While MSO owners still have to hack their scope every time they update their firmware, I had peace of mind because I had real keys.
Most MSO owners... There are some who don't need to do that.
I still don't know why the MSO hack was not developed further.
The MSO keygen was fully developed since the beginning of times. It just isn't public.
There is, Riglol does it, but it needs a private key.
I'm not sure where Riglol got the private keys for all the 'scopes from, I've long suspected Riglol is an inside job by a Rigol employee - there's just too many secret Rigol keys in it.
The algorithm is very complicated, involving elliptic curve crypto.
(Look at the key file, it starts with "brainpool", which is a standard curve used in ECC)
Here are the usual "stretched" conclusions...
There is no reason to believe that the old ECC private keys are derived from the S/N. That's why Rigol includes the keys in device's NANDs and there is no function in the app code to generate them. Today's ECC algorithm is as much complicated as it was in riglol days, only the keys are longer.
As I've hinted a year ago, the DHO uses a totally messed up license system based on the original MSO system. Once again the ECC keys are unique to each device but they are not used correctly, as in the MSOs. While they may be generated based on the S/N (although there is not much space for creativity here) there is no indication that such happens.
My conclusion is that Rigol maintains a database with all this info as the majority of the others A/B brands do.