The registration code (also known as the serial number) of most shared software on the Internet is not well designed, and it is easy for hackers to make registration machines. The following describes how to use RSA to create a registration code. Using this method, it is difficult to write a registration machine if you do not know the key. In fact, some software already uses this method.
Everyone knows that RSA uses a pair of keys, that is, the public key and private key. It is difficult to launch a private key from the public key, and vice versa. This difficulty is based on the difficulty of big data decomposition. The idea of using RSA to generate a shared software registration code is as follows:
1. Generate a random pair of Public Key E and private key D;
2. The software author writes a registration machine by himself. The registration machine completes the work of encrypting the user name M with the private key D, and the ciphertext C is the registration code. Because ciphertext often contains non-printable characters, it is best to encode the ciphertext into printable characters, such as base64 and uuencode encoding.
Ciphertext C = (M ^ D) mod N
^ Indicates the power, mod indicates the remainder, and N indicates the modulus of RSA.
3. The sharing software first decodes the entered registration code (such as base64 decoding), obtains the ciphertext, and then decrypts the ciphertext with the public key E to obtain the plaintext m ', if the text and username are the same (that is, the M' = M is met), the registration code is correct. Otherwise, the registration code is invalid. The attacker can get the public key E by tracking your software, but cannot get the private key D.
Plaintext M' = (C ^ E) mod D
There are several notes:
1. modulus N is too short-term insecure and easy to be decomposed. With the current computing power, we recommend that N be greater than 512-bit. However, the length of the registration code also increases, which may cause inconvenience to users. Generally, you must use a large number library to implement RSA.
2. When generating a random key pair, use the random number generation algorithm as best as possible. Otherwise, n is likely to be decomposed.
3. You can also use public key E on the registration machine to encrypt the user name to obtain the registration code. In the software, use the private key d to decrypt the user's entered registration code to obtain the user name. At this time, the public key e cannot take the commonly used fixed values such as 3 and 65537. Otherwise, once guessed e, it can also be written into the registration machine, in this case, the attacker can obtain the private key D from your software.
4. This method is only used to prevent the developer from writing the registration machine. It cannot prevent the attacker from cracking your software by modifying the redirection instructions in the program. To prevent others from modifying your program files, you can use a part of the registration code to encrypt your program code or data.
5. This method can be slightly changed to prevent genuine users from distributing registration codes. That is, the user name can be replaced with the hardware and software information of the user's machine by using one machine and one code, the hardware and software information should uniquely represent the user's machine, otherwise it is easy to be forged.
6. After using the above method, only people who know at least one valid registration code can crack the program.
The following is an example of using a large number of computing database freelip (http://www.und.nodak.edu/org/crypto/crypto/numbers/programs/freelip/freelip_1.1.tar.gz) to achieve RSA. This database is written in C and requires a license for commercial use.
1. First, a random key pair is generated. You can randomly search for large prime numbers by programming on your own. Here, for example, we use rsatool (http://www.secretashell.com/TMG/RSATool2v15.zip) to generate 64-bit RSA parameters:
Large prime number p = a57f2b33, large prime number q = e7c441b3, modulus n = 95d49fd119ef27a9, Private Key d = 76d2a6e2ac86cc99, public key e = 65537
2. Create a registration machine. Encrypt the user name with the private key D. The obtained ciphertext is used as the registration code:
First define the macro Win32 (which comes with VC, but must be defined in BCB), and then include the header file "Lip. H ":
# Ifndef Win32
# Define WIN32
# Endif
# Include "lip. h"
And add "lip. c" to the project.
Then convert the username's ASCII code into the corresponding hexadecimal string:
Char UserName [] = "4E6574677579 ";
Char SerialNumber [2, 256];
Verylong N = 0, D = 0, M = 0, C = 0; // verylong is the big number type in Freelip.
Zhsread (UserName, & M); // initialize the plaintext M. M equals the hexadecimal representation of the user name.
Zhsread ("95D49FD119EF27A9", & N); // initialize the modulus N
Zhsread ("76D2A6E2AC86CC99", & D); // initialize the private key D
Zexpmod (M, D, N, & C); // calculate ciphertext C = (M ^ D) mod N
Zswrite (SerialNumber, C); // write the decimal string of C to SerialNumber, that is, the registration code.
3. Determine the registration code in the software.
Char UserNameString [] = "4E6574677579"; // user name entered
Char SerialNumber [] = "1876542098762625173846272838"; // The registration code entered by the user
Verylong N = 0, E = 0, C = 0, UserName =, DecryptedUserName = 0;
Zhsread (SerialNumber, & C); // initialize the ciphertext C
Zhsread ("95D49FD119EF27A9", & N); // initialize the modulus N
Zsread ("65537", & E); // initialize the public key e
Zexpmod (C, E, N, & decryptedusername); // calculate the plaintext decryptedusername = (C ^ e) mod n
Zhsread (usernamestring, & username); // user name entered by the user
If (zcompare (username, decryptedusername ))
{
// Incorrect registration code
}
Else
{
// Correct registration code
}
Appendix: Addresses of frequently-used big data computing libraries (some of which are not specialized big data computing libraries but contain related libraries)
1. crypto ++: http://www.eskimo.com /~ Weidai/cryptlib.html (C ++)
2. MIRACL: http://indigo.ie /~ Mscott/(C/C ++)
3. gnu mp: http://www.swox.com/gmp/ (C)
4. Piologie: http://www.hipilib.de/pidownload.htm
5. cryptlib: http://www.cs.auckland.ac.nz /~ Pgut001/cryptlib/
6, RSAEuro: http://www.rsaeuro.com/products/RSAEuro/
7. OpenSSL: http://www.openssl.org/
9. RSARef: http://download.gale.org/rsaref20.tar.Z
10, GInt: http://triade.studentenweb.org/GInt/gint.html (Delphi)