I have developed a Java Based Desktop application and I want to distribute it with a product key so, that when the correct key is entered the application is activated. So, the product key should be different for individual users. How can I implement this concept in Java. Thanks in Advance
Asked
Active
Viewed 3,162 times
4 Answers
1
This depends how strong you want your key security to be.
A very simple approach is to just create a hash of the user's email address and give this to the user as the key. The app can ask for the users email address and key, then recreate the hashcode to confirm that the key is correct for that user.
This obviously won't defeat a determined attacker... however a determined attacker will be able to defeat any other scheme you put in place. If all you want to do is ensure registration and prevent casual copying, this kind of scheme should be good enough.
mikera
- 105,238
- 25
- 256
- 415
0
I think you can do it by finding the serial no of processor or hdd , It means processor serial no and hdd serial no will be unique for each machine , so your program should get any of these serial no and apply some algorithms on it to generate the product key. here is the link to find serial of processor and hdd in java.
http://www.rgagnon.com/javadetails/java-0580.html
hope this will help you .
Vijay
- 1,024
- 6
- 18
-
What if the user changes his CPU or HDD ? What if he wants to use the program on a different computer ? I think these are very reasonable and often situations to make your suggestion to be more a problem than a solution. – Radu Murzea May 08 '12 at 06:07
-
This is a huge pitfall. Many OEM-sold computers all share *exactly* the same serial number for virtually every piece of hardware. The closest you would get to unique is the motherboard's UID and that's not even close either. – Thomas May 08 '12 at 06:08
-
I agree with you that if user changes CPU or hdd there is a problem. but this is best if you want to distribute your application without being pirated. – Vijay May 08 '12 at 06:16
0
The one I've heard of is assigning a serial number, some use Customer Name, to each copy. Then compute the key, signature, using an asymmetric key. Your program can validate the signature by using the public key. This QA answers your question in better detail.
Community
- 1
- 1
user845279
- 2,794
- 1
- 20
- 38
0
Building on Mikera's answer, it's important to target your security needs. In your case, you probably just need a quick way to filter out, say, 99.9% of all wannabe hackers. Nothing short of legal action will stop the remaining 0.1%, but you (probably) don't need to worry about them. Mikera's solution is a bit simplistic but should work well until you feel you need something better.
A more robust, but more bulky solution is to have your users register on your website, and have your java app ask the user for this product key (randomly generated by your website), which will then look it up from the website. The downsides is that it starts to feel like a login procedure than an activation procedure, that you need to be connected to the internet, and that it can still be relatively easily bypassed by any decent pirate.
Basically, unless you literally tie your product key to every single action in your program (which will probably kill performance), anyone can simply delete/skip the product key check from within the actual binary code. This is an active field of research.
Thomas
- 3,321
- 1
- 21
- 44