newbie needs help - elliptic curve replacement

From: will (will@dwango.com)
Date: 04/11/03

  • Next message: Mary: "Major digital certificate problem - need help" 
    From: "will" <will@dwango.com>
Date: 11 Apr 2003 21:40:00 GMT

    Hello, I was asked my company to create an algorithm for creating 20-digit
    codes that could be used to unlock our software. As we can be certain that
    the application has access to the internet, we are simply going to populate
    a database on the server and mark off each code as it is used.
    However, the original idea we came up with (none of us particularly knowing
    cryptography) was to do this:

    1. Create a random elliptic curve.
    2. Choose a random point on it.
    3. Run the data for the elliptic curve and the position of the point
    through SHA-1, then store all nibbles under 0xa from the return string up to
    twenty digits trashing any that don't have twenty.
    4. Add the point in the elliptic curve to itself and repeat step 3.

    However, in doing research, I don't believe that for as simple as it is to
    say "create an elliptic curve," that I or anyone at my company actually have
    the mathematical knowledge to create one.

    So, the question is: Is there anything any of you can think of to replace
    steps 1 and 2 that can be created by someone who has darn near zero
    knowledge of cryptography and yet will still be sufficiently obtuse that we
    don't have to worry that the pattern to our codes can be easily cracked?

    Thank you,
    WT

  • Next message: Mary: "Major digital certificate problem - need help"