Since any algorithm you make is going to get broken i would do something simple like this:
const string secretMumboJumbo = "sdfkldafskjlfajmkldsfjaewumaskldfladkkldsfklj"
//For you to generate keys
string GenerateLicenceKey(int idNr)
{
return Sha1Hmac(key=secretMumboJumbo, messageToEncode=idNr)
}
//For clients to check if key is valid,
bool IsKeyValid(string key)
{
for(int i=0;i<maxNrOfLicenceKeys;i++)
if(key == GenerateLicenceKey(i))
return true;
return false;
}
Maybe the checking could become too slow because it has to try every possible key but that could also be a good thing to avoid brute forcing.
Most frameworks should have an HMAC-function for SHA1 or some other hash function. Worse case you could replace this with md5(key+id)
Don't take this algorithm too seriously, it's just an example and it can probably be broken very easily as the generation-key has to be included in the client, even though it's hidden in the binary somewhere.
