Serial number encryption algorithms

Reliability of serial numbers in licensing system is based on asymmetric encryption schemes. Current version of licensing system uses RSA with length of key from 1024 to 16384 bits. In the future versions we’ll add ECC-based algorithms and combined algorithms that use asymmetric encryption with symmetric ciphers.

Each product has its own algorithm. Serial numbers, created using one algorithm will not work with another one. That’s why you can’t change algorithm and its parameters after creating a single license. Licensing module, embedded in application, knows about algorithm used by product and will not accept serial number created with another algorithm.

RSA algorithm

Licensing system encrypts serial number with RSA using the following scheme:

• Adding random data to the beginning of serial number – this is based on RFC2313, but implementation is a bit different. The following bytes are added at the beginning of serial number: 00 02 NN…NN 00. Where NN are from 8 to 16 random non-zero bytes. Number of bytes is random, but it may be limited by a total length of serial number and number of bits in the RSA keys.

• Adding random data to the end of serial number – total number of bytes in the serial number before encryption should be equal to number of bits in RSA key, divided by 8. That’s why random bytes are added to the end of serial number until total length of serial number will not be maximal possible.
• Encryption – the default scheme is used that is implemented in many “big number” libraries. You may see PHP-based generator for details of implementation.
• Encoding – binary serial number after encryption is encoded to base-64 before sending to the customer.