请查看关于部分密钥验证的文章，其中包括以下要求:

License keys must be easy enough to type in. We must be able to blacklist (revoke) a license key in the case of chargebacks or purchases with stolen credit cards. No “phoning home” to test keys. Although this practice is becoming more and more prevalent, I still do not appreciate it as a user, so will not ask my users to put up with it. It should not be possible for a cracker to disassemble our released application and produce a working “keygen” from it. This means that our application will not fully test a key for verification. Only some of the key is to be tested. Further, each release of the application should test a different portion of the key, so that a phony key based on an earlier release will not work on a later release of our software. Important: it should not be possible for a legitimate user to accidentally type in an invalid key that will appear to work but fail on a future version due to a typographical error.

所有的CD拷贝保护算法给诚实的用户带来不便，同时没有提供任何防止盗版的保护。

“盗版者”只需要获得一张合法的cd及其访问代码，他就可以制作n份拷贝并分发它们。

无论代码的加密安全性如何，都需要以明文形式提供CD，否则合法用户无法激活该软件。

Most secure schemes involve either the user providing the software supplier with some details of the machine which will run the software (cpu serial numbers, mac addresses, Ip address etc.), or, require online access to register the software on the suppliers website and in return receive an activitation token. The first option requires a lot of manual administration and is only worth it for very high value software, the, second option can be spoofed and is absolutly infuriating if you have limited network access or you are stuck behind a firewall.

总的来说，与客户建立信任关系要容易得多!

请查看关于部分密钥验证的文章，其中包括以下要求:

License keys must be easy enough to type in. We must be able to blacklist (revoke) a license key in the case of chargebacks or purchases with stolen credit cards. No “phoning home” to test keys. Although this practice is becoming more and more prevalent, I still do not appreciate it as a user, so will not ask my users to put up with it. It should not be possible for a cracker to disassemble our released application and produce a working “keygen” from it. This means that our application will not fully test a key for verification. Only some of the key is to be tested. Further, each release of the application should test a different portion of the key, so that a phony key based on an earlier release will not work on a later release of our software. Important: it should not be possible for a legitimate user to accidentally type in an invalid key that will appear to work but fail on a future version due to a typographical error.

我对人们如何生成CD密钥没有任何经验，但是(假设你不想走在线激活的道路)这里有一些方法可以生成密钥:

Require that the number be divisible by (say) 17. Trivial to guess, if you have access to many keys, but the majority of potential strings will be invalid. Similar would be requiring that the checksum of the key match a known value. Require that the first half of the key, when concatenated with a known value, hashes down to the second half of the key. Better, but the program still contains all the information needed to generate keys as well as to validate them. Generate keys by encrypting (with a private key) a known value + nonce. This can be verified by decrypting using the corresponding public key and verifying the known value. The program now has enough information to verify the key without being able to generate keys.

这些漏洞仍然容易受到攻击:程序仍然存在，可以通过打补丁绕过检查。更聪明的方法可能是使用第三个方法的已知值加密部分程序，而不是将值存储在程序中。这样，在解密程序之前，你必须找到密钥的副本，但一旦解密，它仍然很容易被复制，并且有一个人拿着他们的合法副本，并使用它使其他人能够访问软件。

您可以在使用它的软件项目中非常容易地使用和实现安全许可API(您需要从https://www.systemsoulsoftwares.com/下载创建安全许可的桌面应用程序)。

Creates unique UID for client software based on System Hardware(CPU,Motherboard,Hard-drive) (UID acts as Private Key for that unique system) Allows to send Encrypted license string very easily to client system, It verifies license string and works on only that particular system This method allows software developers or company to store more information about software/developer/distributor services/features/client It gives control for locking and unlocked the client software features, saving time of developers for making more version for same software with changing features It take cares about trial version too for any number of days It secures the License timeline by Checking DateTime online during registration It unlocks all hardware information to developers It has all pre-build and custom function that developer can access at every process of licensing for making more complex secure code

cd - key对于任何非网络的东西都不是很安全，所以从技术上讲，它们不需要安全生成。如果你使用的是。net，你几乎可以使用guide . newguid()。

它们现在主要用于多人游戏组件，服务器可以在其中验证CD Key。因此，生成它的安全性并不重要，因为归根结底就是“查找传入的任何东西，并检查其他人是否已经在使用它”。

话虽如此，你可能想要使用算法来实现两个目标:

Have a checksum of some sort. That allows your Installer to display "Key doesn't seem valid" message, solely to detect typos (Adding such a check in the installer actually means that writing a Key Generator is trivial as the hacker has all the code he needs. Not having the check and solely relying on server-side validation disables that check, at the risk of annoying your legal customers who don't understand why the server doesn't accept their CD Key as they aren't aware of the typo) Work with a limited subset of characters. Trying to type in a CD Key and guessing "Is this an 8 or a B? a 1 or an I? a Q or an O or a 0?" - by using a subset of non-ambigous chars/digits you eliminate that confusion.

话虽如此，你仍然需要一个大的分布和一些随机性，以避免盗版只是猜测一个有效的密钥(在你的数据库中是有效的，但仍然在商店货架上的一个盒子里)，并欺骗碰巧买了那个盒子的合法客户。