Cryptography
Related
Duelist's
Recommended Cryptography Links
fleur's Cryptography
CrackMe Solutions
Other Crypto
Sites
This section will probably be the most popular section of my site seeing as most reversers enjoy the challenge of serial number schemes. With many of these tutorials you'll find source codes to key generators written by me and various other authors, (mostly in ASM) but some in C/Pascal, even my little experiment using Java & Perl :). You are of course respectfully reminded that stealing these sources and modifying just the authors name and then passing them off as your own work is a pretty lame pastime, as of course is using them to register the software for free.
I shouldn't really need to say this but I will anyhow, to build these source codes into working key generators you'll need an appropriate assembler/compiler/linker. The following list indicates those programs which I have personally tested. Please also note that some of my ASM key generators may contain very specific oversights (I've corrected a few), all of them are tested so far as is possible and are only for illustrative purposes, rather than indicative of good coding style.
C Source Codes  Borland C++ v5.0x, v4.5, v4.0, MSVC++ (not
tested).
ASM Source Codes  TASM 5 (with minor
adjustments should work under MASM).
Pascal Source Codes  Turbo Pascal v7.0.
GetDlgItemInt, GetDlgItemTextA, GetTabbedTextExtentA, GetWindowTextA, Hmemcpy (Windows 95/98 only), lstrcmp, lstrlen, memcpy (NT).
The following table lists all of the tutorials covering serial # validation and key generators, a cross in the appropriate column indicates whether or not source code is available and in what language. The entire key generator source code package can be downloaded here (427k, 437,901 bytes), it contains over 200 individual source codes courtesy of many authors, a list of the programs which do not have corresponding tutorials is included in the package. You might like to also download PaRKeR's Angus v3.0 (114k, 116,872 bytes), another worthy collection of source codes.
If you are having trouble writing your own key generators, try TMG's Ripper Studio (38k, 38.849 bytes) which claims to automate the process, personally I don't think you'll gain anything in the long run using this, then again I find the whole concept of writing hundreds of key generators pretty pointless anyhow, so its your choice :).
*  Instructs how to generate a valid Serial #.
Program Name 




3D View v2.5d 




APP LAUNCHER v5.0 




ARJShell v1.3 by flag eRRatum 




AutoIP Publisher v2.32 by ManKind 




Beyond Compare v1.7c 




CAD Viewer v3.2 A.30 by zoltan 




CHKFILES v1.5a 




ClipMate v5.08 (build 76) by widYacL 




Challenger Interactive CME by dr_daze 




CleanPC & Scribe 95 by Tyrus 




Crystal FTP v1.0 by friendship 




CTMailer v1.55 




Cyberspace HQ AddSoft v2.26 




Darts 95 v1.0 / v1.1 by ManKind 




diablo2oo2's Crackme 1 (Crackme + Keygen Source only) 




DLL Show v3.4 by Kwai_Lo 




ecBuilder Pro v4.0 




FruityLoops v1.2.12 




GodeZip v2.0 




GoldWave v4.01 




Graphic Equalizer Pro v1.1 by Rezel 




Hang2000 1.31 by ManKind 




Markin32 v1.3 




Melody v1.51 




MemoryAnalyst v1.01 & TimeWizard 95 v2.0 




MicroChart/32 v7.0x/2 by Quantico 




mIRC v5.5 by flag eRRatum 




mIRC v5.5 by friendship 




Nero Burning Rom v4.0 * 




Opera v3.62 * 




Quintessential CD v1.1 




SmartSound For Multimedia v1.5 




Solid Pipe Designer 98 




Sound Gadget Pro v1.24 by PcNinJa 




SubmitWolf Pro v3.06 




The JPEG Wizard v1.2.1 




TrayExplorer v1.0 by Mr. Wot 




Visual DialogScript v2.5 




WebGenie ShoppingCart v2.07 




WinImage v4.00.4000 & v5.00.5000 with assistance from Flu[X] 




WinPatch v1.1 




WinRAR v2.0x by friendship 




WPlay v1.7 Beta 4 




Algorithm Links
Blowfish
DES
ECC
MD5
Rijndael
& Rijndael
page
RSA
SHA
Twofish
In the last year to 18 months there has been an increase in the number of software authors choosing to use proven offtheshelf encryption algorithms to protect their registration routines, the implementation of these routines often leaves a lot to be desired however and those not interested in the intricate vagaries of DES Sboxes will easily find patching approaches. Understanding these algorithms requires a strong mathematical background, the most common algorithms were designed with hardware logic speed in mind, data throughput rates being everything, don't expect to see anything much more sophisticated than repeated shifts and xor's in mind numbing quantities.
With most algorithms the ability to reverse them is limited somewhat by your computing power, don't expect to factor many 512bit moduli anytime this year on a meagre Pentium. Enough of my rambling, here are some resources :
Bruce Schneier's Applied Cryptography  Web HTML version available from here and the definitive guide if you really are interested in cryptography (some focus on protocols too). Bruce Schneier has been on record recently stating that the entire Internet is insecure by nature, of course he is now in the commercial world of security solutions, so make of that what you will. An edited and much smaller HTML version of this book is available if you search carefully for 'acrypto.zip'.
Duelist's Key Generator Source Codes  Superb collection of cryptographic source codes from this great reverser (thanks a lot for letting me publish them Due :) ), Blowfish, RSA, Twofish, you name it and Duelist's broken it, I recommend particularly the Armadillo & DJPower sources (973k, 996,870 bytes).
RSA Notes  "RSA is a public key encryption system based on the arithmetics of (large) integers. in this system a message is represented as a series of large (but finite) integers, and the encrpytion/decryption process will eventually transmit these numbers. Since each of these integers goes through the same process (think of it as a block cipher with larger than usual blocks), let's discuss what happens with one such message block.
The basic insight of RSA is that Euler's theorem can be put to use in a public key system. the theorem states the following :
(1.1) m^phi(n) = 1 mod n
where 'm' and 'n' are integers, 0 <= m < n, gcd(m,n) = 1 and phi(n) is Euler's function (giving the number of integers relative prime to 'n', i.e. for a prime 'p': phi(p) = p1).
Fermat's little theorem is the special case of Euler's for n = p where 'p' is a prime :
(1.2) m^(p1) = 1 mod p
from Euler's theorem we can derive the following :
(1.3) m^(phi(n)+1) = m mod n
as we can see, modulo exponentiation will be a noop when a very specific exponent is used (in other words, the exponent in mod n arithmetics can be reduced mod phi(n)) and this is exactly what a full cycle of RSA encryption and decryption does. namely, both of these operations perform a modulo exponentiation (with encryption exponent 'e' and decryption exponent 'd') as is shown below :
(1.4) m^e = c mod n
('c' is the ciphertext and is eventually transmitted to the receiver)
(1.5) c^d = m^(e*d) = m mod n
the condition to make this whole scheme to work is that
(1.6) e*d = 1 mod phi(n)
the rest of the RSA scheme is about the choice for 'n' so that 'e' and 'd' can be chosen/computed in an efficient way (by the sender of course) and to allow all possible messages to be encrypted (remember, Euler's theorem required gcd(m,n) = 1). as it turns out, if we choose 'n' to be a product of two primes 'p' and 'q', and 'e' such that gcd(e,phi(n)) = 1 then all the above equations will work as expected. in this case :
(1.7) phi(n) = phi(p*q) = (p1)*(q1).
and either of 'd' or 'e' can be randomly chosen and the other computed from (1.6). in practice, we place certain restrictions on them in order to deter some attacks and make computations fast.
1.2 some observations regarding RSA and mod n arithmetics
The security of RSA is not known (no mathematical proof exists either pro or contra), all we know is that our current knowledge is not sufficient to determine
'm' from (1.4) (modulo n e'th root problem)
'm' from (1.5) without knowing 'd'
'd' from (1.6) without knowing phi(n)
phi(n) from (1.7) without knowing 'p' and 'q'
'p' and 'q' without factorizing 'n'
for a sufficiently large 'n' (recommended minimum is 1024 bits, 2048 and up are desired). in summary, the security of RSA seems to be based on the intracktability of the modulo n root and the integer factorization problems. It is interesting to see from a more practical point of view where RSA (and mod n arithmetics in general) gets its security from. consider :
(1.8) x^y = z mod n
which is equivalent to
(1.9) x^y = k*n + z
for some integer 'k'. in plain english it means that we LOSE information (the value of 'k') when we perform the mod n reduction. the more this information is (the higher the possible range for 'k' is) the harder it will be to reconstruct 'k' (which is what we will eventually perform if we manage to solve (1.8) for one of its variables).
For the mathematically challenged reader here is a more visual approach : Imagine the function f(x) = x^y in the xy plane (for some fixed 'y'). The curve looks like a parabola. If we consider integer values for 'x' only, we will get a series of dots along the curve, like a necklace. We notice that the larger 'x' is the further the dots are from each other. Now, imagine what happens if reduce f(x) mod n : our necklace breaks down into smaller parts and these parts will slip down to the 'x' axis along the 'y' one.
The 'length' of these parts decreases as 'x' increases, but
for 'small' values one can actually recognize the arcs of the
original
curve (the larger 'n' is compared to 'y' the better the effect
is). However, as soon as f(x+1)  f(x) becomes larger than 'n'
itself we arrive at what best can be described as chaos and that
is what makes mod n arithmetics based algorithms intracktable
(at least these days)."
The eGOISTE's home page (link dead)  A reverser giving away some very valuable cryptographic information (mainly in the form of these key generator source codes) (352k). Schemes covered include Blowfish, ElGamal, hashing, RSA & Twofish.
As a closing thought, maybe you should check out my own RSA minisection here.
If you don't know who Duelist is (or was) then you probably aren't ready for cryptography or the crypto key generating scene that now exists (groups such as CORE/DAMN & TMG for example); not that you should be interested but Duelist paid me handsomely to write these compliments, however you shouldn't neglect his suggested links.
Algorithms@SSH : http://www.ssh.fi/tech/crypto/algorithms.html
Misc information : http://www.cryptography.com/resources/index.html
Data Encryption Page (DEP) : http://www.geocities.com/SiliconValley/Network/2811/
Exercises / Examples : http://www.mindspring.com/~pate/
USSRBack : http://www.ussrback.com/crypto/tree.html
SSLeay : http://www.columbia.edu/~ariel/ssleay/
Crypto++ : http://www.eskimo.com/~weidai/cryptlib.html
OpenSSL : http://www.openssl.org
I personally can also recommend Freelip.
Download here (158k) or alternative fetch his complete archive from the RET homepage.
x3chun has also kindly contributed his crypto key generator sources, you can download them here (679k).
Integer Factorization Project (IFP) : http://www.upl.cs.wisc.edu/~hamblin/ifp.html
Factoring Theory : http://www.frenchfries.net/paul/factoring/theory/index.html
Info on primes : http://www.utm.edu/research/primes/
Any further suggested reading you are welcome to suggest to me via email for inclusion here.
Crypto sites
archive  Christal, roy, tE & tscubes sites (all feature
crypto specific key generators, information and source codes).
Jardinez Chez jB
 jB's archive of crypto related crackmes with solutions.