However, are there any modern, better approaches for creating such "offline installation keys"?
There are two obvious approaches:
- One is to use a Message Authentication Code (MAC); this is a cryptographical algorithm that takes a string and a secret key, and generates a 'tag'; the idea is that, without know the secret key, it is hard to generate another string/tag pair that validates.
So, what you would do as a manufacturer is select a random secret key (which you would insert into your products). To generate a 'product key' (label that is attached to the product), you would take a sequence number, run that through the MAC to generate a tag, and make the sequence number and the tag be the product key.
Then, when the product is installed, the user enters the product key; the software separates out the sequence number and the tag; it then runs the sequence number through the MAC (using the secret key that the manufacturer inserted), and compare that computed tag to the tag that was in the product key - if they match, you go ahead with the installation.
The upsides are that this is easy, and that length of the product key can be easily controlled (with a good MAC, say, HMAC, a 20 bit tag will make the probability of random guessing less than one in a million per guess - if that's not low enough, just pick a longer tag).
The downside of this is that if a good hacker pulls apart your product, they can extract the secret key, and then go ahead and generate their own product keys at will. There's been attempts at designing implementations that are resistant to this ("white box cryptography"); those have been found to be disappointing. However, if the effort involved on the attacker's part is more than the effort of just distributing the known good product key, it might be acceptable.
- The other approach would be to go with a public key signature algorithm (with a short signature).
This idea is similar, except that the manufacturer generates a public/private key pair, and inserts the public key onto the device.
The manufacturer uses the private key to generate 'product keys'; on installation, the software uses its copy of the public key to validate the product key.
The upside is that we no longer have to worry about a hacker getting the ability to create new product keys - to do that, he needs the private key, and that's not on the device.
The downside is the length of the tag - even the algorithms with the shortest signature (which I believe is BLS) still has moderately long signatures (e.g. 256 bits for 100 bits of security); and unlike the MAC case, they can't be truncated.
There were companies that used signatures for their product keys - I expect they were in the minority.