EGM AUTHENTICATION MECHANISM USING MULTIPLE KEY PAIRS AT THE BIOS WITH PKI
First Claim
Patent Images
1. A wager based gaming machine comprising:
- a bill validator or cashless credit acceptor;
a mass storage volume;
a microprocessor;
a hardware security module;
a read only basic input output system (“
BIOS”
) chip;
a first public key embedded within the BIOS chip, wherein the first public key is configured to authenticate software in the gaming machine; and
a second public key embedded within the BIOS chip, wherein the second public key is configured to replace the first public key when the first public key expires or when the private key of the first public key is no longer available.
1 Assignment
0 Petitions
Accused Products
Abstract
Executable applications on a gaming machine are verified before they can be executed, for security purposes and to comply with jurisdictional requirements. Unlike in prior systems for authenticating the executable applications, embodiments allow for new executable applications to be provided and verified over time with different private and public key pairs, even after the operating code of the gaming machine is certified by the jurisdiction and deployed in the field.
117 Citations
29 Claims
-
1. A wager based gaming machine comprising:
-
a bill validator or cashless credit acceptor; a mass storage volume; a microprocessor; a hardware security module; a read only basic input output system (“
BIOS”
) chip;a first public key embedded within the BIOS chip, wherein the first public key is configured to authenticate software in the gaming machine; and a second public key embedded within the BIOS chip, wherein the second public key is configured to replace the first public key when the first public key expires or when the private key of the first public key is no longer available. - View Dependent Claims (2, 3)
-
-
4. A wager based gaming machine comprising:
-
a bill validator or cashless credit acceptor; a mass storage volume; a non volatile random access memory; a microprocessor; a read only basic input output system (“
BIOS”
) chip;a public key embedded within the BIOS chip, the public key being that of a code signing certificate authority, the gaming machine configured to verify a signature of the code signing authority and to verify that the code signing authority is authorized by a code signing certificate authority to sign the software.
-
-
5. A wager based gaming machine comprising:
-
a bill validator or cashless credit acceptor; a mass storage volume; a microprocessor; an operating system stored in the mass storage volume a gaming application; a read only basic input output system (“
BIOS”
) chip;BIOS operating instructions stored within the read only BIOS chip; the gaming machine configured by the operating system and the BIOS operating instructions to;
receive a certificate revocation list;authenticate the certificate revocation list; store the authenticated certificate revocation list in the mass storage volume; validate that a public key is certified by a code signing certificate authority; utilize the certificate revocation list in the mass storage volume to ascertain whether the code signing certificate authority has revoked a code signing certificate issued to the code signing authority; and authenticate the gaming application using the validated public key. - View Dependent Claims (6)
-
-
7. A wager based gaming machine comprising:
-
a bill validator or cashless credit acceptor; a mass storage volume; a microprocessor; an operating system stored in the mass storage volume a gaming application; a read only basic input output system (“
BIOS”
) chip;BIOS operating instructions stored within the read only BIOS chip; the gaming machine configured by the operating system and the BIOS operating instructions to; validate that a public key is certified by a code signing certificate authority; validate that a certificate containing the public key and issued by the code signing certificate authority has not been revoked utilizing an online certificate status protocol; and authenticate the gaming application using the validated public key.
-
-
8. A method for providing and verifying gaming software for use in a gaming machine and operating the gaming machine in a casino gaming environment, the method comprising:
-
providing a discrete read only basic input output system (“
BIOS”
) chip within the gaming machine;providing a first executable game within the discrete read only BIOS chip of the gaming machine; providing a microprocessor within the gaming machine; embedding, within the discrete read only BIOS chip, a first key operable to enable execution of the first executable game, said first key being the public key of the provider of the first executable game; embedding, within the discrete read only BIOS chip, a second key, said second key being the public key of certificate authority and not directly associated with a particular executable or provider of a particular executable; and providing a second executable game, within a drive of the gaming machine;
said second executable game signed with the private key of the third public key, the third public key of a code signing authority designated by the certificate authority, the code signing authority not directly associated with a particular executable or provider of a particular executable,wherein the BIOS of the discrete read only BIOS chip is configured to; (1) validate that the third public key, that of the code signing authority, is valid and/or not revoked, (2) utilize the third public key, of the code signing authority, to verify the signature of the second executable game. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
-
16. A method for providing and verifying gaming software for use in a gaming machine and operating the gaming machine in a casino gaming environment, the method comprising:
-
providing a read only BIOS chip within an electronic gaming machine; providing a microprocessor within the electronic gaming machine, the microprocessor configured to execute BIOS instructions of the read only BIOS chip, wherein the BIOS instructions are configured to; check the validity of a public key of a code signing certificate authority; terminate operation of the gaming machine if the public key of the code signing authority is not determined to be valid; check the game code with the public key of the code signing authority if the public key is determined to be valid; check the authenticity of an operating system of the gaming machine; and cause the gaming machine to execute the operating system if the authenticity of the operating system is determined authentic. - View Dependent Claims (17, 18, 19, 20)
-
-
21. A system for providing and verifying gaming software for use in a wager based gaming machine, the system comprising:
-
a certificate authority configured to receive authorization of a gaming machine manufacturer to sign executable code of the gaming application on behalf of the gaming machine manufacturer, the certificate authority configured to delegate authority to sign the executable code to a code signing authority, on behalf of the gaming machine manufacturer, the code signing authority configured to receive authorization from the certificate authority and sign the executable code of the gaming application on behalf of the gaming machine manufacturer; an electronic gaming machine comprising a read only BIOS chip and a public key of a code signing certificate authority embedded within the BIOS chip, wherein the gaming machine is configured to execute BIOS instructions of the read only BIOS chip, the BIOS instructions configured to; check the validity of the public key of the code signing certificate authority; terminate operation of the gaming machine if the public key of the code signing authority is not determined to be valid and trusted; check game code with the public key of the code signing authority if the public key is determined to be valid and trusted; check the authenticity of an operating system of the gaming machine; terminate operation of the gaming machine if the authenticity of the operating system is not determined to be authentic; and cause the gaming machine to execute the operating system if the authenticity of the operating system is determined authentic. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29)
-
Specification