Skip to main content
Information Security

You are not logged in. Your edit will be placed in a queue until it is peer reviewed.

We welcome edits that make the post easier to understand and more valuable for readers. Because community members review edits, please try to make the post substantially better than how you found it, for example, by fixing grammar or adding additional resources and hyperlinks.

Required fields*

6
  • That's pretty open-ended. What sorts of properties do you want the numbers to have? And what it the salt about and where would it be saved? Commented Mar 7, 2011 at 6:13
  • I'm not clear about this, if you're asking for a cryptographically secure random number generator - even with certain additional constraints - then that's easy, just tell us which platform/language you're on. If you're asking for something else - then it's not clear, and why would you ask on ITsec? Commented Mar 7, 2011 at 7:07
  • javascript is primarily a client side language, so everyone will see ur algorithm. (there is ssjs, but who uses it??). Its also SLOW in compare to compiled programs. whatever you do, the best would be to: *1 generate these keys and save them to a database. *2 write a php/java form to read in user imputed key and see if its in the database. This allows for pretty much anything. One way to generate the keys is then to make a random number and get a sha1 or md5 of it (can do more then once to make it true random) Commented Mar 7, 2011 at 9:52
  • If you generate and check the keys with JavaScript someone is going to figure it out and abuse it. Commented Mar 28, 2011 at 10:00
  • Here is an article I find very informative regarding generating secure license keys: How to Generate License Keys Securely It's about using elliptic curve cryptography to generate license keys. The generated keys can be as small as 20 characters and still secure. Commented Nov 25, 2011 at 9:40