Network architecture for secure communications between two console-based gaming systems
First Claim
1. A method comprising:
- deriving a secret that is unique to a game console running a particular game title; and
establishing a secure communication link between multiple game consoles over a local area network using the secret.
3 Assignments
0 Petitions
Accused Products
Abstract
A network architecture for console-based gaming systems enables secure communication among multiple game consoles over a local area network. The system architecture supports a three-phase secure communication protocol. The first phase involves generating shared keys that are unique to an authentic game console running an authentic game title. In the second phase, a “client” console attempts to discover existing game sessions being hosted by a “host” game console by broadcasting a request over the local area network. The broadcast request is protected using the shared keys. If the host console agrees to let the client console play, the host console generates session keys that are returned to the client console. The third phase involves a key exchange in which the client and host consoles exchange data used to derive one or more secrets for securing future communications. The key exchange is protected using the session keys.
-
Citations
54 Claims
-
1. A method comprising:
-
deriving a secret that is unique to a game console running a particular game title; and
establishing a secure communication link between multiple game consoles over a local area network using the secret. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method comprising:
-
generating at least one key that is secret to an authentic gaming system running an authentic game title;
discovering whether another gaming system on a common local area network is hosting the game title; and
establishing a secure communication link between multiple gaming systems to facilitate multi-system play of the game title over the local area network. - View Dependent Claims (7, 8, 9, 10, 11, 12)
-
-
13. In a networked gaming environment where multiple game consoles are connected via a local area network, a method comprising:
-
broadcasting, from a client game console over a local area network, a request to join in playing a game title in a network gaming session being hosted by a host game console, the request containing a secret that is unique to the client game console running the game title; and
broadcasting, from the host game console over the local area network, a reply to the request, the reply containing information that can be used to establish a secure communication link. - View Dependent Claims (14, 15)
-
-
16. A method comprising:
-
retrieving a console-based key stored on a game console;
retrieving a title-based key associated with a game title running on the game console; and
deriving one or more keys from the console-based key and the title-based key. - View Dependent Claims (17, 18)
-
-
19. In a networked gaming environment where multiple game consoles are connected via a local area network, a method comprising:
-
creating a request to join in playing a game title being hosted by a host game console on the local area network;
broadcasting the request over the local area network;
receiving a reply from the host game console, the reply containing one or more session keys; and
using the session keys from the reply to facilitate future secure communication with the host game console. - View Dependent Claims (20, 21, 22, 23, 24)
-
-
25. In a networked gaming environment where multiple game consoles are connected via a local area network and at least two game consoles are playing a same game title, a method comprising:
-
forming an initial packet that contains first data used to derive a cryptographic key;
computing a first hash digest of the initial packet;
sending the initial packet and the first hash digest to another game console on the local area network that is playing the same game title;
receiving a reply packet from the other game console, the reply packet including a second hash digest and second data;
authenticating the reply packet using the second hash digest; and
deriving one or more security association keys from the first and second data, the security association keys being used to secure communication between the multiple consoles. - View Dependent Claims (26)
-
-
27. In a networked gaming environment where multiple game consoles are connected via a local area network, a method comprising:
-
retrieving a console-based key from a first game console and a title-based key associated with a game title running on the first game console;
deriving at least one cryptographic key from the console-based key and the title-based key;
creating, at a first console, a request to join in playing the game title being hosted by a second game console on the local area network;
cryptographically encoding the request using the cryptographic key;
broadcasting the request over the local area network;
cryptographically decoding the request, at the second game console, using the cryptographic key;
generating, at the second game console, a reply that contains at least one session key;
cryptographically encoding the reply using the cryptographic key;
broadcasting the reply over the local area network;
cryptographically decoding the reply, at the first game console, using the cryptographic key;
exchanging packets between the first and second game consoles, the packets being protected using the session key and containing data used to derive at least one security association key; and
establishing a secure communication link between the first and second game consoles using the security association keys to facilitate secure multi-console play of the game title. - View Dependent Claims (28, 29, 30, 31, 32)
-
-
33. In a networked gaming environment where multiple game consoles are connected via a local area network, a method comprising:
-
retrieving a console-based key from a first game console and a title-based key associated with a game title running on the first game console;
deriving at least one cryptographic key from the console-based key and the title-based key;
creating a request to join in playing the game title being hosted by another game console on the local area network;
encoding the request using the cryptographic key;
broadcasting the request over the local area network;
receiving a reply from a host game console, the reply containing at least one session key;
exchanging packets with the host game console, the packets being protected using the session key and containing data used to derive at least one security association key; and
establishing a secure communication link with the host game console using the security association key. - View Dependent Claims (34, 35, 37, 38)
-
-
36. In a networked gaming environment where multiple game consoles are connected via a local area network, a method comprising:
-
retrieving a console-based key from a first game console and a title-based key associated with a game title running on the first game console;
deriving at least one cryptographic key from the console-based key and the title-based key;
receiving a request to join in playing the game title from another game console on the local area network;
cryptographically decoding the request using the cryptographic key;
generating a reply that contains at least one session key;
encoding the reply using the cryptographic key;
sending the reply over the local area network;
exchanging packets with the other game console, the packets being protected using the session key and containing data used to derive at least one security association key; and
establishing a secure communication link with the other game console using the security association key.
-
-
39. A computer-readable medium for a game console comprising computer-executable instructions that, when executed, direct the game console to:
-
obtain a first key stored in memory of the game console and a second key associated with a game title running on the game console; and
derive one or more keys from the first and second keys.
-
-
40. A computer-readable medium for a game console comprising computer-executable instructions that, when executed, direct the game console to:
-
encrypt a request to join in playing a game title being hosted by a remote host game console on a local area network;
digitally sign the request;
broadcast the request over the local area network;
listen for at least one broadcast reply from the host game console;
upon receipt of the reply, extract at least one session key from the reply for use in facilitating future communication with the host game console;
form an initial packet that contains first data used to derive a cryptographic key;
compute a first hash digest of the initial packet using the session key;
send the initial packet and the first hash digest to the host game console;
listen for a reply packet from the host game console, the reply packet including a second hash digest and second data;
authenticate the reply packet using the session key and the second hash digest; and
derive at least one security association key from the first and second data, the security association keys being used to secure communication with the host game console.
-
-
41. A computer-readable medium for a game console comprising computer-executable instructions that, when executed, direct the game console to:
-
receive a request from a remote game console on a local area network, the request seeking network play of a game title;
authenticate the request as being generated by an authentic game console running an authentic version of the game title;
decode the request;
determine whether to allow the remote game console to play;
in an event the remote game console is allowed to play, create a reply with containing at least one session key;
encrypt and digitally sign the reply;
send the reply to the remote game console;
receive an initial packet directly from the remote game console, the initial packet containing first data used to derive a cryptographic key;
authenticate the initial packet using the session key;
form a response packet holding second data used to derive a cryptographic key;
send the response packet to the remote game console; and
derive at least one security association key from the first and second data, the security association keys being used to secure communication with the remote game console. - View Dependent Claims (42)
-
-
43. A game console, comprising:
-
a memory to store a first key;
a game title configured to execute on the game console, the game title having an associated second key; and
a processor coupled to the memory, the processor being configured to derive at least one cryptographic keys from the first and second keys. - View Dependent Claims (44, 45, 46, 47)
-
-
48. A game console, comprising:
-
a memory; and
a processor coupled to the memory and configured to generate at least one key that is secret to the game console when running an authentic game title, the processor being further configured to discover, using the key, a host game console on a common local area network that is hosting the game title and to establish a secure communication link with the host game console over the local area network. - View Dependent Claims (49, 50, 51)
-
-
52. A system, comprising:
-
first and second game consoles with network connections to facilitate connection to a local area network, the first and second game consoles running a same game title and being configured to generate identical keys by virtue of running the same game title; and
the first game console being configured to discover the second game console by broadcasting messages over the local area network, the messages being secured by the keys. - View Dependent Claims (53, 54)
-
Specification