Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>It's not that hard, if you're somewhat flexible in your requirements -- perhaps the scheme below would work for you.</p> <p>You could just produce K = [SN, H([X,SN,Y])] which is the concatenation of an incrementing serial number with a hash, where the hash is a secure hash function of the concatenation of the serial number between unique constants X and Y that are secret <a href="http://en.wikipedia.org/wiki/Rainbow_table#Defense_against_rainbow_tables" rel="noreferrer">"salt" you use to prevent the use of rainbow tables</a>. </p> <p>Use a well-known secure hash algorithm (e.g. SHA-1 or SHA-2; MD5 is probably also adequate, since the known weaknesses for MD5 are collision attacks, and <em>not</em> <a href="http://en.wikipedia.org/wiki/Preimage_attack" rel="noreferrer">preimage attacks</a>) and you should be all set, as least as far as the serial key part goes (you'll probably want to prevent two people from using the same key).</p> <p>The other thing you can do which is helpful is use K = [SN, T, H([X, SN, T, Y])] -- use both the serial number and a timestamp. This can be used to allow only a narrow use window for the serial key: it's valid within N seconds of the timestamp, so it would prevent reuse of the key outside that window.</p> <p>Then encode/decode K to a representation that can be used to easily allow users to enter the key (e.g. base64).</p> <p>It's best to have a simple and transparent overall algorithm -- obfuscation is not going to help you if someone reverse-engineers your scheme.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload