Code to handle licensing for Visual Basic 2008

Question

Hi,

Is there a license thing out there that can be used to license my application for Visual Basic 2008? Something like .Net Reactor, where the person needs to enter a license key. Any recommendations?

Thanks,

Kevin.

Answer 1

Unfortunately, there are many possible licensing mechanisms. One I have used in the past is CrypKey (http://www.crypkey.com/index.asp), but I wouldn't recommend it unless the following are true:

• You have (or can create) a web site to perform the activation operation.
• You have a customer support number that anyone can call if the web activation is not possible (e.g. user is behind a firewall).
• You have the time to troubleshoot the problems caused if (for example) the customer shuts down a service required for the license operation, or changes hardware.
• You are willing to wait for CrypKey to catch up when new operating systems are released.
• You are happy with a Windows-only solution.

In addition your question is somewhat unclear. There are many possible variations on the theme of licensing. The most secure software-only solution I am aware of is the challenge-response type implemented by CrypKey which is very similar to Microsoft's product activation mechanism. Sometimes you may want to include a "free trial" period. Some applications may require "concurrent use" licensing and require a server process running on the customer's machine (or network). Some simply use a code entered at installation time (which will typically include some form of embedded serial number so over-use of a specific installation key can be detected).

These days, I often roll my own. It's just easier that way. Remember, the more complicated you make it the more likely you are to receive service calls because of it. Typically, mine do use a challenge-response type mechanism where the challenge part is based on a secure hash of either user or machine information (e.g. licensed user's email address, machine name), and the response is created using some form of secure one-way transformation (often using a public/private key pair).

Hope this helps.

Answer 2

If you need just a simple registration key verification mechanism then you should look at asymmetric encryption, to avoid keygens. Or if you don't want to bother with it then try a commercial solution, like Ellipter - it creates and verifies serials using elliptic curves asymmetric encryption, has some classes for time limited or usages limited trials and also it can embed some information into created serials, like expiration date or product info.