# newbie needs help - elliptic curve replacement

**From:** will (*will@dwango.com*)

**Date:** 04/11/03

**Next message:**Mary: "Major digital certificate problem - need help"

**Previous message:**bronxelf: "Re: My Security/Hacker/Internet book is almost ready"**Next in thread:**Craig A. Finseth: "Re: newbie needs help - elliptic curve replacement"**Reply:**Craig A. Finseth: "Re: newbie needs help - elliptic curve replacement"**Messages sorted by:**[ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "will" <will@dwango.com> Date: 11 Apr 2003 21:40:00 GMT

Hello, I was asked my company to create an algorithm for creating 20-digit

codes that could be used to unlock our software. As we can be certain that

the application has access to the internet, we are simply going to populate

a database on the server and mark off each code as it is used.

However, the original idea we came up with (none of us particularly knowing

cryptography) was to do this:

1. Create a random elliptic curve.

2. Choose a random point on it.

3. Run the data for the elliptic curve and the position of the point

through SHA-1, then store all nibbles under 0xa from the return string up to

twenty digits trashing any that don't have twenty.

4. Add the point in the elliptic curve to itself and repeat step 3.

However, in doing research, I don't believe that for as simple as it is to

say "create an elliptic curve," that I or anyone at my company actually have

the mathematical knowledge to create one.

So, the question is: Is there anything any of you can think of to replace

steps 1 and 2 that can be created by someone who has darn near zero

knowledge of cryptography and yet will still be sufficiently obtuse that we

don't have to worry that the pattern to our codes can be easily cracked?

Thank you,

WT

**Next message:**Mary: "Major digital certificate problem - need help"

**Previous message:**bronxelf: "Re: My Security/Hacker/Internet book is almost ready"**Next in thread:**Craig A. Finseth: "Re: newbie needs help - elliptic curve replacement"**Reply:**Craig A. Finseth: "Re: newbie needs help - elliptic curve replacement"**Messages sorted by:**[ date ] [ thread ] [ subject ] [ author ] [ attachment ]