8. Software Protection: Registry, License Keys, Hashing | WPF C# Timer
Vložit
- čas přidán 6. 03. 2021
- Work with registry, generate and use license keys and use hashing for software protection.
Subscribe! ► czcams.com/users/QuasimodoPr...
Part of a series of tutorials on creating a WPF timer application in C#.
Source code:
github.com/QuasimodoPrograms/...
Latest code: github.com/QuasimodoPrograms/...
More WPF Timer ► • WPF C# Timer
great video. Thank you
You're welcome
👍👍👍
Your implementation has a few issues:
- Using a list of hashes means that you have a limited number of keys to deploy.
- MD5 is really weak and has rainbow tables readily available. So if someone extracted out the hashes then they would be able to reverse all of the keys in a short period.
I'd recomment using public / private keys to generate license codes. The application would ship with the public key and use it to validate the signature of the signed key. This has a few advantages:
- Virtually unlimited keys.
- Having the public key only means that they can't reverse engineer license keys (at least without excessive computational complexity).
- You can embed info in the key (eg. where it was sold, customer info, etc) so any leaks of keys can be tracked back to the person.
That said anyone worth their salt will just decompile the application and remove the checks so >_
1. Limited number of keys: yes but that can be solved by simply adding more hashes to the list in the next update of a program.
2. MD5 is really weak: unfortunately, I was not aware of that.
3. Public/private keys: indeed, they could be used instead but as you have noted, decompiling allows to bypass such protection too. So, if both can be taken down the same way, I have chosen the more easy to implement protection of MD5.
Thank you for the notes and the recommendation.