Original address: http://www.vonwei.com/post/UniqueDeviceIDforWindows.html
Uniquely identifying a device is a basic function that can have many application scenarios, such as software authorization (how to ensure that your software can be used on a specific machine after authorization), software license, device identification, device identification, etc. Here are the pros and cons of various methods:
(1) MAC address of the network card
MAC address may be the most commonly used identification method, but this method is basically unreliable: a computer may have multiple network cards and multiple MAC addresses. For example, a typical notebook may have multiple MAC addresses such as wired, wireless, and Bluetooth. With the change of different connection methods, the MAC address will also change each time. Moreover, when a virtual machine is installed, there will be more MAC addresses. Another more fatal weakness of the MAC address is that it is easy to manually change the MAC address. Therefore, the MAC address is basically not recommended as a unique device ID.
(2)CPU ID
wmic cpu get processoridYou can view the CPU ID by running it on the command line in the Windows system .
At present, the CPU ID cannot uniquely identify the device. Intel may now have the same CPU ID in the same batch and no longer provide a unique ID. And after actual testing, the CPU ID of the same batch of newly purchased PCs is likely to be the same. As a unique identification of the device, there will be problems.
(3) The hard disk serial number can be viewed
by running " wmic diskdrive get serialnumber" in the Windows system through the command line . The problem with the hard disk serial number as the unique ID of the device is that many machines may have multiple hard disks, especially servers, and it is very possible for the machine to replace the hard disk. After the hard disk is replaced, the device ID must also be changed, otherwise it will also be affected. Authorization and other applications. Therefore, many licensed software do not consider the use of hard disk serial numbers. Moreover, not all computers can obtain the hard disk serial number.
(4) Custom algorithm to generate unique ID
can use a self-made specific algorithm (such as GUID, or a certain number of random numbers) to generate a unique ID, and then write it into the registry or device as its unique ID. This method does not rely on any hardware features, and the uniqueness can be fully controlled by itself, but the disadvantage of pure software implementation is that this ID is easy to forge and easy to erase; and it is likely to require online verification and a server that stores all IDs in the background Must stay online.
(5) Windows product ID (ProductId)
You can see the activated Windows product ID information at the bottom of "Control Panel\System and Security\System", and you can 计算机\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersionalso see the "ProductId" field through the registry " ". However, the product ID is not unique, and the probability of duplication in different systems or machines is relatively high. For the cloned system in the virtual machine, the product ID may be exactly the same for the system that is activated using the same mirror image. After actual measurement, the author found that the ProductId is exactly the same on two Thinkpad notebooks.
(6)MachineGUID
When Windows is installed, a GUID will be generated uniquely, and 计算机\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptographyits "MachineGuid" field can be viewed in the registry " ".
This ID is good as the only identification of Windows system equipment, but it is worth noting that, unlike the hardware ID, this ID should be different after reinstalling the Windows system. In this way, after reinstalling the system, the authorized software may require the user to purchase the license again.
(7) Mainboard smBIOS UUID
wmic csproduct get UUIDYou can view it by running " " in the Windows system through the command line .
The motherboard UUID is a method recommended by many authorization methods and Microsoft officials. Even if the system UUID is reinstalled, it should not change (I did not measure and reinstall it, but if you install dual systems on a machine, the obtained motherboard UUID is the same. For dual systems, one windows and one Linux, the dmidecode -s system-uuidUUID can be obtained by using the " " command under Linux ).
But this method is also flawed, because not all vendors provide a UUID. When this happens, wmic will return “FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF”an invalid UUID.
(8) The external password device provides a unique ID
There are many such methods. For example, a unique key identification can be provided in the USB shield, and the endorsement key EK in the trusted computing cryptographic chip is uniquely fixed in the secure hardware, and it is generated by a good cryptographic algorithm, which is unique and unique. The difference can be guaranteed, and the safety is higher.
This method requires connecting an external cryptographic chip to the computing device, which increases the economic burden and development cost. Moreover, even this method also has cracking methods such as spoofing attacks and proxy attacks.
Of course, there are many other methods, such as sound card, CPU mode and frequency, IDE controller, memory and other information. Even the software and hardware configuration of the equipment can be collected, and the equipment can be classified and identified through statistical methods and machine learning methods. Academically, there are also various cryptographic algorithms, hardware unclonable functions PUF and other unique identification methods that can be used.
From the perspective of the simple application of software authorization, it is too expensive to purchase external cryptographic device hardware. A simple combination method can be used. It is recommended to use the motherboard UUID as the main identification. When the UUID returns an invalid value, the CPU ID and BIOS can be further used. The serial number, MachineGUID, etc. are used as secondary identifiers, which can basically solve the problem.
In fact, the unique identification of a device is actually a type of fingerprint. When you want to use an identification or fingerprint, you must first clarify your true intention, whether to identify a user (such as ID card, fingerprint, mobile phone verification, etc.), or to identify A device (the various device IDs listed in this article). Only according to one's true intentions can we further think about the specific way of use, not forgetting the original intention.
However, no matter what kind of hardware information or arrogant algorithm is used to identify users or devices, or the old saying "The road is one foot high, the magic is high", it can be breached, even if your logo cannot be forged or cloned. No, the attacker can also use other attack methods, such as reverse your verification check code, and then modify it to make the check failure. Therefore, regardless of the device identification or user identification, in many cases, it may only protect against gentlemen and not against villains, and even pessimists think that these methods are to prevent legitimate users, which affect the convenience of users and can be cancelled. The author believes that there is no need to be so pessimistic. Information such as intellectual property rights is the performance of respecting people’s value and labor. Even if villains cannot be completely prevented, we must use these methods to exclude ordinary villains from the technical threshold and increase as much as possible. The price when the senior villain cracks.