Paul, Public/private key systems as used on the internet can be used in a limited way on the Palm. Our software now uses a 30-bit RSA-based encryption (I think we're allowed to do that, 'cos we're not American), with the public key in the product and the private key in our PC-based code generator. After 2 months we've seen a few cracks, but noone's produced a key generator (being game producers we're targets) (and no, we're not challenging anyone). We actually made the change because someone had produced a key generator for our previous (made up ourselves) system.
Kind regards, David PS. I seem to be in a bracketty mood this evening. --- David Oakley - [EMAIL PROTECTED] director, Astraware Ltd. - http://www.astraware.com/ Games for Palm: http://www.astraware.com/palm/ > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Paul > Taylor > Sent: 16 September 2000 21:52 > To: Palm Developer Forum > Subject: Better hack protection mechanisms? > > > Hi all, > > I have just been informed that there's a key generator > available for my > application and was wondering if there were any better mechanisms > out there > for registration. > > Currently, I'm generating a RegCode based on the Palm User Name and > using that to generate an unlock key. The user enters in the Unlock key > that I email to him and presto, it's registered. I could change > my formula > for generating the key, but that would probably be cracked in, oh, about 5 > minutes. I understand that the unlock key mechanism isn't very > safe, since > everything needed to crack it is actually included in the application. It > doesn't take a very skilled hacker to crack.. Or, I wouldn't think it > would... > > Having a separate demo version and registered version seems even more > unsafe, since the registered version would probably make it up on some ftp > site within a few days of release. > > Is there anything else that can be done? > > I know that Aaron Ardiri has done lots of work in this area, and I > remember reading some time ago that he was going to write up a > paper on how > to make it more difficult for the hackers. Has he released that anywhere? > (Possibly privately to other "known" developers?) > > Paul > > > -- > For information on using the Palm Developer Forums, or to > unsubscribe, please see http://www.palmos.com/dev/tech/support/forums/ -- For information on using the ACCESS Developer Forums, or to unsubscribe, please see http://www.access-company.com/developers/forums/
