Product Keys Based on Elliptic Curve Cryptography
A popular method of product validation is using keys similar to VJJJBX-H2BBCC-68CF7F-2BXD4R-3XP7FB-JDVQBC. These compact keys can be derived using Public Key Cryptosystems such as Elliptic Curve Cryptography.
Other Public Key Cryptosystems are available such as RSA. However, these systems generally produce larger keys (which the user will eventually have to enter into the program to unlock functionality). Smaller producing Cryptosystems exist, but it is the author's opinion that they are highly encumbered with patents. Quartz is one such example. It is a Public Key Encryption System that produces a smaller cipher text based on Hidden Field Equations (HFEs). The Quartz website is littered with phrases such as "must license" and "pay royalties".
This article will use ECIES (specified in IEEE 1363 and ANSI X9.63) as the Cryptosystem, and Wei Dai's Crypto++ for Elliptic Curve operations. ECIES is based on the work of Abdalla, Bellare, add Rogaway. ECIES will produce slightly larger keys, but the cryptosystem is less burdened with patents. The reader is also encouraged to investigate Signature Schemes (with Recovery) as an alternative method to producing Product Keys. An example is PSS-R, a Message Recovery Signature Scheme based on RSA. PSS-R is proposed in ANSI X9.31 (reopened by the ANSI X9F working group) and IEEE 1363.
This article will explain in detail the following topics:
Compiling and Integrating Crypto++ into the Visual C++ Environment
Elliptic Curve Cryptography Implementation in Crypto++
Using Elliptic Curves with User Defined Domain Parameters In Crypto++
Base Encoding a cipher text String in Crypto++
Working Demo which Exercises Product Keys based on ECC
Bulk Product Key Generation
Product Key Validation
Product Activation
Securely Saving Key or Activation State to the Registry
[ posted via RSDN@Home 1.1.4 stable SR1 r568, accompanied by silence ]
ребята, у меня ключ как раз на ECC, но это все фигня, это не панацея, потому что нужен не продукт кей, а license management.
Здравствуйте, SchweinDeBurg, Вы писали:
1. спам
2. банальщина — вся математика и криптолибы по ECC валялись в сети еще в прошлом веке. бери и пользуй
SDB>The reader is also encouraged to investigate Signature Schemes (with Recovery) as an alternative method to producing Product Keys.
бред какой то. систему управления лицензиями нужно делать только на ассиметричной подписи а не на шифровании. требование к подписи в части recovery мягко говоря сомнительное. а попросту — лишее.
ну а что может быть от бездумного применения ECC с укороченными ключами или неправильно выбранными параметрами .... лучше промолчу
