0

I am willing to create a server side licensing system for my commercial softwares but not really sure what cryptography method I should be using for best possible security per the standard of modern cryptography and how should I implement the method.

My first requirement for the software that I am delivering, is to always be connected with the authorization or licensing server online in order to function. Secondly, I would be able to hand out a license key to the user and probably a public or private key to the user or the piece of software binary as needed. So, the client needs to prove to the server that it has a valid license key for the software and it has a valid software executable binary on constant basis as long as it is connected to the internet. So, basically it should be a 3 way verification system that I am trying to implement which will verify the software binary, verify the user and verify the license the user holds.

Now, what type of key pair cryptography I can be using in this regard and in what manner should I use them in client and server side? RSA, DSA, ECC, ECDSA or any other better alternative?

What could be the best approach for a system like this for best possible security and reliability?

Farukh
  • 101
  • 1
  • You're asking the wrong question. The right question is not what type of cryptography to use, but whether to use cryptography. And the answer is no. – Gilles 'SO- stop being evil' Aug 10 '19 at 20:35
  • I didn't find the DRM question you tagged to be of much relevance on my topic of interest. But it discusses certain aspects of it with an example media. BTW, if I dont need to use cryptography for this, then what else is my option? – Farukh Aug 10 '19 at 20:45
  • Do read the accepted answer, which tells you not to implement such a licensing system. – Gilles 'SO- stop being evil' Aug 10 '19 at 20:52
  • That answer is just telling me not to use DRM. but it doesn't provide any possible alternatives. – Farukh Aug 10 '19 at 20:57
  • @Farukh sometimes none exist – Natanael Aug 11 '19 at 00:05
  • @Natanael am not sure what you just said. Am just getting more confused by this point. – Farukh Aug 11 '19 at 03:29
  • This is a rather broad question. Might I suggest you also look for possible solutions on the IT security site of stack exchange (use the tags)? I didn't migrate there because I am afraid of dupes and downvotes. – Maarten Bodewes Aug 13 '19 at 09:55

0 Answers0