Just dont do it, it will take people with some more reversing skills minutes to hack your game and get all keys.
You'd need a method to check if a certain user already won a key and this is sadly not perfectly possible.
Well, would you look at that, the day I agree with Chaos has come!
Aku Aku, public key cryptography is a great tool for so many things, but not this. Just in general encryption is more or less worthless here, because in the worst case you can just do a replay attack and be done with it. Or, if it's slightly better do what Chaos says, open the game up in IDA (Pro) or whatever you have at hand and figure out where the encryption magic happens and just wire a jump in there from main.
The sad truth is this: If you ship something to a customer, consider it compromised. They can make 1000 mistakes trying to crack it open, but you only need to make one. And besides, it runs on _their_ CPU, and they can make _their_ CPU do whatever they want.
You will have a hard time as is trying to figure out who is legitimate and who isn't. Ideally you monitor exactly what happens and verify on the server what the user does and if it's legitimate or not. That's basically the MMO approach to no cheating, but it'll be hard sell for an single player game to spy on the user legitimately. Honestly, maybe do a raffle to subscribers to your newsletter and hope to god most people are too lazy to create enough email addresses to make a statistical dent for themselves.
