I'm taking a crack at making a licensing system for my application, which will only allow one instance of the application to be running at any time. Here's how it'll work:

1. Client sends key to server.
2. Server sends back a random PKE-encrypted string, and its hash.
3. Client uses its private key to decrypt the string, and compares the decrypted string's hash against the sent hash. If they match, allow the user to continue. Even if the user knows the private key, the public key is private to the server and communications are still safe because the string is random.

Now, how could I implement secure logout? I was thinking of using the random string as a logout key, but the user could forge it and continue using the program. How can I do this?