# Generate Random Serial Key Python

One way to generate random numbers in Excel is with the **RAND** function. By itself, **RAND** generates a limited range of random numbers, but by using it in formulas with other functions, you can expand the range of values so that:

Python Module for Windows, Linux, Alpine Linux, MAC OS X, Solaris, FreeBSD, OpenBSD. CkEcc () # Generate a random ECC private key on the secp256r1 curve. # Chilkat also supports other curves, such as secp384r1, secp521r1, and secp256k1. # privKey is a CkPrivateKey privKey = ecc. How to generate random numbers that are different? [duplicate] Ask Question 13. In Python - How to generate random numbers without repetition.

**RAND**can be made to return random numbers within a specified range, such as 1 and 10 or 1 and 100 by specifying the high and low values of a range,- You can reduce the function's output to integers by combining it with the
**TRUNC**function, which truncates or removes all decimal places from a number.

The **RAND** function returns an evenly distributed number greater than or equal to 0 and less than 1. While it is normal to describe the range of values generated by the function as being from 0 to 1, in reality, it is more exact to say the range is between 0 and 0.999..

These instructions apply to Excel 2019, 2016, 2013, 2010, Excel Online and Excel for Office 365.

### RAND Function Syntax and Arguments

A function's syntax refers to the layout of the function and includes the function's name, brackets, comma separators, and arguments. The syntax for the **RAND** function is:

Unlike the **RANDBETWEEN** function, which requires high-end and low-end arguments to be specified, the RAND function accepts no arguments.

You can see several **RAND** function examples in the above image.

- The first example (row 2) enters the
**RAND**function by itself. - The second example (rows 3 and 4) creates a formula that generates a random number between 1 and 10 and 1 and 100.
- The third example (row 5) generates a random integer between 1 and 10 using the
**TRUNC**function. - The last example (row 6) uses the
**ROUND**function to reduce the number of decimal places for random numbers.

### Generating Numbers with RAND

Again, since the RAND function takes no arguments, you can enter it by clicking on a cell and typing **=RAND() **which results in a random number between 0 and 1 in the cell.

#### Generate Numbers Within a Range

The general form of the equation used to generate a random number within a specified range is:

**High** and **Low** signify the upper and lower limits of the desired range of numbers. As an example, to generate a random number between 1 and 10 enter the following formula into a worksheet cell:

### Generating Random Integers with RAND

To return an integer — a whole number with no decimal portion — the general form of the equation is:

Rather than remove all decimal places with the **TRUNC** function, we can use the following **ROUND** function in conjunction with **RAND** to reduce the number of decimal places in the random number to two.

### RAND Function and Volatility

The **RAND** function is one of Excel's volatile functions; this means that:

- The function recalculatesand produces a new random number every time anyone makes a change to the worksheet, including actions such as adding new data.
- Any formula that depends either directly or indirectly on a cell containing a volatile function also recalculates every time someone makes a change in the worksheet.
- In worksheets or workbooks containing large amounts of data, take caution when using volatile functions because they can slow down the program's response time due to the frequency of recalculations.

You can also force the RAND function to produce new random numbers without making other changes to a worksheet by pressing the **F9 **key on the keyboard. This action forces the entire sheet to recalculate including any cells containing the RAND function.

You can also use the **F9** key to prevent a random number from changing every time someone makes a change to the worksheet:

Click on a worksheet cell where you want the random number to reside.

Type the function

**=RAND()**into the formula bar above the worksheet.Press the

**F9**key to change the**RAND**function into a static random number.Press the

**Enter**key on the keyboard to display the random number into the selected cell.Now, pressing

**F9**won't affect the random number.

I need a serial number generator and accompanying checker. I would like to be able to set a salt (and maybe a length). The generator should only produce serial numbers that pass the test of the checker. Those numbers should only account for a small fraction of all the possible numbers of the given length.

The algorithm **needn't be cryptographically secure**. Rather, it should be very easy to implement (in javascript) and it should be very fast.

To clarify: If you buy commercial software, it is sometimes protected with a serial number/a key. If you type it in, the software verifies it algorithmically (by checking whether it fulfills certain properties), rather than looking up a huge database. I'm also pretty sure that the keys were all generated algorithmically rather than by hand. And only a small fraction of all the possible keys of a given length are actually valid so it's hard to guess keys.

Salt: I don't know whether salt is the right word, but the algorithm should have at least one parameter, whose choice alters the generated keys (so that multiple people can use the same algorithm and needn't fear collisions).

Gilles## 3 Answers

If there is no real need for security, then here is a very fast serial number generator, with a checker:

- User a counter. Initialize it at 0. When you want a new serial number, increment your counter by 1000; the new counter value is the serial number. The checker works like this: a serial number is valid if it ends with three zeros. Only one of every 1000 numbers will be accepted by the checker.

If this solution does not please you, then you *do* have a need for security, and this calls for cryptography.

The cryptographically secure solution is to have signed serial numbers: the serial number is the encoding of some payload (e.g. a counter of all serial numbers that you have generated) and a signature over the payload. The generator has a private key, which it uses to compute the signatures; the checker only knows the corresponding public key. The trouble with this setup is not really about verification time, even in Javascript; rather, it is the *size* of the signature which is a problem. I assume that the serial number will be, at some point, typed by a user. The minimal theoretical size for a cryptographically secure signature is about 80 bits (since signatures can be verified with only the public key, an attacker could try all possible bit sequences, and we usually require a security level of at least 2^{80}). Usb 2.0 vs usb 3.0. However, the smallest signatures among the 'assumed to be secure schemes' are closer to 160 bits (with BLS, which uses a pairing, which is kind of complex to implement) or 320 bits (with DSA or ECDSA). There is some work on signature systems with shorter signatures (Quartz, or McEliece-Niederreiter) but there is quite some controversy on their security.

Even with both uppercase letters and digits (36 possible characters, and there you have both 'I' and '1', and also 'O' and '0'), a 160-bit signature will use 31 characters. Along with the payload, you will end up with serial numbers of length 35 or so, which is probably too much for an average user to type in (but not by a large margin; an 80-bit signature would fit nicely).

### Generate A Random Number Python

If you do not use a signature scheme, then you must be aware that a reasonably determined attacker *will* be able, through some disassembly, to circumvent the checker, or even to learn enough to be able to produce his own serial numbers (which the checker will happily accept). At that point, you will not get quantified security: you will not be able to say: 'my scheme is secure up to a budget of 3.8 billion dollars'. Rather, it will go as: 'my scheme is secure until a sufficiently witty and bored student comes along, reverse-engineers the checker code, and publishes the result on Facebook'.

The classical not-really-secure scheme would look like this:

- Use the counter from the previous scheme (the one with ends with three zeros). Encode it as a 64-bit block. Encrypt that block with some hardcoded symmetric key, using a block cipher. The checker knows the key, and verifies the serial number by decrypting it (with the same hardcoded symmetric key) and looking at the final zeros.

This is not really more secure than the plain counter, but at least the serial numbers will be random-looking. With an alphabet of 34 characters (digits and uppercase letters except 'O' and 'I'), a 64-bit block requires 13 letters, which is probably acceptable (a typical Microsoft serial number has 25 letters). For the 64-bit block cipher, I recommend XTEA, which should be fast and simple enough to implement.

Thomas PorninThomas PorninIf you want the cryptographically secure method you won't get around an internet connection to verify the serial. This means that such a protection scheme is better suited for subscription based software than it is for traditional shelf software.

### Serial Key Crack

With internet connections it's simple (since you use JS, I assume that's the one you want):

- Someone creates a key, that party has to know the secret
- Server knows secret and is able to decode the data
- Client sends the key, which is a binary blob encoded in Base32 (also see this)
- Server decrypts the key and checks whether it's valid (either just syntactically or also semantically)

Without internet connection you can still use a scheme similar to PGP signing in order to *verify* that the blob that the user enters was created by you. Encryption won't work the same, because the decryption always requires to know the secret and the big issue here is:

### Python Generate Random

- you don't trust the user (otherwise you wouldn't need the protection scheme)
- you give the user the secret, compiled into your binary

Obviously both points contradict each other. On one hand you don't trust the user, on the other hand you have to deploy the secret used for decryption.

All in all I have to conclude that without the internet connection and the server-based validity check that results in the revelation of some knowledge (e.g. content that is useful only for so long) **any protection scheme I have seen so far is more or less an arms race between crackers and vendors.**

Now, if it isn't important to have a cryptographically secure system, I'd still go for any binary data that you can secure by means of a simple CRC or so. What comes to mind would be:

- Have a monotonically increasing serial number
- XOR it with your salt value (or any other reversible operation)
- Take the CRC32 of that value (or Adler32 or whatever) - add more salt here if needed
- Encode it with Base32 (aids readability etc)
- Only check that the CRC32 for validity ..

OP wrote 'it should be very easy to implement (in javascript) and it should be very fast'

Its not clear whether 'in javascript' refers to the generator or the checker or both, or whether it refers to 'javascript in the browser', or some other java/ecmascript implementation (e.g. server-side in the web server).

Javascript as an implementation language isn't necessarily a problem, and there are a couple of crypto libraries for javascript (supporting MD5, DES, AES, SHA, PBKDF2, HMAC):

Speed shouldn't be too much of a problem either (browser javascript engines are getting quite usable in that respect, once you get past IE6/7).

However, neither of the above support public key crypto (which is required for security if the 'checker' is distributed to the untrusted user and thus cannot be allowed access to the key used to create serial numbers) - let alone the specific algorithms suggested by Thomas, above. Google does turn up some hits for public-key implementations in JavaScript (http://www-cs-students.stanford.edu/~tjw/jsbn/, http://ohdave.com/rsa/, http://www.hanewin.net/encrypt/rsa/rsa.htm) but personally I'd be even more nervous about their bug-free-ness than the 'bigger' libraries above.

Perhaps more significantly, even with a public key-based approach, if either the generator or the checker are distributed to the untrusted user, then the scheme is not secure. If the generator code is available to the untrusted user then they can generate as many keys as they like, while if the checker is available to the untrusted user then they can simply modify the javascript code to skip the checks. [The same issue arises with native code, of course, but, even with obfuscation, JavaScript is arguably simpler to attack through local modifications.]

Before implementing a security scheme in JavaScript you should also consider the wider trust issues: see http://rdist.root.org/2010/11/29/final-post-on-javascript-crypto/ for a useful summary.