5

I have this idea of implementing a license key:

  1. After the user downloads the program, he connects to a website and sends his Windows product ID.
  2. The website, then, sends this back to him with a signature using a private RSA key.
  3. The program, then, checks, using a public key, whether it is really signed by the private key, and stores this message it got.

Now, every time the program starts, it retrieves this message, and checks it in the way mentioned in 3., comparing that with the windows product ID retrieved from the operating system.

This is done using 1024 bit numbers. I can't encode anything with the private key using what the computer language (C#) offers. (I don't want to implement my own algorithm – I don't know enough about encryption.)

Is the Windows product key long enough for this? It's something like 12345-abc-1234567-12345. (Get it by right-clicking on “my-computer”, and clicking “properties”.)

I apologize for my non-cryptographer way of asking. Here are the questions:

a) Is encrypting a small number by a large key safe?

b) Is signing a message (as opposed to encrypting it) safe?

Ilmari Karonen
  • 46,700
  • 5
  • 112
  • 189
ispiro
  • 2,085
  • 2
  • 18
  • 29

2 Answers2

5

That is not a bad method of doing a license key; an attacker would certainly be unable to generate a signature that would validate with his computer's window product key.

On the other hand, this approach may be overkill. The easiest way to attack this system would be to modify the program to skip (or ignore) the signature validation; hackers have both the experience and the tooling to do this fairly easily. I don't believe that there are any easily implemented license key approaches that make that attack more difficult; however, there are certainly other approaches that would be easier to implement.

Since you asked for cryptographical advice, here is some:

  • If you do use this approach, you might as well make sure you get the details correct; you use a known-good padding scheme (say one of the ones listed in PKCS #1).

  • You ask whether the window product key is long enough. The answer is "Yes, it is". Actually, the length of what you sign is not important to the security of the signature method; it just needs to be long enough to be unique.

poncho
  • 154,064
  • 12
  • 239
  • 382
4

RSA signatures are designed in a way that only the owner of the private key can generate valid signatures, no matter the message size/length. (There is no proof of this, but RSA would be considered broken if this was not the case.)

Your signature is actually a certificate saying The program is allowed to run on a computer with Windows-ID xxx, and if your program runs only on computers where a fitting certificate is available, this is safe, from the cryptographic point of view.

If the Windows Product ID is unique, then also no such certificate can be used on different computers.

Your scheme actually doesn't use RSA encryption, only signature, so your first question does not apply here. But RSA encryption should also be safe for small messages. (Actually, there is an upper size limit for RSA encryption, which is why you would usually encrypt a symmetric key with RSA and then encrypt the message using a symmetric algorithm.)

Community
  • 1
Paŭlo Ebermann
  • 22,946
  • 7
  • 82
  • 119