Hi,

I'm trying to write a licensing module of my C# Application. The license file is a basic text file saved on the clien'ts machine which includes an encrypted 64BaseString. Up and until now I've used the Rijndal method for encrypting and decripting the string and matching the license up with a special computer id that I generate in code. This method works fine, until I realised that a .NET dll file is quite easy to dissasemble and any programmer can reverse engineer my methods as the encryption/decryption key is hard coded.

The only method that I can think of to improve my licensing to make it more secure, is to encrypt the license file contents with a key that I hold secret on my side. Then I want to have a different key hard coded in the system which will be able to decrypt this text file. But this hard coded key should not be able to encrypt the file again. This would mean that my software will expect an encrypted file and if using the user's key to decrypt the file, but the file was hacked and encrypted by the user's key - it won't work.

The theory makes sense - at least to me, but I just can't find any encryption methodology that can do this. I've tried RSA, DES, AES and a few others. Could anyone maybe send me in a direction and let me know if this is at all possible.

Thanks

The only method that I can think of to improve my licensing to make it more secure, is to encrypt the license file contents with a key that I hold secret on my side. Then I want to have a different key hard coded in the system which will be able to decrypt this text file. But this hard coded key should not be able to encrypt the file again. This would mean that my software will expect an encrypted file and if using the user's key to decrypt the file, but the file was hacked and encrypted by the user's key - it won't work.

The theory makes sense - at least to me, but I just can't find any encryption methodology that can do this. I've tried RSA, DES, AES and a few others. Could anyone maybe send me in a direction and let me know if this is at all possible.

AES and DES are both symmetric-key systems, which is basically what you were using before--one key both encrypts and decrypts--so they are not what you want.

What you want--and you've summarized it pretty well--is a public-key system. RSA is an excellent example; what made you decide it wasn't going to work for you?

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.