Encryption can help protect data from being viewed and modified, and can help provide a secure means of communication over otherwise insecure channels. For example, data can be encrypted using an encryption algorithm, transmitted in an encrypted state, and then decrypted by the intended recipient. If a third party intercepts encrypted data, it will be difficult to decrypt the data.
To achieve these goals, you create encryption schemes using a combination of algorithms and conventions, called encryption primitives. Including private key encryption (symmetric encryption), public key encryption (asymmetric encryption), cryptographic signatures, and cryptographic hashes.
We use public key encryption (asymmetric encryption) to implement the registration code algorithm.
Public key encryption uses a private key that must be kept secret from unauthorized users and a public key that can be made public to anyone. Both public and private keys are mathematically related; data encrypted with the public key can only be decrypted with the private key, while data signed with the private key can only be verified with the public key.
For the registration code, we use the private key to sign a string (username), and then use the public key to verify the signature (registration code). Since the public key can only be used for verification, we can distribute the public key with confidence; the private key is used for signing, so the private key must be kept in the hands of the developer. In this way, the purpose of registration certification is achieved. All software currently registered using the "username, registration code" mode should use this technology.
First we generate a public key and private key that we want to use.
Private rsa As New Security.Cryptography.RSACryptoServiceProvider
The RSACryptoServiceProvider class provides an implementation of the RSA algorithm to perform asymmetric encryption and decryption. The public and private keys we need can be generated through ToXMLString.
rsa.ToXmlString(False)
rsa.ToXmlString(True)
When the parameter is False, only the public key will be generated; when True, both the public key and the private key will be generated. We generally get a public key string through ToXmlString(False); get a private key string through ToXmlString(True) (although it contains the public key). We can save these two keys on the local machine, define and use them through string constants. In other words, our registration information will use unique public and private keys.
We then sign the specified string with the public and private keys.
rsa.FromXmlString(PRIVATE_KEY)
Dim f As New Security.Cryptography.RSAPKCS1SignatureFormatter(rsa)
f.SetHashAlgorithm("SHA1")
Dim source() As Byte = System.Text.ASCIIEncoding.ASCII.GetBytes(UID)
Dim sha As New Security .Cryptography.SHA1Managed
Dim result() As Byte = sha.ComputeHash(source)
Dim regkey() As Byte = f.CreateSignature(result)
SerialNumber = Convert.ToBase64String(regkey)
Re-initialize the rsa object with the private key just obtained, and then Signature is performed through the RSAPKCS1SignatureFormatter class. We convert the input string into a byte array (our default user name here can only be composed of ASCII characters), and calculate its hash value through the SHA1 hashing algorithm. Then use the CreateSignature method to sign the obtained hash value. Finally, we convert the obtained byte array into a string as the registration code. This is the process of generating a registration code. We can reuse this program to sign different usernames to obtain different registration codes corresponding to them.
Finally, we verify the username and registration code we just obtained.
rsa.FromXmlString(PUBLIC_KEY)
Dim f As New Security.Cryptography.RSAPKCS1SignatureDeformatter(rsa)
f.SetHashAlgorithm("SHA1")
Dim key() As Byte = Convert.FromBase64String(SerialNumber)
Dim sha As New Security.Cryptography.SHA1Managed
Dim name () As Byte = sha.ComputeHash(System.Text.ASCIIEncoding.ASCII.GetBytes(UID))
Result = f.VerifySignature(name, key)
This time we use the public key to initialize the rsa object, and then verify the signature through the RSAPKCS1SignatureDeformatter class . We reversely convert the obtained registration code into a byte array; and perform hash calculation on the user name to obtain the hash value. Finally, verify it through VerifySignature.
As can be seen from the above program, a private key is required to generate a registration code (the private key is accompanied by public key information), and any number of username and registration code pairs can be generated. With the public key, we can only verify but not generate. Therefore, the public key can be safely distributed to all users for verification, but the private key cannot. Therefore, the public key and verification algorithm can be included in the released version. Because even if the user obtains the public key and verification algorithm, it cannot be easily cracked.
The popular registration machines on the Internet today largely crack the private key of the software, thereby achieving unlimited generation of the required registration information. But if users decompile your product and modify the intermediate code, it will bypass the registration judgment logic. This is not a problem that this article can solve. Because even if you use Web Service technology for online activation or registration, you can still analyze the server information through network listening and simulate a fake server.
http://www.cnblogs.com/farrio/archive/2006/12/01/579296.html