Re: encrypting licenses

Tech-Archive recommends: Speed Up your PC by fixing your registry

On 24 Nov., 17:45, Peter Bromberg [C# MVP]
<pbromb...@xxxxxxxxxxxxxxxxxxxx> wrote:
Why not just encrypt the license file contents and have your program itself
do the decryption at runtime from the supplied license file?

--Peter
"Inside every large program, there is a small program trying to get out."http://www.eggheadcafe.comhttp://petesbloggerama.blogspot.comhttp://www.blogmetafinder.com

"ReneMarxis" wrote:
Hello

i have one question reguarding crypting.
First let me explain what i like to do:
I need to pass some licese files to customers. Everything needs to be
done "offline" which requires
me to send files to the customer that include the license
I like to encrypt the license file in one application and decrypt it
at the customer on an other application.

I did read a little on encryption and did not find any way to do the
following:
Use a private key-pair to encrypt and an public one to decrypt.

Every encryption-methods seem to be build up exactly the way arround:
use public key to encrypt and private to decrypt.
But as the private key also includes the public key, i would end up in
putting the key to encrypt the license in the customer application.
This is something i don't like of course.

Now what i need is not some way to encrypt data so it is not readable
but encrypt it in a way that it is not reproduceable.

Is this something thats achiveable with signed data (signed xml eg.)?

many thanks in advance

_rene

Hello and thanks for your answer :)

I did implement the whole thing using signed xml now and it works
great.
I allready did that before but i attached a keyinfo to the signature
(private) thats why every call to CheckSignature returned true, even
if i changed the input xml to include a completly different signature.
The only thing that had to be correct was the signature.
Now that i do not attach the keyinfo any more, i can generate a new
signkey from just the public key and check the signature with that
key. So no one will be able to generate a license now any more, as you
need the private key to encrypt/sign the data and that is not present
in the client-application
.

Relevant Pages

  • Re: RSA - Public vs. Private Keys
    ... This is a common pattern for license software ... your client will send a unique machine hash to the ... will let us decrypt with a Public Key (or simply not ... |> RSA is intended to encrypt messages with public keys only. ...
    (microsoft.public.dotnet.security)
  • Re: Looking for a simple blowfish example
    ... Blowfishto encrypt and decrypt? ... version 2.1 of the License, or any later version. ... a string or character text instead of an integer expecially a 1 and a ...
    (sci.crypt)
  • Re: Looking for a simple blowfish example
    ... Blowfishto encrypt and decrypt? ... version 2.1 of the License, or any later version. ... a string or character text instead of an integer expecially a 1 and a ...
    (sci.crypt)
  • Re: Looking for a simple blowfish example
    ... Blowfishto encrypt and decrypt? ... This library is free software; ... version 2.1 of the License, or any later version. ...
    (sci.crypt)
  • Re: RSA question
    ... I assume you want to encrypt these licence codes so ... A license code scheme generally wants the author to *SIGN* license ... the customer when his hardware needs replacing. ... is to put the licence code on the physical product so that it ...
    (sci.crypt)