Those numbers should only account for a small fraction of all the possible numbers of the given length. I would like to be able to set a salt and maybe a length. And only a small fraction of all the possible keys of a given length are actually valid so it's hard to guess keys. For the 64-bit block cipher, I recommend , which should be fast and simple enough to implement. I'm trying to understand the cryptographically secure solution. To learn more, see our. On one hand you don't trust the user, on the other hand you have to deploy the secret used for decryption.
The cryptographically secure solution is to have signed serial numbers: the serial number is the encoding of some payload e. Salt: I don't know whether salt is the right word, but the algorithm should have at least one parameter, whose choice alters the generated keys so that multiple people can use the same algorithm and needn't fear collisions. I'm also pretty sure that the keys were all generated algorithmically rather than by hand. This is not really more secure than the plain counter, but at least the serial numbers will be random-looking. Encrypt that block with some hardcoded symmetric key, using a block cipher. This means that such a protection scheme is better suited for subscription based software than it is for traditional shelf software.
The generator should only produce serial numbers that pass the test of the checker. When you want a new serial number, increment your counter by 1000; the new counter value is the serial number. If this solution does not please you, then you do have a need for security, and this calls for cryptography. Even with both uppercase letters and digits 36 possible characters, and there you have both 'I' and '1', and also 'O' and '0' , a 160-bit signature will use 31 characters. Thanks for contributing an answer to Information Security Stack Exchange! Along with the payload, you will end up with serial numbers of length 35 or so, which is probably too much for an average user to type in but not by a large margin; an 80-bit signature would fit nicely. Encode it as a 64-bit block.
Only one of every 1000 numbers will be accepted by the checker. . . . . . .
. . . . .