Amusement devices: games – Including means for processing electronic data – Access or authorization
Reexamination Certificate
2001-10-05
2004-04-20
Walberg, Teresa (Department: 3713)
Amusement devices: games
Including means for processing electronic data
Access or authorization
C713S168000, C713S176000
Reexamination Certificate
active
06722986
ABSTRACT:
INTRODUCTION
The present invention relates generally to electronic gaming machines or consoles and in particular the invention provides an improved system for executing casino games in RAM as opposed to the conventional unalterable ROM. The improvements provide an authentication process based upon digital signatures, with the U.S. Digital Signature Standard (DSS) being the preferred means of implementation.
For the sake of clarity the following terms are defined for the purpose of this specification.
A gambling machine, usually referred to as a gaming machine, is a traditional gaming machine. Typical examples include slot machines of the type made by Aristocrat Leisure Industries or IGT.
A casino refers to the operator of gambling machines.
A digital signature is a pair of large numbers represented in a computer as strings of binary digits. The digital signature is computed using a set of rules (i.e., the DSA) and a set of parameters such that the identity of the signatory and integrity of the data can be verified.
Strong encryption is the encryption of data such that it is computationally infeasible for a third party—for example a government agency—to retrieve the encrypted data without a key.
A hash, or message digest, is the output from a function that produces a value that is unique for any message input into it. A one-way hash produces an output that is computationally difficult to relate to the input. It is also computationally difficult to produce two different messages with the same message digest.
An unforgeable log is produced by chaining together hash values such that the nth entry in the log is dependent on the (n−1)'h entry, and thus previous entries cannot be altered without re-computing the whole chain.
A logic cage is a secure area inside the gaming machine that cannot be accessed without sufficient security clearance.
REFERENCES
“The Digital Signature Standard” U.S. Federal Information Processing Standards Publication 186
“The Secure Hash Standard” U.S. Federal Information Processing Standards Publication 180-1
“Cryptographic Support for Secure Logs on Untrusted Machines” by Bruce Schneier and John Kelsey (available at http://www.counterpane.com/secure-logs. html)
BACKGROUND OF THE INVENTION
Traditionally, microprocessor based gaming machines store their program contents in unalterable ROM or EPROM. During installation and after a large jackpot payout, the machine is physically inspected and the EPROMs are removed. These EPROMs are placed in a verification device which produces an output string using a known algorithm usually referred to as a hash function. This string is compared against a string that has been already generated when the game program was approved by the gaming jurisdiction. Authentication is achieved by a match of the approved string and the EPROM generated string.
The main disadvantage of such a system is that the current limited capacity of EPROM technology ensures that games cannot be as sophisticated as if they were stored in an alternative medium such as a hard disk or CD-ROM. The other problem with using RAM is that it cannot be extracted and placed in a verification device, since the contents of the RAM are necessarily volatile.
Another system, disclosed and described in U.S. Pat. No. 5,643,086 uses a private key to encrypt a message digest of the approved copy of the program, and thus produce an unalterable digital signature which can be decrypted with a corresponding public key and compared against a message digest generated by an unalterable EPROM in the gaming machine.
The disadvantage of the above invention is that it relies on strong encryption, currently subject to export restrictions from the U.S. and other countries. This program can only be signed by one party and if a single private key is compromised, the whole system is compromised.
A related problem that exists is that of version control. Once a gaming machine program is found to be faulty, a modification or ‘patch’ is usually distributed. Unfortunately, conventional EPROM based machines, and the disclosed system above, have no method implemented of ensuring that the earlier version of the program is not re-installed, either deliberately or by accident, later. Once program is approved, it is impossible for the machine to revoke that approval. If a rogue element was able to ‘sneak past’ a jurisdiction a dubious piece of program, there would be no way to stop it being used in a casino, even after detection
SUMMARY OF THE INVENTION
The invention provides a gaming machine with enhanced capability for storing games due to enhanced security and authentication capabilities.
According to a first aspect the present invention provides a programmable controller, including a readable and writable storage means to hold a program during its execution by the programmable controller, and program authentication means comprising digital signature verification means which verifies a digital signature associated with the program and prevents execution of the program if the digital signature is not valid.
According to a second aspect the present invention provides a method of verifying a program or a program component for a programmable controller, including a readable and writable storage means to hold a program during its execution by the programmable controller, and program authentication means comprising digital signature verification means which verifies a digital signature associated with the program, and the method including a step of verifying the digital signature against a key, and preventing execution of the program if the digital signature is not valid.
Preferably, the digital signature is generated by a method that does not include encryption such that de-encryption is not performed during the digital signature verification.
According to a third aspect the present invention provides a programmable controller, including a readable and writable storage means to hold a program during its execution by the programmable controller, and program authentication means comprising digital signature verification means which verifies each of a plurality of digital signatures associated with the program and prevents execution of the program if any one of the digital signatures is not valid.
According to a fourth aspect the present invention provides a method of verifying a program or a program component for a programmable controller, including a readable and writable storage means to hold a program during its execution by the programmable controller, and program authentication means comprising digital signature verification means which verifies each of a plurality of digital signatures associated with the program, and the method including steps of verifying each of the digital signatures against a respective key, and preventing execution of the program if any one of the digital signatures is not valid.
Preferably the or each digital signature is generated by a method that does not include encryption such that de-encryption is not performed during the digital signature verification.
In one embodiment, the programmable controller is used to control the operation of a game played on an electronic gaming machine and the signed program is a game program or a component of a game program.
Preferably multiple signatures may be applied to the game program, to ensure that only program approved by not only the manufacturer, but also the jurisdictional authority and optionally the casino itself, is executed by the machine
Preferably also a system is provided for revoking signature keys. This can be password based—a password is entered which allows one of the public signatures stored in the machine to be changed. Alternatively, a revocation certificate can be used, which must be valid, or the revocation system can be time based, where the machine stores a set of signatures, good for say 10 years, and the current active signature is based upon the current system clock.
A system of equivalent signatures is also preferably provided, such that any one of these signatures can be used as part of the ve
Lyons Martin
Muir Robert Linley
Aristocrat Technologies Australia Pty Ltd.
Cherubin Y
Katten Muchin Zavis & Rosenman
Walberg Teresa
LandOfFree
Electronic casino gaming with authentication and improved... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Electronic casino gaming with authentication and improved..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Electronic casino gaming with authentication and improved... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3247689