I wondering about how serial number generators and validator work. My aim would be to generate a serial number with five parts consisting of numbers and letters only.
I enjoy coding as a hobby and would not call myself a professional programmer. However, I am very interested in how those interesting functions work technically to broaden my mind.
Nero All Versions Serial key, Patch & Keygen 2019 CRACKSurl Nero 4 Nero is a capable media suite with tools for organising, editing, converting, playing, and of course burning your media files. If you own a Random Code Generator account, it can generate an unlimited amount of codes in batches of 250.000 each! The generated codes can be used as random promotional codes, serial numbers, strong passwords, sweepstake codes, pincodes, voucher redeem codes and much more.
Any hints, experiences or written algorithms are appreciated.
closed as not constructive by Tim Post♦Nov 30 '12 at 1:39
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance. If this question can be reworded to fit the rules in the help center, please edit the question.
7 Answers
Brandon Staggs wrote a good article on Implementing a Partial Serial Number Verification System. The examples are written in Delphi, but could be converted to other languages.
Get yourself a public/private key pair. Generate sequence numbers (10000, 20000, 30000, 40000, ....) that have some identifying characteristic (e.g divisible by 10000). Encrypt that number using your private key. Encode that value using some human readable system (base 32 or 64) and separate the values into groups to make it easier for people to parse. Distribute the encoded serial number with each sale of you app.
Somewhere in the app, you have the public key hidden away. When a user enters an encoded serial number, first decode it back to binary. Use the public key to decrypt it. Check that it is divisible by 10000.
The hard part is in the implementation - hiding the public key in the app so that it can't be replaced easily. Choosing some sequence that you can identify easily, but not run out of values. Obfuscating the app so that someone can't easily skip past the whole check. etc...
Well, traditionally serial numbers are serial ... numbers. So the first example off the production line has sn 0001 then the next one is 0002 and the next one is 0003. I think that most people can work out that algorithm.
I think you're actually asking about product keys, which use a similar mechanism to public key message signing - the product key is the encrypted value, the program has a public key which allows it to verify that the key is valid, but only the software vendor has the secret key to 'sign' the product key. The wikipedia article on digital signatures has the general mechanism; the only proviso is that for a key to be entered by the user it has to be quite a bit shorter than a PGP one.
If you are restricted to a very short serial number, then it's unlikely to be big enough to store the result of a typical signing mechanism, in which case it's quite common to just use some variant of checksum on it. That has the disadvantage of being easy to reverse engineer - it's security is because the algorithm is 'secret' rather than due to any cryptographic properties. Each product would have its own algorithm, and they usually get cracked quite quickly.
If you have 5 blocks of 5 characters, you have 36^25 combinations, which is bigger than 2^128, so could use one of the standard digital signature algorithms which generates a 128 bit, then convert that value to base 36.
Online Serial Number Generator
Serial Number Generator Online
A GUID ('Globally Unique Identifier') could be an easy way to solve this:
Guids contain 16 bytes and are most commonly written in text as a sequence of hexadecimal digits such as:
And most programming languages should be able to generate a GUID with one of the available libraries.
You can use a random number generator and store the outputs in a database.In case of activation request, you just check if the serial is in the database and mark the serial as 'used'.
Of course, this needs an internet connection, but is good against 'buy once, use many,many times' method and in case of support-call, you can reactivate that serial for another reinstall.
Later edit: You also must use for the internet verification an encrypted and authenticated connection, like a HTTPS one.
Using my Google-Foo, I came up with this article:
Lots of info here: