your assemblies from being tampered with BUT not from being disassembled. Use the Obfuscater for that.
Cheers
Author
Hello,
Is there any simple ways to make a registration code system because I think I will strugle with all that are tere any good sies about making hast tables etc because I am very new to hashing and crypto.
What is ment by a private and public key I have seen it on MSDN but they don describe what it is. Is it a type of password or something?
I really am interested in this kind of stuff but getting to know how these things work is strugling once I understand the basic concept then I will be able to move on and create advanced crypto and hast tables.
Thanks,
Rob
Is there any simple ways to make a registration code system because I think I will strugle with all that are tere any good sies about making hast tables etc because I am very new to hashing and crypto.
What is ment by a private and public key I have seen it on MSDN but they don describe what it is. Is it a type of password or something?
I really am interested in this kind of stuff but getting to know how these things work is strugling once I understand the basic concept then I will be able to move on and create advanced crypto and hast tables.
Thanks,
Rob
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement