13

Microsoft products and other products often have a product key that is 5 groups of 5 characters, like this:

ABCDE-12345-ABCDE-12345-VWXYZ

How does the product know if the key is valid? Some sort of cryptography? Is there a library if I want to use this kind of product key in my code?

Michael Petrotta
  • 59,888
  • 27
  • 145
  • 179
Eyal
  • 5,728
  • 7
  • 43
  • 70
  • 3
    MS would probably never reveal their algorithm. – Rafe Kettler Dec 01 '10 at 06:02
  • 5
    Just like 27-character product keys, only faster. As long as no-one comes up with 23-character product keys, we should be fine :-) {with apologies to the Farrelly brothers}. – paxdiablo Dec 01 '10 at 06:04
  • 2
    I wondered - why 25? And calculated that 25 is a minimal amount of symbols you would need to encode 128 bits of data. And also 25 is a multiple of 5, which allows even grouping. These keys are surprisingly finely engineered for both data capacity and human readability! – ogurets Feb 07 '18 at 11:29
  • @ogurets - only 114 bits - because each character is one of 24, not 36 as you have assumed :p – Jaromanda X Oct 02 '18 at 09:46
  • 1
    @JaromandaX, 26 letters + 10 digits. I don't see what I'm missing. – ogurets Oct 02 '18 at 11:44
  • Sorry. I was referring to Microsoft using base24 not bade36 – Jaromanda X Oct 02 '18 at 12:03

3 Answers3

6

You might want to have a look at this article on how to implement a serial number validation function. It also goes into some advanced techniques such as how to keep on top of keygens, leaked keys, etc.

In short, there are typically three underlying fields in such a key:

  • the actual serial number, which the article calls a "seed"
  • some verification data; only part of the verification data is actually checked by the code
  • a checksum, CRC or other simple typo-proofing mechanism

By only implementing part of the verification data checking in your code, you can do things like "genuine validation" (in which case the rest of the verification happens on your server) or trip up keygens by checking different subsets of the validation data in new releases.

Jeffrey Hantin
  • 35,734
  • 7
  • 75
  • 94
3

For Microsoft products in particular, is some knowledge available.

Product keys on Windows XP are base24-encoded using a custom alphabet. It consists of a serial number (the source calls it "Raw Product Key") and a digital signature over it. source

Product keys on Windows 8 and above have some documentation in the software patent application WO 2012067888 A1. It is still base24 encoded (act 57 et seq., which in practice means that the position of the 'N' is used as the very first character to decode). The gist of it is that there are these parts to a Windows 8 and above product key:

  • Group ID, which indicates the type/edition/family/distribution channel, see act 34)
  • Serial number (forms "Raw Product Key" together with Group ID)
  • Security values 1 and 2 (of varying grades of security, both are probably signatures, cf. acts 34 et seqq., 46, 55)
  • Checksum (act 56, in practice a truncated POSIX cksum over the key)
  • Upgrade bit
qffdn
  • 31
  • 2
0

There are four ways to confirm a key.

  1. Simple compare to an existing string in the exe (extremely easy to crack)
  2. Algorithmic compare to an entered string of characters (almost as easy as #1. Depends entirely on the reverse engineering skills of the cracker).
  3. Compare with a server over the internet. (can be circumvented)
  4. Hardware dongle.

Depending on the product you have from microsoft, they use one of the first 3 mechanisms above. For example, their OS's usually phone home; but their dev tools either have the key baked in or do an algorithmic compare. Some of their older OS's used to do the algorithm.

There is a modified option 3, but that is simply having the app phone home every so often, typically based on some event. In the case of OS's, MS has it validate the entered product key for certain windows updates and other product downloads. Also, depending on the license key itself it might phone home once a month or so. As a side note, there is a reason why China has the #1 installed base of IE6.

The 4th option can also be circumvented. Usually the cracker will just patch your product to bypass the part of the code which does the hardware check.

NotMe
  • 87,343
  • 27
  • 171
  • 245
  • Is it more secure to store hash of keys instead of keys in exe? – Arsen Mkrtchyan Dec 01 '10 at 06:05
  • @ArsenMkrt: Nope. Any exe can be decompiled. When this happens the algorithm you use to hash the entered key (for comparison) will be known. When that's known, then it becomes trivial to build a rainbow table to get a working key. People are now using various cloud services to crack keys in a matter of minutes. – NotMe Dec 01 '10 at 06:08
  • 1
    @ArsenMkrt: Point is, you can make it hard, but not impossible. You should make it hard enough that normal people will just go ahead and pay for whatever it is you're trying to protect. The crooks are going to be crooks no matter what. – NotMe Dec 01 '10 at 06:09
  • 2
    And option 3 can be circumvented by anyone who can disassemble *and* tinker with their own network router or DNS server. It is trivial to set up a fake authentication server and direct traffic to it. If the program validates the server's authenticity using an SSL certificate or something similar, something as simple as a hex editor can be used to overwrite that certificate with a forged one from the attacker. In short: if it's running on someone else's computer, you ultimately have no way to protect it 100%. – cdhowie Dec 01 '10 at 06:12
  • Back in the last centuary any string where the sum of the numbers was divisable by 7 would get you validated. – James Anderson Dec 01 '10 at 06:17
  • @cdhowie, What about public key cryptography? – Pacerier Feb 04 '15 at 19:16
  • 1
    @Pacerier What about it? Bear in mind that using cryptography in the actual response from the server (not just as a transport layer) can still be defeated by patching the local binary to skip such a check. (Assuming the absence of a TPM, anyway.) – cdhowie Feb 04 '15 at 19:57
  • @cdhowie, But would this be easy in practice? There are billions of dollars at stake here, e.g. programs like HP Loadrunner. – Pacerier Feb 08 '15 at 16:55
  • 1
    @Pacerier Easy is a relative term, and is also very dependent on the attacker's degree of expertise. Ultimately the degree of difficulty is completely irrelevant -- someone or some group will figure it out, and then publish the results on the (ahem) seedier parts of the Internet. Can I *prove* this? No. Can you show me *one* counter-example where protection like this *hasn't* been broken? (Do I need to cite things like HD-DVD/AACS?) – cdhowie Feb 08 '15 at 21:32
  • @Pacerier: the first thing to realize is that people who steal the software were never going to be paying customers under any circumstance anyway. We don't put locks on the front doors of our houses to keep *everyone* out. We put them on to encourage normally honest people to stay honest. A real thief is going to get in no matter what. – NotMe Feb 09 '15 at 15:01
  • @ChrisLively, As for locks, we could invest a few billion bucks in a [beefy](http://www.cannonsafe.com/burglary-prevention.html) one and keep out most people who couldn't invest that kind of money in a counter solution. As for product keys, it seems like a flaw in the whole system itself. – Pacerier Feb 09 '15 at 22:52
  • Sorry, but this doesn't address the question at all. This proposed answer explains the mechanics. The question is asking for semantics. – IInspectable Jul 18 '16 at 19:07