Client (c++)
1) AntiCrack (non public techniques):
- Debugger Attached
- virtual machine
- Other checks you can think of to
2) Grabs PC Information = monitor, user, harddrive serial, and others
=> Takes this information and creates a hardware identification MD5 hash number
3) Create an encrypted header using AES256 encryption with MD5 hash number as encryption key
=> Sends information to server
Server:
1) Stores Header Information
2) Grabs clients IP address
=> Searches in SQL for IP address which will be the "key" in SQL for this user
=> From this user Grab decryption key (will match hardware identification MD5 hash number
=> Decrypt AES256 encryption header information using the key above.
=> If decrypted header matches MD5 has number stored in SQL allow the user to be authenticated
3) Take ByteArray stored in php and encrypt using AES256 and hardware identification MD5 hash number as key
4) Send this bytearray to the client
Client(c++):
1) Receives encrypted bytearray
2) Decrypts using AES256 using hardware identification md5 has number which you got in step 2 above as the key to decrypt
This project it's too difficult since there are public libraries for AES256 encyrption. It's just that server communication with header description and php coding I am not too strong on security aspect.