Electronic casino gaming with authentication and improved security

US 6,722,986 B1
Filed: 10/05/2001
Issued: 04/20/2004
Est. Priority Date: 11/26/1998
Status: Expired due to Term

First Claim

Patent Images

1. A programmable controller, including a readable and writable storage means to hold a program during its execution by the programmable controller, and program authentication means comprising digital signature verification means which verifies a digital signature associated with the program and prevents execution of the program if the digital signature is not valid, the digital signature being generated by a method that does not include encryption such that de-encryption is not performed during the digital signature verification.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A gaming machine is described in which all interested parties to a game program to run on the gaming machine, will digitally sign each piece of approved program prior to installation. These signatures are stored with the program on a mass storage device inside the gaming machine. When the machine needs to load a piece of program, or upon an external command after a significant event such as a jackpot payout, it will execute the SHA-1 program code in the EPROM on the program being loaded, and then perform a DSA verification operation using the SHA-1 output as one of the parameters. The DSA verification operation will be repeated for every digital signature stored with the program, and all must be valid, so that it is impossible to execute program code that has not been approved by the manufacturer, the jurisdictional authority and optionally the casino and/or other parties.

244 Citations

78 Claims

1. A programmable controller, including a readable and writable storage means to hold a program during its execution by the programmable controller, and program authentication means comprising digital signature verification means which verifies a digital signature associated with the program and prevents execution of the program if the digital signature is not valid, the digital signature being generated by a method that does not include encryption such that de-encryption is not performed during the digital signature verification.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 32, 33, 34)
- - 2. The controller as claimed in claim 1, wherein a plurality of signatures are applied to the program.
  - 3. The controller as claimed in claim 2, wherein each of the equivalent signatures is identifiable as being associated with a person or entity responsible for issuing or authorizing the program.
  - 4. The controller as claimed in claim 1, wherein the signature verification means stores one or more public signature keys in secure storage and uses a public signature key from the secure storage to verify the digital signature associated with the program.
  - 5. The controller as claimed in claim 4, wherein the signature verification means includes signature revocation means for removing public signature keys from a set of valid keys as a method of revoking signature keys.
  - 6. The controller as claimed in claim 5, wherein the signature revocation means is activated by a password such that when the password is entered it allows a particular public signature stored in the verification means to be changed or deleted.
  - 7. The controller as claimed in claim 5, wherein a digital revocation certificate can be used, which must be validated by the validation means before it causes a public signature key to be revoked.
  - 8. The controller as claimed in claim 5, wherein revocation is time based, whereby the machine stores a set of public signature keys, which are valid for a fixed period of time, after which they are automatically revoked.
  - 9. The controller as claimed in claim 8, wherein the fixed period before automatic revocation is a period of 10 years.
  - 10. The controller as claimed in claim 8, wherein identification of a current active public signature is based upon comparison of a time stamp embedded in the signature with a time and date obtained from a current time value from a system clock.
  - 11. The controller as claimed in claim 4, wherein a plurality of equivalent signatures are provided in the secure storage, such that any one of the equivalent signatures can be used as part of the verification authorization.
  - 12. The controller as claimed in claim 11, wherein each of the equivalent signatures is identifiable as being associated with a person or entity responsible for issuing or authorizing the program.
  - 13. The controller as claimed in claim 1, wherein the programmable controller is used to control the operation of a game played on an electronic gaming machine and the program with which the digital signature is associated is a game program or a component of a game program.
  - 14. The electronic gaming machine as claimed in claim 13, wherein the digital signature is applied to the program by or on behalf of a manufacturer of the electronic gaming machine.
  - 15. The controller as claimed in claim 13, wherein the digital signature is applied to the program by or on behalf of a jurisdictional authority that has jurisdiction to authorize use of the game in a location in which the game is installed.
  - 16. The controller as claimed in claim 13, wherein the digital signature is applied to the program by or on behalf of a casino in which the electronic gaming machine is installed.
  - 17. The controller as claimed in claim 1, wherein the signature verification means stores one or more public signature keys in secure storage and uses a public signature key from the secure storage to verify the digital signature associated with the program.
  - 18. The controller as claimed in claim 17, wherein the signature verification means includes signature revocation means for removing public signature keys from a set of valid keys as a method of revoking signature keys.
  - 19. The controller as claimed in claim 18, wherein the signature revocation means is activated by a password such that when the password is entered it allows a particular public signature stored in the verification means to be changed or deleted.
  - 20. The controller as claimed in claim 18, wherein a digital revocation certificate can be used, which must be validated by the validation means before it causes a public signature key to be revoked.
  - 21. The controller as claimed in claim 18, wherein revocation is time based, whereby the machine stores a set of public signature keys, which are valid for a fixed period of time, after which they are automatically revoked.
  - 22. The controller as claimed in claim 21, wherein the fixed period before automatic revocation is a period of 10 years.
  - 23. The controller as claimed in claim 21, wherein identification of a current active public signature is based upon comparison of a time stamp embedded in the signature with a time and date obtained from a current time value from a system clock.
  - 24. The controller as claimed in claim 17, wherein a plurality of equivalent signatures are provided in the secure storage, such that any one of the equivalent signatures can be used as part of the verification authorization.
  - 25. The controller as claimed in any one of claim 1, wherein the verification program records versions of a program that have been verified and will not re-verify versions earlier than the latest version that it has already verified.
  - 26. The controller as claimed in claim 25, wherein the record of verified program versions is stored in a secure log and entries in the record are unforgable and unalterable after being written.
  - 27. The controller as claimed in claim 26, wherein a record of digital signature key updates is kept in the secure log.
  - 28. The controller as claimed in claim 26, wherein the secure log is recorded in a tamper proof device.
  - 29. The controller as claimed in claim 28, wherein the tamper proof device is a smartcard or contains a smartcard chip.
  - 32. The controller as claimed in claim 2, wherein one of the digital signatures is applied to the program by or on behalf of a manufacturer of the electronic gaming machine.
  - 33. The controller as claimed in claim 2, wherein one of the digital signatures is applied to the program by or on behalf of a jurisdictional authority that has jurisdiction to authorize use of the game in a location in which the game is installed.
  - 34. The controller as claimed in claim 2, wherein one of the digital signatures is applied to the program by or on behalf of a casino in which the electronic gaming machine is installed.

30. A programmable controller, including a readable and writable storage means to hold a program during its execution by the programmable controller, and program authentication means comprising digital signature verification means which verifies each of a plurality of digital signatures associated with the program and prevents execution of the program if any one of the digital signatures is not valid.
- View Dependent Claims (31, 35, 36, 37, 38, 39)
- - 31. The controller as claimed in claim 30, wherein the programmable controller is used to control the operation of a game played on an electronic gaming machine and the program with which the digital signature is associated is a game program or a component of a game program.
  - 35. The controller as claimed in any one of claim 30, wherein the verification program records versions of a program that have been verified and will not re-verify versions earlier than the latest version that it has already verified.
  - 36. The controller as claimed in claim 35, wherein the record of verified program versions is stored in a secure log and entries in the record are unforgable and unalterable after being written.
  - 37. The controller as claimed in claim 36, wherein a record of digital signature key updates is kept in the secure log.
  - 38. The controller as claimed in claim 36, wherein the secure log is recorded in a tamper proof device.
  - 39. The controller as claimed in claim 38, wherein the tamper proof device is a smartcard or contains a smartcard chip.

40. A method of verifying a program or a program component for a programmable controller, including a readable and writable storage means to hold a program during its execution by the programmable controller, and program authentication means comprising digital signature verification means which verifies a digital signature associated with the program, the digital signature being generated by a method that does not include encryption and the method including a step of verifying the digital signature against a key, in which de-encryption is not performed during the digital signature verification, and preventing execution of the program if the digital signature is not valid.
- View Dependent Claims (41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59)
- - 41. The method as claimed in claim 40, a plurality of signatures are applied to the program.
  - 42. The method as claimed in claims 40, wherein the programmable controller is used to control the operation of a game played on an electronic gaming machine and the program with which the digital signature is associated is a game program or a component of a game program.
  - 43. The method as claimed in claim 42, wherein one of the digital signatures is applied to the program by or on behalf of a manufacturer of the electronic gaming machine.
  - 44. The method as claimed in claim 42, by or on behalf of a jurisdictional authority that has jurisdiction to authorize use of the game in a location in which the game is installed.
  - 45. The method as claimed in claim 42, wherein one of the digital signatures is applied to the program by or on behalf of a casino in which the electronic gaming machine is installed.
  - 46. The method as claimed in claim 40, wherein the signature verification means stores one or more public signature keys in secure storage and uses a public signature key from the secure storage to verify the digital signature associated with the program.
  - 47. The method as claimed in claim 46, wherein the signature verification means includes signature revocation means for removing public signature keys from a set of valid keys as a method of revoking signature keys.
  - 48. The method as claimed in claim 47, wherein the signature revocation means is activated by a password such that when the password is entered it allows a particular public signature stored in the verification means to be changed or deleted.
  - 49. The method as claimed in claim 47, wherein a digital revocation certificate can be used, which must be validated by the validation means before it causes a public signature key to be revoked.
  - 50. The method as claimed in claim 47, wherein revocation is time based, whereby the machine stores a set of public signature keys, which are valid for a fixed period of time, after which they are automatically revoked.
  - 51. The method as claimed in claim 50, wherein the fixed period before automatic revocation is a period of 10 years.
  - 52. The method as claimed in claim 50, wherein identification of a current active public signature is based upon comparison of a time stamp embedded in the signature with a time and date obtained from a current time value from a system clock.
  - 53. The method as claimed in any one of claims 46;
    - wherein a plurality of equivalent signatures are provided in the secure storage, such that any one of the equivalent signatures can be used as part of the verification.
  - 54. The method as claimed in claim 53, wherein each of the equivalent signatures is identifiable as being associated with a person or entity responsible for issuing or authorizing the program.
  - 55. The method as claimed in any one of claims 40, wherein the verification program records versions of a program that have been verified and will not re-verify versions earlier than the latest version that it has already verified.
  - 56. The method as claimed in claim 55, wherein the record of verified program versions is stored in a secure log and entries in the record are unforgable and unalterable after being written.
  - 57. The method as claimed in claim 56, wherein a record of digital signature key updates is kept in the secure log.
  - 58. The method as claimed in claim 57, wherein the tamper proof device is a smartcard or contains a smartcard chip.
  - 59. The method as claimed in claim 56, wherein the secure log is recorded in a tamper proof device.

60. A method of verifying a program or a program component for a programmable controller, including a readable and writable storage means to hold a program during its execution by the programmable controller, and program authentication means comprising digital signature verification means which verifies each of a plurality of digital signatures associated with the program, and the method including steps of verifying each of the digital signatures against a respective key, and preventing execution of the program if any one of the digital signatures is not valid.
- View Dependent Claims (61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78)
- - 61. The method as claimed in claim 60, wherein the programmable controller is used to control the operation of a game played on an electronic gaming machine and the program with which the digital signature is associated is a game program or a component of a game program.
  - 62. The method as claimed in claim 61, wherein one of the digital signatures is applied to the program by or on behalf of a manufacturer of the electronic gaming machine.
  - 63. The method as claimed in claim 61, wherein one of the digital signatures is applied to the program by or on behalf of a jurisdictional authority that has jurisdiction to authorize use of the game in a location in which the game is installed.
  - 64. The method as claimed in claim 61, wherein one of the digital signatures is applied to the program by or on behalf of a casino in which the electronic gaming machine is installed.
  - 65. The method as claimed in claim 61, wherein the signature verification means stores one or more public signature keys in secure storage and uses a public signature key from the secure storage to verify the digital signature associated with the program.
  - 66. The method as claimed in claim 65, wherein the signature verification means includes signature revocation means for removing public signature keys from a set of valid keys as a method of revoking signature keys.
  - 67. The method as claimed in claim 66, wherein the signature revocation means is activated by a password such that when the password is entered it allows a particular public signature stored in the verification means to be changed or deleted.
  - 68. The method as claimed in claim 66, wherein a digital revocation certificate can be used, which must be validated by the validation means before it causes a public signature key to be revoked.
  - 69. The method as claimed in claim 66, wherein revocation is time based, whereby the machine stores a set of public signature keys, which are valid for a fixed period of time, after which they are automatically revoked.
  - 70. The method as claimed in claim 69, wherein the fixed period before automatic revocation is a period of 10 years.
  - 71. The method as claimed in claim 69, wherein identification of a current active public signature is based upon comparison of a time stamp embedded in the signature with a time and date obtained from a current time value from a system clock.
  - 72. The method as claimed in any one of claims 65, wherein a plurality of equivalent signatures are provided in the secure storage, such that any one of the equivalent signatures can be used as part of the verification.
  - 73. The method as claimed in claim 72, wherein each of the equivalent signatures is identifiable as being associated with a person or entity responsible for issuing or authorizing the program.
  - 74. The method as claimed in any one of claims 60, wherein the verification program records versions of a program that have been verified and will not re-verify versions earlier than the latest version that it has already verified.
  - 75. The method as claimed in claim 74, wherein the record of verified program versions is stored in a secure log and entries in the record are unforgable and unalterable after being written.
  - 76. The method as claimed in claim 75, wherein a record of digital signature key updates is kept in the secure log.
  - 77. The method as claimed in claim 75, wherein the secure log is recorded in a tamper proof device.
  - 78. The method as claimed in claim 77, wherein the tamper proof device is a smartcard or contains a smartcard chip.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Aristocrat Technologies Australia PTY Limited (Aristocrat Leisure Limited)
Original Assignee
Aristocrat Technologies Australia PTY Limited (Aristocrat Leisure Limited)
Inventors
Muir, Robert Linley, Lyons, Martin
Primary Examiner(s)
Walberg, Teresa
Assistant Examiner(s)
CHERUBIN, YVESTE GILBERTE

Application Number

US09/857,040
Time in Patent Office

928 Days
Field of Search

463/29, 713/184, 713/169, 713/170, 713/171, 713/193, 713/194, 713/182, 713/177, 713/176, 713/168, 713/161, 713/200
US Class Current

463/29
CPC Class Codes

G06F 21/51   at application loading time...

G06F 2211/008   Public Key, Asymmetric Key,...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2109   Game systems

G06F 2221/2149   Restricted operating enviro...

G07F 17/32   for games, toys, sports, or...

G07F 17/3241   Security aspects of a gamin...

Electronic casino gaming with authentication and improved security

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

244 Citations

78 Claims

Specification

Solutions

Use Cases

Quick Links

Electronic casino gaming with authentication and improved security

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

244 Citations

78 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links