具有验证功能的独特 CD-KEY 生成算法
我正在尝试创建一个独特的 CD-KEY 放入我们产品的包装盒中,就像用户用来注册产品的标准软件盒中的普通 CD-KEY 一样。
然而,我们不销售软件,我们销售用于犯罪和医疗目的的 DNA 采集套件。 用户将通过邮件收到带有 CD-KEY 的唾液采集套件,他们将使用该 CD-KEY 在我们的网站上创建帐户并获取结果。 测试结果将链接到 CD-KEY。 这是我们将结果与患者联系起来的唯一方法。 因此,它不会失败是很重要的:)
要求之一是 CD-KEY 列表必须充分“分散”,这样就不可能有人输入不正确的 CD-KEY 并仍然获得批准对于其他人的套件,从而混淆了两个套件。 这可能会让我们承担数千美元的责任。
例如,它不能是数字的增量序列,例如
00001
00002
00003
...
原因是,如果有人收到试剂盒00002,但不小心将其注册为000003,那么他的结果将与其他人匹配。 所以它必须像信用卡号码一样...除非输入有效的序列,否则您随机命中有效数字的机会是百万分之一...
此外,我们每年向各种提供商出售超过 50,000 个套件(他们将生成他们自己的 CD-KEY 使用我们的算法),因此我们无法维护所有以前发行的 CD-KEY 的列表来检查是否重复。 该算法必须生成唯一的 CD-KEY。
我们还需要能够使用快速检查算法来验证 CD-KEY 是否有效,以便我们可以通知用户输入的代码是否无效。 我认为这遗漏了许多散列或 MD5 算法。 而且它不可能是 128 位的,因为谁会花时间在电脑屏幕上输入它呢?
到目前为止,这就是我所想的最终 CD-KEY 结构的样子
(4 个字符的产品代码) - (4 个字符的经销商代码) - (12 个字符的唯一、可验证的 CD-KEY)
前任。 384A - GTLD - {4565 - FR54 - EDF3}
为了确保 KEYS 的唯一性,我可以将当前日期 (20090521) 作为源的一部分。 我们每周生成唯一密钥的次数不会超过一次,因此该值的更改频率足以达到唯一初始值的目的。
我可以使用什么算法来生成唯一密钥?
I am trying to create a unique CD-KEY to put in our product's box, just like a normal CD-KEY found in standard software boxes that users use to register the product.
However we are not selling software, we are selling DNA collection kit for criminal and medical purposes. Users will receive a saliva collection kit by mail with the CD-KEY on it and they will use that CD-KEY to create an account on our website and get their results. The results from the test will be linked to the CD-KEY. This is the only way that we will have to link the results to the patients. It is therefore important that it does not fail :)
One of the requirements would be that the list of CD-KEYs must be sufficiently "spread" apart so that there is no possibility of someone entering an incorrect CD-KEY and still having it approved for someone else kit, thereby mixing up two kits. That could cost us thousands of dollars in liability.
For example, it cannot be a incremental sequence of numbers such as
00001
00002
00003
...
The reason is that if someone receives the kit 00002, but registers it as 000003 by accident, then his results will be matched to someone else. So it must be like credit card numbers... Unless a valid sequence is entered, your chances of randomly hitting a valid number is 1 in a million...
Also, we are selling over 50,000 kits annually to various providers (who will generate their own CD-KEYS using our algorithm) so we cannot maintain a list of all previously issued CD-KEYS to check for duplicate. The algorithm must generate unique CD-KEYs.
We also require the ability to verify that the CD-KEY is valid using a quick check algorithm, so that we can inform the user if the code he enters is invalid. This leaves out many hashing or MD5 algorithms I believe. And it cannot be a 128 bit because, who would take that time to type it out on the computer screen?
So far this is what I was thinking the final CD-KEY structure would look like
(4 char product code) - (4 char reseller code) - (12 char unique, verifiable CD-KEY)
Ex. 384A - GTLD - {4565 - FR54 - EDF3}
To insure the uniqueness of the KEYS, I could include the current date (20090521) as part of the source. We wont generate unique keys more than once a week, so this value changes often enough for the purpose of unique initial value.
What possible algorithm can I use to generate the unique keys?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(5)
创建字符串
000001 000002 Create the strings
<providername>000001,<providername>000002, etc. or whatever and encrypt them with a public key, and that's your "CD-KEY" that the user enters. Decrypt the CD-KEY with the private key and validate that when decrypted you get a valid string with a valid provider name.信用卡号码使用 Luhn 算法,您可能想查看类似的内容。
Credit Card numbers use the Luhn algorithm you might want to look at something similar to that.
我使用 SeriousBit Ellipter 链接 进行软件保护,但我不认为您可以为每个密钥生成一组唯一密钥周和我们图书馆在输入您的网站时验证密钥的有效性。 您还可以将可选服务编码到密钥中,以便您控制如何从密钥处理样本(如果您有不同的服务级别)。
由于它首先使用加密的密钥生成方法并且相对便宜,所以我想说它当然值得一看。
I use SeriousBit Ellipter link for software protection but I don't see any reason you could generate a group of unique keys each week and us the library to verify the key validity when entered into your web site. You can also encode optional services into the key allow you to control how the sample is processed from the key (that's if you have different service levels).
As it uses an encrypted method of key generation in the first place and it's relatively cheap, it's certainly worth a look I would say.
我最终选择了这种形式的 CD 密钥,
我使用了 mod 11 ISBN 校验和数字算法。
I finally settled for a cd-key of this form
I used the mod 11 ISBN checksum digit algorithm.
生成 GUID 并将随机数与其连接起来。 GUID 保证是唯一的,并且随机数将使得意外敲击代码的可能性降低。 只是不要以任何方式修改 GUID,否则可能会损害唯一性。
http://msdn.microsoft.com/en-us/library/aa475087。 ASPX
Generate GUID and catenate a random number to it. GUID is guaranteed to be unique and random number will make it improbable to hit a code accidentally. Just don't modify the GUID in any way or you might compromise the uniqueness.
http://msdn.microsoft.com/en-us/library/aa475087.aspx