Best IT Recipes

Out of curiosity: how are serial numbers generated? Tips, algorithms?

I wonder how the serial number generators and the validator work. My goal would be to create a serial number with five parts consisting only of numbers and letters.

I like coding as a hobby and do not call myself a professional programmer. However, I am very interested in how these interesting features work technically to expand my mind.

Any clues, experiences or written algorithms are appreciated.

+38
generator algorithm validation serial-number
Apr 03 '09 at 19:08
source share
7 answers

Brandon Staggs has written a good article on the Implementation of a Partial Sequential Number Check System . Examples are written in Delphi, but can be converted to other languages.

+24
Apr 03 '09 at 19:44
source share

Well, traditionally serial numbers are serial numbers. So, the first example from the production line has sn 0001, then the next 0002, and the next - 0003. I think most people can solve this algorithm.

I think that you are really asking about product keys that use a similar mechanism for signing a public key message - the product key is an encrypted value, the program has a public key that allows you to verify that the key is valid, but only the software provider has a secret key to "sign" the product key. The wikipedia article in digital signatures has a common mechanism; the only condition is that to enter the key by the user, it must be slightly shorter than PGP.

If you are limited to a very short serial number, then it is unlikely to be large enough to save the result of a typical signing mechanism, in which case it is quite common to use some kind of checksum on it. The disadvantage is that it is easy to reconstruct - security - this is because the algorithm is "secret", and not because of any cryptographic properties. Each product will have its own algorithm, and they usually crack quickly.

If you have 5 blocks of 5 characters, you have 36 ^ 25 combinations that are larger than 2 ^ 128, so you can use one of the standard digital signature algorithms that generates 128 bits and then converts this value to base 36.

+16
Apr 03 '09 at 19:18
source share

Get yourself a public / private key . Create serial numbers (10000, 20,000, 30,000, 40,000, ....) that have some identifying characteristic (for example, divided by 10,000). Encrypt this number using your private key. Encode this value with some human-readable system ( base 32 or 64 ) and divide the values ​​into groups to make parsing easier for people. Distribute the encoded serial number every time you sell your application.

Somewhere in the application you have a hidden key hidden. When the user enters an encoded serial number, first decode it back to binary. Use the public key to decrypt it. Make sure it is divisible by 10,000.

The hard part in the implementation is hiding the public key in the application, so it cannot be easily replaced. Choosing a sequence that you can easily identify but not run out of values. Obfuscate the application so that someone cannot easily skip the entire scan. etc...

+15
Apr 03 '09 at 19:25
source share

You can use a random number generator and store the outputs in a database. In the case of an activation request, you simply check if the serial number is in the database and marks the serial number as “used”.

Of course, this requires an Internet connection, but this is good against the “buy once, use many and many times” method, and if you support a call, you can reactivate this serial number for another reinstallation.

Then edit: you should also use an encrypted and authenticated connection, for example, HTTPS, to check the Internet.

+3
Apr 03 '09 at 19:43
source share

A GUID (“Globally Unique Identifier”) can be an easy way to solve this problem:

http://en.wikipedia.org/wiki/Globally_Unique_Identifier

Guides contain 16 bytes and are most often written in the text as a sequence of hexadecimal digits, such as:

3F2504E0-4F89-11D3-9A0C-0305E82C3301

And most programming languages ​​should be able to generate GUIDs from one of the available libraries.

+3
Apr 3 '09 at 21:25
source share

Using my google-foo, I came up with this article:

http://www.mactech.com/articles/mactech/Vol.13/13.02/SerialNumberGenerator/index.html

+1
Apr 03 '09 at 19:13
source share

Lots of info here:

http://en.wikipedia.org/wiki/Luhn_algorithm

http://en.wikipedia.org/wiki/Check_digit

0
Apr 3 '09 at 19:17
source share


More articles:


All Articles