Sign in to follow this  
Followers 0
MisterH

Script key from email address

6 posts in this topic

I have a need to restrict use of a compiled autoit script.

Where it is running has an email addess available to be picked up as a parameter.

I thought if pick up the email adress then run it though an algorythm that will supply a unique number or series of letters, I could then supply a key for each user to compare it against to allow use. There are already parameters picked up from an ini file so one more is not a problem.

My problem is the algorythm and how to convert an email address to some other string without making it obvious to reverse engineer. I haven't a clue where to start.

Does anyone have any knowledge of this sort of code and if it's possible to do it withing autoit? (does anyone know what I'm talking about? :ph34r: )

Share this post


Link to post
Share on other sites



I have a need to restrict use of a compiled autoit script.

Where it is running has an email addess available to be picked up as a parameter.

I thought if pick up the email adress then run it though an algorythm that will supply a unique number or series of letters, I could then supply a key for each user to compare it against to allow use. There are already parameters picked up from an ini file so one more is not a problem.

My problem is the algorythm and how to convert an email address to some other string without making it obvious to reverse engineer. I haven't a clue where to start.

Does anyone have any knowledge of this sort of code and if it's possible to do it withing autoit?  (does anyone know what I'm talking about? :ph34r: )

<{POST_SNAPBACK}>

Although it wouldn't be completly unique, you could try just adding up the Ascii values of all of the letters in the email address... this will generate a number. The only problem is if 2 people have the same letters just in a different order on their names. If you are working inside a single domain this might not be a problem... Just a thought.

*** Matt @ MPCS

Share this post


Link to post
Share on other sites

You could use an md5 hash..... See this thread for info http://www.autoitscript.com/forum/index.ph...wtopic=1392&hl=

I've seen password protected bootable CDs that store the md5 hash of the password in an ini file (instead of the plain text password).

You could probably do your own simple algorithm like Matt @ MPCS suggested... but I'd try something a little more complex so you have a longer key:

- remove any non-alphanumeric characters

- make all text uppercase

- Compute Mod ( $char, $x ) for each character's ASCII value (where $x is a secret value)

- Return the Chr( $returnValueOfMod) for each character

Disclaimer: IANACE (I Am Not a Cryptography Expert)


Use Mozilla | Take a look at My Disorganized AutoIt stuff | Very very old: AutoBuilder 11 Jan 2005 prototype I need to update my sig!

Share this post


Link to post
Share on other sites

You could probably do your own simple algorithm like Matt @ MPCS suggested... but I'd try something a little more complex so you have a longer key:

- remove any non-alphanumeric characters

- make all text uppercase

- Compute Mod ( $char, $x ) for each character's ASCII value (where $x is a secret value)

- Return the Chr( $returnValueOfMod) for each character

I don't know if I actually agree with capitalizing all letters and removing non-alphanumeric characters. This will limit the possible number of combinations of "unique" keys. This is because (as you know) uppercase and lowercase letters have different ascii values. By keeping the current case you gain 26 ascii values to compare. This is also true of the special characters (except there are far more of them).

Granted, I have the knowledge of a fetus when it comes to cryptography, but the md5sum sounds like it might be one of the more secure options presented.

*** Matt @ MPCS

Share this post


Link to post
Share on other sites

I don't know if I actually agree with capitalizing all letters and removing non-alphanumeric characters. This will limit the possible number of combinations of "unique" keys. This is because (as you know) uppercase and lowercase letters have different ascii values. By keeping the current case you gain 26 ascii values to compare. This is also true of the special characters (except there are far more of them).

Granted, I have the knowledge of a fetus when it comes to cryptography, but the md5sum sounds like it might be one of the more secure options presented.

*** Matt @ MPCS

<{POST_SNAPBACK}>

CyptoLockup.AU3 Include file comming soon to a forum near you.

Share this post


Link to post
Share on other sites

Thanks all, just what I needed to start on something.

It's not so much a high security issue as loosely controlling who uses it, so a checksum using the ascii codes of each character sounds easy and the key could be another string of characters with the same checksum.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0