Encrypt string in C# and decrypt it in Delphi

Question

I'm writing a web app in ASP.Net that creates a licence key for a Windows app written in Delphi. For simplicity I'm going to use a email address and date.

I want to encrypt it in C# and email that info to the person then when the Windows app starts up the person enters in the encrypted string.

Every time the Windows app starts it checks that licence by decrypting it and comparing to todays date.

How can I do this to ensure the C# encryption will decrpyt succesffuly in Delphi?

Answer 1

AES for Delphi and AES for C#.

Answer 2

"the world was full of bad security systems designed by people who read Applied Cryptography"

While the trivial answer is 'use the same algorithm and make sure you have the same keys and initial vector', this answer only exposes the true problem you are going to have: How are you going to protect the encryption key? Mail it along with the license? Embed it in the application? The truth is that there is no protocol that can bootstrap itself w/o a root of trust, either a public trusted authority or a shared secret. A shared secret is easy to code, but complete useless in practice (which means AES, 3DES, XDES or any other similar cipher are not the answer), so you need an scheme that starts based on public key cryptography. For such, to encrypt something for the beneficiary of the license, you need the public key of the said beneficiary, which would make provisioning difficult (license site sends public key, you encrypt license, send email etc). It is much better to send the license in clear text, but signed with your private key. Then your application can validate the signature on the license and use it, if not tampered with.

S-MIME is such a scheme. PGP is just as good. Writing your own code in C# and Delphi is possible, but strongly discouraged. See Cryptographic Signatures.