none
Licence key in .NET RRS feed

  • Question

  • I am thinking of implementing a good licensing mechanism that has a good resistance against piracy. The required mechanism should use a licence key and the licence key must update regularly. Do you guys have any better suggestions? What are the parameters/algorithms/characteristics that I need to concern to make a hack proof license mechanism?
    Tuesday, January 6, 2015 11:52 AM

Answers

  • Hello Yesim,

    I do not quite understand what you are looking for, if you mean you want to have a key which could protect your developed dlls, you could sign that dll with a strong name as follow link:

    How to: Sign an Assembly with a Strong Name

    Or check this article which implements a custom way to protect software components with license key:

    http://www.codeproject.com/Articles/8902/A-simple-software-key-useful-to-protect-software-c

    Regards.


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Wednesday, January 7, 2015 8:42 AM
    Moderator
  • I believe he mean the second one.

    However as long as you code in .NET, there's no good way to prevent people hack to walk around the licensing code, since the code must be able to be disassembled by Reflector. There's no "hack proof" idea I can add that I cannot break it myself. (Even the obfuscators don't help, I tried in the past.)

    There is attribute you can use to prevent ildasm.exe from disassembling your code, but that does not prevent people to write code to disassemble it themselves.

    Wednesday, January 7, 2015 9:08 AM
    Answerer
  • I am thinking of implementing a good licensing mechanism that has a good resistance against piracy. The required mechanism should use a licence key and the licence key must update regularly. Do you guys have any better suggestions? What are the parameters/algorithms/characteristics that I need to concern to make a hack proof license mechanism?

    The license key must update regularly?

    I've never heard of a license key updating. I've bought a lot of software over time. The same license key that came with the original software copy could always be used with the same software copy.

    Wouldn't a license key that requires update be called a temporary key? Who wants software that only a temporary key works for? Are you going to lease the software and not sell the software so after the lease expires the license key expires?

    How much have you studied on the internet about how to do this? You should use a search engine and spend some days (maybe even weeks depending on your skillset) researching what you want to know in order to get a general overview and idea of how to create license keys that are hackproof which has nothing to do with programming in a certain language.

    Some people suggest a website where a customer can either access the website or send an email or call in order to get license keys for the software they purchase. Then the customer is required to enter certain information in order to get a license key for the purchased software.

    Software can be sold where a certain amount of keys are desired by a purchaser. The website database shows the transaction including the software purchased, number of keys sold, etc for some customers account. That customer is then provided the keys in some fashion for the software (via email, by reading their account, etc).

    None of that stops a customer from installing the same software on any number of computers. I don't know of any software sold which can require a computer it is to be installed on to have internet access so that some remote site can detect if somehow numerous copies of a sold software copy are running on multiple computers without key authorization to do that. That could be a requirement but what happens if the internet goes down or the site goes down the software connects to? Now the software purchaser can't use the software? That's stupid business practice designed by a bean counter.

    There's most likely no way to keep a hacker from decompiling your code to see how it works with regard to implementing the license anyhow.

    A while back I provided someone with a question in the Visual Basic Forum a few programs that could be used for creating a License key to provide to a customer for a purchased copy of an application. The application reads the Bios hardware ID of the PC it is installed on. For each user on that PC the application is installed with the same License key and that is considered a single license use of that app. If the software copy is installed on a different PC the license key already furnished will not work as it works in conjunction with the PC's Bios hardware ID. But if you hack the app then it's plainly visible for a hacker how that is implemented and how to bypass that.

    So for that software the purchaser can buy multiple keys but must provide information to the seller, to be stored in a database, for each key purchased in order to receive a key for a machine the software is being installed on. And if a customers PC fails then they have to contact again the seller in order to explain the situation and get a new key for a new PC they install the software on.

    But you need to read up on what you want to know. Nobody here is going to tell you the best way to do anything since it's your application you want to keep safe. Until you learn you will not know if information provided to you is the best available. Basically you will settle for anything that sounds good since you know nothing else via learning.


    La vida loca


    Wednesday, January 7, 2015 9:29 AM

All replies

  • Hello Yesim,

    I do not quite understand what you are looking for, if you mean you want to have a key which could protect your developed dlls, you could sign that dll with a strong name as follow link:

    How to: Sign an Assembly with a Strong Name

    Or check this article which implements a custom way to protect software components with license key:

    http://www.codeproject.com/Articles/8902/A-simple-software-key-useful-to-protect-software-c

    Regards.


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Wednesday, January 7, 2015 8:42 AM
    Moderator
  • I believe he mean the second one.

    However as long as you code in .NET, there's no good way to prevent people hack to walk around the licensing code, since the code must be able to be disassembled by Reflector. There's no "hack proof" idea I can add that I cannot break it myself. (Even the obfuscators don't help, I tried in the past.)

    There is attribute you can use to prevent ildasm.exe from disassembling your code, but that does not prevent people to write code to disassemble it themselves.

    Wednesday, January 7, 2015 9:08 AM
    Answerer
  • I am thinking of implementing a good licensing mechanism that has a good resistance against piracy. The required mechanism should use a licence key and the licence key must update regularly. Do you guys have any better suggestions? What are the parameters/algorithms/characteristics that I need to concern to make a hack proof license mechanism?

    The license key must update regularly?

    I've never heard of a license key updating. I've bought a lot of software over time. The same license key that came with the original software copy could always be used with the same software copy.

    Wouldn't a license key that requires update be called a temporary key? Who wants software that only a temporary key works for? Are you going to lease the software and not sell the software so after the lease expires the license key expires?

    How much have you studied on the internet about how to do this? You should use a search engine and spend some days (maybe even weeks depending on your skillset) researching what you want to know in order to get a general overview and idea of how to create license keys that are hackproof which has nothing to do with programming in a certain language.

    Some people suggest a website where a customer can either access the website or send an email or call in order to get license keys for the software they purchase. Then the customer is required to enter certain information in order to get a license key for the purchased software.

    Software can be sold where a certain amount of keys are desired by a purchaser. The website database shows the transaction including the software purchased, number of keys sold, etc for some customers account. That customer is then provided the keys in some fashion for the software (via email, by reading their account, etc).

    None of that stops a customer from installing the same software on any number of computers. I don't know of any software sold which can require a computer it is to be installed on to have internet access so that some remote site can detect if somehow numerous copies of a sold software copy are running on multiple computers without key authorization to do that. That could be a requirement but what happens if the internet goes down or the site goes down the software connects to? Now the software purchaser can't use the software? That's stupid business practice designed by a bean counter.

    There's most likely no way to keep a hacker from decompiling your code to see how it works with regard to implementing the license anyhow.

    A while back I provided someone with a question in the Visual Basic Forum a few programs that could be used for creating a License key to provide to a customer for a purchased copy of an application. The application reads the Bios hardware ID of the PC it is installed on. For each user on that PC the application is installed with the same License key and that is considered a single license use of that app. If the software copy is installed on a different PC the license key already furnished will not work as it works in conjunction with the PC's Bios hardware ID. But if you hack the app then it's plainly visible for a hacker how that is implemented and how to bypass that.

    So for that software the purchaser can buy multiple keys but must provide information to the seller, to be stored in a database, for each key purchased in order to receive a key for a machine the software is being installed on. And if a customers PC fails then they have to contact again the seller in order to explain the situation and get a new key for a new PC they install the software on.

    But you need to read up on what you want to know. Nobody here is going to tell you the best way to do anything since it's your application you want to keep safe. Until you learn you will not know if information provided to you is the best available. Basically you will settle for anything that sounds good since you know nothing else via learning.


    La vida loca


    Wednesday, January 7, 2015 9:29 AM