Technical Details on Microsoft Product Activation for
piracy is a worldwide problem which negatively impacts software developers,
resellers, support professionals, and most importantly, consumers.
One form of piracy, estimated to be as high as 50%, is known as casual
copying. Casual copying is the
sharing and installation of software on multiple PCs in violation of the
software’s end user license agreement (EULA). Microsoft has developed product
activation as one solution to reduce this form of piracy.
activation uses several methods and technologies to help achieve Microsoft’s
goals of protecting intellectual property rights by making it easy for users to
comply with the terms of the EULA and reducing software piracy.
In order to
help customers and partners better understand the technologies used by product
activation, and their unobtrusive and anonymous nature, we will outline in this
Product Activation and volume licenses
Product Activation and new pre-loaded PCs
A processor serial number is 96 bits in length.
When hashed, the resultant one-way hash is 128 bits in length.
Microsoft uses only six bits from that resultant hash in activation’s
hardware hash. Due to the nature of
the hashing algorithm, those six bits cannot be backwards calculated to
determine anything at all about the original processor serial number.
six bits represent 64 (2^6) different values.
There were over 100 million PCs sold last year worldwide.
From those 100 million PCs sold, only 64
different hardware hash values could be created as part of activation.
developed the hardware hash in this way in order to maintain the user’s
whether or not the PC can be put into a docking station or accepts PCMCIA cards
is also determined (the possibility of a docking station or PCMCIA cards
existing means that hardware may disappear or seem changed when those devices
are not present). Finally, the hardware hash algorithm has a version number.
Together with the general nature of the other values used, two different PCs
could actually create the same hardware hash.
The 10 different hardware values used to create the hash are outlined in
the table below:
Table 1: Hardware hash component values
The product ID
(nine bytes) and hardware hash (eight bytes) are used by Microsoft to process
the activation request. When
activation is done over the Internet, these two values form the Installation ID
(in a binary format) and are sent along with request header information directly
through secure sockets (SSL in HTTP) to the Microsoft activation system in a
binary format. There are three communications made to complete Internet
activation is successful, the activation confirmation is sent directly back to
the user’s PC as a digital certificate. This
certificate is digitally signed by Microsoft so that it cannot be altered or
counterfeited. The confirmation
packet returned as part of Internet activation is approximately 9 kbytes in size
(the digital certificate chain accounts for most of the confirmation data packet
is done by telephoning a customer service representative, the product ID and
hardware hash are automatically displayed to the user as the Installation ID; a
50 digit decimal representation. The
encoding encrypts the data so that it cannot be altered and provides check
digits to help aid in error handling. Telephone activation is a four step
confirmation ID is a 42-digit integer containing the activation key and check
digits that aid in error handling. Both the installation ID and confirmation ID
are displayed to the user in easily understandable segments in the product UI.
Modifications to hardware and how they affect the
activation status of Windows XP
activation rechecks the hardware it is running only to help reduce illegal hard
disk cloning – another prevalent piracy method. Hard disk cloning is where a
pirate copies the entire image of a hard disk from one PC to another PC.
At each login, Windows XP checks to see that it is running on the same or
similar hardware that it was activated on.
If it detects that the hardware is “substantially different”,
reactivation is required. This
check is performed after the SLP BIOS check discussed above, if the SLP BIOS
check fails. This means that if
your PC is pre-activated in the factory using the SLP pre-activation method, all
the components in the PC could be swapped, including the motherboard, so long as
the replacement motherboard was genuine and from the OEM with the proper BIOS.
As noted above, installations of Windows XP made using volume licensing media
and volume license product keys (VLKs) will not have any hardware component
defines “substantially different” hardware differently for PCs that are
configured to be dockable. Additionally, the network adapter is given a superior
“weighting.” If the PC is not
dockable and a network adapter exists and is not changed, 6 or more of the other
above values would have to change before reactivation was required.
If a network adapter existed but is changed or never existed at all, 4 or
more changes (including the changed network adapter if it previously existed)
will result in a requirement to reactivate.
One has the full assortment of hardware components listed in Table 1 above. User
swaps the motherboard and CPU chip for an upgraded one, swaps the video adapter,
adds a second hard drive for additional storage, doubles the amount of RAM, and
swaps the CD ROM drive for a faster one.
Reactivation is NOT required.
Two has the full assortment of hardware components listed in Table 1 except
that it has no network adapter.
User doubles the amount of RAM, swaps the video card and the SCSI
Reactivation is NOT required.
are treated slightly more leniently. In
a dockable PC, if a network adapter exists and is not changed, 9 or more of the
other above values would have to change before reactivation was required.
If no network adapter exists or the existing one is changed, 7 or more
changes (including the network adapter) will result in a requirement to
PC Three has the full assortment of hardware components listed in Table 1 except
that it has no network adapter. User
doubles the amount of RAM, swaps to a bigger hard disk drive, and adds a network
Reactivation is NOT required.
The change of
a single component multiple times (e.g. from video adapter A to video adapter B
to video adapter C) is treated as a single change. The addition of components to
a PC, such as adding a second hard drive which did not exist during the original
activation, would not trigger the need for a reactivation nor would the
modification of a component not listed in the above table. Additionally,
reinstallation of Windows XP on the same or similar hardware and a subsequent
reactivation can be accomplished an infinite number of times.
Finally, the Microsoft activation clearinghouse system will automatically
allow activation to occur over the Internet four times in one year on
substantially different hardware. This
last feature was implemented to allow even the most savvy power users to make
changes to their systems and, if they must reactivate, do so over the Internet
rather than necessitating a telephone call.
believes that product activation will be successful at deterring the casual
copier, thereby reducing the piracy of Windows XP. Product activation achieves
this goal by implementing a technology solution that deters the casual copier
Continuing to meet
the needs of corporate customers and their unique deployment needs for
deployment of volume licenses
XP’s ease of use
Striking a balance in
protecting intellectual property clearly in favor of the user
user’s privacy by utilizing information that is not personally identifiable.
At no time is personally identifiable
information secretly gathered or submitted to Microsoft as part of activation.
Microsoft believes that product activation be completely unobtrusive to most
Windows users. Most users of Windows XP will acquire it with the purchase of a
new PC. The vast majority of these
users will never see activation, either on first boot or with substantial
hardware upgrades. For those users
whose new PC requires that Windows XP be activated or who acquire Windows XP
through a retail box, activation will most likely be a one-time
occurrence that, whether completed via the Internet or by telephoning a
Microsoft customer service representative, will be a simple, quick, and
Appendix A: This bulletin and Microsoft Product
Activation for Office XP Family Products
Family products use an underlying activation technology similar to that of
Windows XP. Please see the forthcoming Microsoft Technical Market Bulletin on
product activation in Office XP Family products for details.
Appendix B: Technologies
used in Product Activation
An overview of
digital certificate technologies can be found on Microsoft’s MSDN
website at http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/hh/crypto/aboutcrypto_3xdf.asp
comprehensive overview of cryptography solutions available to Microsoft
developers can also be found on Microsoft’s MSDN website at http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/hh/crypto/aboutcrypto_6fl5.asp
2001 Microsoft Corporation. All rights reserved. This Market Bulletin is for
informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED,
IN THIS DOCUMENT. The information contained in this Market Bulletin represents
the current view of Microsoft Corporation on the issues discussed as of the date
of publication. Because Microsoft must respond to changing market conditions, it
should not be interpreted to be a commitment on the part of Microsoft, and
Microsoft cannot guarantee the accuracy of any information presented after the
date of publication. Microsoft and Windows are either trademarks or registered
trademarks of Microsoft Corporation in the United States and/or other countries.
Other product or company names mentioned herein may be the trademarks of their
respective owners. Microsoft Corporation • One Microsoft Way • Redmond, WA
98052-6399 • USA 1000
more information, press only:
Response Team, Waggener Edstrom, (503) 443-7000, email@example.com
online product information:
Windows XP Web site: http://www.microsoft.com/xp
Piracy Web site: http://www.microsoft.com/piracy/
Product Activation Web site:
independent information on software piracy:
Software Alliance web site: http://www.bsa.org