Rhino software licensing

Question

0.00/5 (No votes)

See more:

Hi every body.

I create a WPF app and I am concerned about Software copy protection.I want to achieve a good degree of protection for my application.for this purpose I Search and finally find Rhino licensing.Rhino Licensing uses asymmetric encryption.there are two parts to each key, one public and one private. You encrypt a value using the one key, and it can only be decrypted using the other key.we store our private key on the server (and never tell anyone it!), and distribute the public key with our application. When the user receives a license key, the application is able to verify that it came from us by using the public key. If someone tries to use a license key they’ve generated themselves, it wouldn’t work unless they had our exact private key.

You can see more:
http://www.jagregory.com/writings/rhino-licensing/[^]

http://patrick.lioi.net/2013/01/08/whittling-rhino-licensing/[^]

But the problem is here:if a malicious user copy both of public key and license key from one pc that app installed on to another pc then this illegal app work fine.

Where is problem?am I wrong?
Is there better way for software licensing?

Posted 3-Nov-13 8:14am

abbaspirmoradi

Updated 3-Nov-13 9:34am

v6

Add a Solution

3 solutions

Solution 1

true, but hey, you're getting something for free, rather than paying for a fully commercial system, so, really ?

To do what you want, you need a lot more sophistication - part of the license key/document could be a 'machine-id', and periodically you could have the client software check that the machine its running on is the same as per the license key (which requires that the license key generator be sent this information when the license is first requested)

further, you could ..
a) ask Oren - see the right hand side panel at http://ayende.com/blog/[^]

b) Extend https://github.com/ayende/rhino-licensing/blob/master/Rhino.Licensing/LicensingService.cs[^]

btw - you'll never completely avoid malicious users

Posted 3-Nov-13 9:50am

Garth J Lancaster

Comments

abbaspirmoradi 4-Nov-13 5:31am

thanks, when I use hardware specifications,then I must run license creator on local system that my software installed on.is that true? is there better way?

Solution 2

In this case, you can keep a track of online activation. Whenever a licence is used, keep the count of number of licences activated with the particular key.

In the same way, update the count whenever the product is uninstalled. Provide a licence removal tool for the users if necessary.

Posted 3-Nov-13 16:35pm

bbirajdar

Updated 3-Nov-13 17:35pm

v2

Comments

abbaspirmoradi 4-Nov-13 5:26am

thanks.my licences have unique id.How I can use it?

bbirajdar 4-Nov-13 21:05pm

Whenever a unique id is used, keep the count of number of unique ids activated .

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

abbaspirmoradi · Accepted Answer · 2013-11-17T08:43:00

in this case I have two problem:
1-if a malicious user copy both of public key and license key from one pc that app installed on to another pc then this illegal app work fine.

2-if a malicious user change his datetime then his license never expires.

for first problem I add a node into lisence file that have client hardware info such as ProcessorId,Product,Manufacturer,.... And when client run software, app get this info from pc and check it with lisences info.
for second problem I add another node to license that checks system datetime is ascending or not?