First, that was exactly what I was wondering...if by using a method
primarily designed for large amounts of data in a stream, would I be
over-doing it by using the same methods for simple lines of text? Other
than that, I don't have a problem with it. And I looked everywhere for some
other method designed for such strings but that still used a good strong
encryption algorithm like Rijandael but found nothing except simple xor-ing.
And NO! It wouldn't do much good were I to use the same information
for every install thus allowing what you said below about copying the
registry entries! <g> All the encryption, whether done for the CrC, the
Install date, or the App Validation Key uses Keynand IV info derived from
the individual system and it's installer, AND the Validation itself uses a
Key and IV based upon information the owner provides at the time of
registration. All three entries are then checked each time the app is
started. The only way a copy could work is if all this information were
known and the same, plus just to be sure duplicates can't be used in that
kind if situation, I've added a lookup table that the app uses to select a
prefix code, That code is encrypted and sent back to me and used within the
creation of the validation Key.
from: Robert Meek at: [EMAIL PROTECTED]
dba "Tangentals Design" home of "PoBoy"
freeware Windows apps and utilities
located at: www.TangentalsDesign.com
Proud to be a moderator for the
"Delphi Programming Lists" at: elists.org
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of Rob Kennedy
Sent: Thursday, November 10, 2005 6:16 PM
To: Borland's Delphi Discussion List
Subject: RE: Bytes, strings, and streams
Robert Meek wrote:
> The thing is, the stream methods as in my last message, will do fine
> in those instances where for example, encryption is turned on by a user
> while working in a memo, however the template I'm working on right now is
> for one-time-per session use only.
What's the difference? Whether you encrypt something once, or many times,
you still need an encryption algorithm, and you still need to put your
data into a form the encrypter can work with. If you already have an
encrypter that encrypts streams, then you may as well put your data into a
stream. That should be much easier than adapting the encryption routine to
work with other kinds of data; you might make a mistake in that and weaken
the power of the encryption algorithm.
> What I've been doing, and so far this
> has worked really well for me in Delphi Win32 apps, is to install the app
> and at the same time make an encrypted entry into the Local machine root
> of
> the Registry. I add an encrypted version of the app's CrC, and another of
> the date and time it is installed. Each time the app is started, and no
> matter what user is currently logged on, these two values are checked. If
> they don't exist, the app is terminated. If they do, then a new CrC is
> made, the stored one decrypted and a comparison done. If not the same the
> app is terminated.
So, if I were to distribute illegal copies of your program, all I'd need
to do is make sure I distribute illegal copies of those registry entries,
too?
--
Rob
_______________________________________________
Delphi mailing list -> [email protected]
http://www.elists.org/mailman/listinfo/delphi
_______________________________________________
Delphi mailing list -> [email protected]
http://www.elists.org/mailman/listinfo/delphi
