A perfect summer day is when the sun is shining, the breeze is blowing, the birds are singing, and the lawn mower is broken. - James Dent
Question #93284 posted on 08/27/2020 12:04 p.m.
Q:

Dear 100 Hour Board,

Software license keys are the one-way encryptions of some secret plaintext the maker of the software gives you, which the application then decrypts and subsequently either recognizes "Yes this is a valid license, I'm going to start up" or "Nope, not starting."

But what usually is the content of the plaintext of the license? What is the original information that the key generator put in before encrypting it?

-"This is a valid license + [nonce]"

A:

Dear friend,

I have no idea what industry standards are. However - there are a lot of people on Stack Overflow suggesting relatively easy ways to generate license keys. For those using encryption, it seems like a relatively common approach is to generate a string with information about the license (it seems like creation date is a common component), maybe plus some secret nonsense. Then they hash it, and optionally use that hash in combination with some other information (maybe the user's name) to create a key. (This is also assuming offline activation; it seems like there are a lot more secure options for online activation, because you can verify whatever key the user has on your own server.)

There's some pretty interesting information about keygen algorithms in this post, if you're interested.

My knowledge about this subject is extremely limited; corrections are welcome from readers who know more than I do.

Best,

Josefina