Make window application secure

NarendraSinghJTV

hey experts when i deploy my application on user system after that if i copy the installed application from program files and paste it on another system it runs without running setup. i want to make my application secure. how can i do this, waiting for help i also want to use trial version and full version facility.

Regards Narendra Singh (Jindal Tech Ventures)

Gagan 20

Hi NarendraSinghJTV, to make secure your Windows application you can use Windows registry editor. Code your application to check some values in registry to check whether the application is installed or cop-paste. You can also use some temp files for the same. For trial and full version application, you need to keep installed date of application in a secure file and check everytime current date when the application is launched. If current date is more then trial time then it should ask to enter key or something like that. I hope you got what you wanted! Gagan

loyal ginger

Registry and/or secret file as pointed out by the previous post are good enough for normal use. People can always find the registry key or the secret file and modify it. They can also turn back time briefly to run a trial version of the program if it is setup that way. To be more secure, you need to gather information about the machine that the setup program had run on, and encrypt it, then save it to the registry. Each time the program is run, it gathers the same information, encrypt it using the same algorithm, and compare the result in the registry. One of these things will happen: 1. The information in the registry is the same as the newly encrypted information. The program can preceed. 2. The information in the registry is different as the newly encrypted information, indicating that the registry was messed with by somebody, or it's a different machine. The program will terminate. 3. The information in the registry is not found. The program will terminate. The information collected can include things like the MAC address of the NIC, as well as other ID's that are different from machine to machine. There is a risk that people can install your program on multiple machines, and read the registry to find out what algorighm you used to encrypt the information. They have also to try to find out what information is collected. That take a good effort. Hopefully that will intimidate them off. For the implementation of a trial version of your program you need to implement similar algorithms but rely on other resources for time, such as that from the Internet. You can also put checks on time consistancy so if you find that the time is messed with, the program simply terminates. Once any of the above checks fails, the program should put a mark down (also encrypted) so later runs of the program, even though it may pass the checks, will not authorize a "go". The program will be dead.

NarendraSinghJTV

hey gagan i have cleared my first problem with the help of registry :-D , but can u please tell me how to work with secure files in c#. i dont know about secure files. it will be very helpful for me thanks for replay

Regards Narendra Singh (Jindal Tech Ventures)

NarendraSinghJTV

hey thanks for great reply can u please point out some example to make me easy to work with those conditions, it will be very helpful for me

Regards Narendra Singh (Jindal Tech Ventures)

Gagan 20

A secret file is nothing but an ordinary file in encrypted format. Use any encryption-decryption algorithm to make a file secure. The same algorithm can be used to store and retieve values in registry so that it can't be read or modified by the user.