IntroductionThink about the last time you installed software on your computer. At some point during the installation were you asked to enter a special code? This code is called the product registration key. The code must be entered to prove who purchased the software. If no one had to enter the product registration key, nothing would stop a person from uploading the software to the Internet to allow anyone to download that software and install it for free. A question that is rarely asked is, “How do companies find all those keys?” There are two main ways to create product registration keys: session keys and pre-generated keys. Session Keys Session keys are a common technique for generating keys for software downloaded from the Internet or specially ordered. For these types of software, you must register for the software, and the information you enter during the registration session is used to generate your product registration key. Any information entered during the recording session is called a session variable. Those session variables are then put into a cryptographic hash function. A cryptographic hash function is a one-way mathematical function (i.e. it is impossible to determine the input from the result) that accepts a character string of any length and outputs a character string of a fixed length. Ideally, a cryptographic hash function should always generate the same output given the same input, and two different inputs should never generate the same output. The National Security Agency developed a popular cryptographic hash called SHA-1 used by the US government to encrypt sensitive information. If two usernames, regardless of...... middle of paper......thod can be used for any type of software, but there are some situations for which each is better suited. When users must register before receiving the software, session keys are generally easier to generate, while if the user purchases mass-produced software from a retail store, pre-generated keys will be easier to implement. However, product registration keys alone are not enough to ensure that no one steals a copy of the software. A fundamental rule in cybersecurity is that security is multi-layered. Therefore, to truly protect software products, registration keys are just a single layer of many.Works Cited[1] Functions Online, "SHA1", [Online] Available: http://www.functions-online.com/ sha1.html Accessed January 26, 2010.[2] Cirticom Corp., “ECC Tutorial,” [Online] Available: http://www.certicom.com/index.php/10-introduction. Accessed in January 26, 2010.