Solved

a "vairable"

Posted on 2004-08-31
7
170 Views
Last Modified: 2010-04-15
I am building something taht a client has paid for a specific amount of license for, so in our code we have a number represnting that...but if they purchase more license we need to update taht number.
Is there a better way of doing this other than resend the client another DLL?
Please adivse of another way, but it needs to be secure and in a way so the client wont figure it out so they wont increase the license number.

Please advise.
0
Comment
Question by:solraccheffy
  • 3
  • 2
  • 2
7 Comments
 
LVL 69

Expert Comment

by:Callandor
ID: 11946681
You could construct a key that incorporates the number of licenses allowed, then have the program read the key and calculate how many licenses that key represents.  The encryption algorithm to create the key needs to be sophisticated enough (perhaps involving large prime numbers) to prevent breaking and will only allow the program to work if a valid key is provided.
0
 

Author Comment

by:solraccheffy
ID: 11947421
That is kind of what I am looking for....I have that thought but not sure on how to go about implementing it.
please advise.
0
 
LVL 69

Expert Comment

by:Callandor
ID: 11948599
Have you taken a look at how PGP is implemented?  There is a public key and a private key, and though you don't need a public and private key, you could code the public key to decrypt what you send that's encrypted with the private key.  This could include how many licenses, and the program could reject any answer outside a range.  The client would only see an encrypted license key, which the program would decrypt and figure out how many licenses they have.  They would not be able to change the license key without knowing what the private key was.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Author Comment

by:solraccheffy
ID: 11951194
Makes sense, where can I get an example on how to do this, step by step?
0
 
LVL 69

Expert Comment

by:Callandor
ID: 11952006
Take a look at http://www.pgpi.org/
0
 
LVL 7

Accepted Solution

by:
jackiechen858 earned 125 total points
ID: 11954859
I think it don't need to be so complex.  you can just samply use a md5 method
to do it.

using System.Text;
using System.Security.Cryptography;

            public static string GetLicenseString (int nlicenseNumber  )
            {
                  string strMDAppend = "xzkale2sx789ASw";
                  string strMD = nlicenseNumber.ToString() + strMDAppend;


                  UTF8Encoding encoder =new UTF8Encoding();

                  MD5CryptoServiceProvider md5 =  new MD5CryptoServiceProvider();
                  byte[] result =md5.ComputeHash( encoder.GetBytes(strMD) );
                  string strResult="";
                  for ( int i=0;i<16;i++ )
                  {
                        strResult += result[i].ToString("X00");
                  }
                  return strResult;
            }

using the above function, you can get a unique string for any number.
save the number and the string into a file. and when you load the dll,
call the same function to generate a new string for the same number.
the two strings should be same.  it used MD5 algorithm to generate
a 16 bytes array for a string. If the input strings are different, the output
arrays will "almost for sure"( 1/ (2^(8*16) )  )  be different. and the
good thing is even if the input string only has little difference, the output
arrays will be totally mess, so it's impossible to reversely get the string
from the array. So if the user can't get the strMDAppend "xzkale2sx789ASw",
he can't generate the string.




0
 
LVL 7

Expert Comment

by:jackiechen858
ID: 11954957
the bad thing about the sample solution is if they trace the dll and find the
strMDAppend , then you are screwed :-( but if they can trace the binary
code, I guess they can do everything.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Extention Methods in C# 3.0 by Ivo Stoykov C# 3.0 offers extension methods. They allow extending existing classes without changing the class's source code or relying on inheritance. These are static methods invoked as instance method. This…
Exception Handling is in the core of any application that is able to dignify its name. In this article, I'll guide you through the process of writing a DRY (Don't Repeat Yourself) Exception Handling mechanism, using Aspect Oriented Programming.
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now