`Alcorn et al.
`
`US005643086A
`Patent Number:
`11
`45 Date of Patent:
`
`5,643,086
`Jul. 1, 1997
`
`54 ELECTRONIC CASENO GAMING
`APPARATUS WITH IMPROVED PLAY
`CAPACITY, AUTHENTICATION AND
`SECURITY
`
`(75) Inventors: Allan E. Alcorn, Portola Valley;
`Michael Barnett, Santa Clara; Louis D.
`Giacalone, Jr., Palo Alto; Adam E.
`Levinthal, Redwood City, all of Calif.
`(73) Assignee: Silicon Gaming, Inc., Palo Alto, Calif.
`
`(21) Appl. No.: 497,662
`22 Filed:
`Jun. 29, 1995
`(51) Int. Cl. ... A63F 9/24
`52 U.S. Cl. ................................ 463/29: 463/16; 463/44;
`463/40; 380/25
`58 Field of Search ............................... 380/24, 4, 9, 23,
`380/30, 49, 50, 59: 463/29, 16, 40, 41,
`42, 44
`
`56
`
`References Cited
`U.S. PATENT DOCUMENTS
`4,218,582 8/1980 Hellman et al. .......................... 386/25
`4,752,068 6/1988 Endo ......................................... 463/29
`4,759,064 7/1988 Chaum ...............
`... 463/30
`4,865,321
`9/1989 Yakagawa et al. ....................... 463/29
`5,004,232 4/1991 Wang et al. ............................. 463/29
`5,326,104 7/1994 Pease et al.
`463/29
`5,489,095 2/1996 Goudard et al. .......................... 463/29
`Primary Examiner-Jessica Harrison
`
`Assistant Examiner Michael O'Neill
`Attorney, Agent, or Firm-Claude A. S. Hamrick
`57
`ABSTRACT
`An electronic casino gaming system includes an unalterable
`ROM for storing a casino game authentication program,
`including a message digest algorithm program, a decryption
`program and a decryption key. A casino game data set
`containing casino game rules and image data is stored in a
`mass storage device, such as a local disk memory or a
`remote network file server, along with the signature of the
`casino game data set. The signature is an encrypted version
`of the message digest of the casino game data set, prepared
`using a hash function. Prior to permitting game play by a
`player, the casino game data set is transferred from the mass
`storage device to main memory and during this process the
`message digest is computed from the image data using a
`hash function stored in the ROM. The encrypted version of
`the message digest transferred from the mass storage device
`is decrypted using the decryption program and decryption
`key stored in the unalterable ROM. The two message digests
`are then compared for a match: if a match exists, game play
`is permitted; if a match does not exist, game play is
`prohibited. The authentication procedure is also used to
`check all casino game software, both programs and fixed
`data sets, stored in any memory devices distributed through
`out the system, such as the system bootROM, NVRAM and
`all sub-system memory devices. The authentication proce
`dure is run whenever a particular program or fixed data set
`is scheduled for use by the system, and also at periodic
`intervals and on demand.
`
`19 Claims, 2 Drawing Sheets
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`36
`
`LOADABLE
`DATASET
`
`HASH
`FUNCTION
`
`
`
`MESSAGE
`DIGEST
`
`
`
`ENCRYPTION
`PROGRAM
`
`SIGNATURE
`
`STORE
`IN MASS
`STORAGE
`UNIT
`
`
`
`
`
`
`
`PRIVATE
`KEY
`
`
`
`
`
`
`
`
`
`
`
`IPR2020-01218
`Sony EX1010 Page 1
`
`
`
`U.S. Patent
`
`Jul. 1, 1997
`
`Sheet 1 of 2
`
`5,643,086
`
`18
`
`7
`
`25
`
`23
`
`STORAGE
`
`19
`
`DISK
`
`2
`NETWORKENG
`SUBSYSTEM
`
`20
`
`13
`
`MAN
`MEMORY
`
`SOUND
`SUBSYSTEM
`
`24
`
`28
`
`14
`
`SSM
`ROM
`
`22
`
`VDEO
`
`27
`
`BRIDGE
`
`12
`
`MCROPROCESSOR
`
`TO f FROM
`NETWORK
`
`Fi
`
`1
`
`MASS
`ROM 30
`STORAGE
`CONTENTS 36 CONTENTS
`OPERATING
`LOADABLE
`SYSTEM
`DATASET
`PROGRAM
`(APPLICATION
`syster
`PROGRAMS)
`DRIVERS
`SIGNATURES
`SIGNATURES
`EXECUTIVE
`LOADER
`PROGRAMS
`(PART2)
`
`a
`
`
`
`ROM 29
`CONTENTS
`SYSTEM
`NT
`CODE
`AUEENSION
`PROGRAM
`RANDOM
`NUMBER
`GENERATOR
`PROGRAM
`
`LOADER
`PROGRAM
`(PART 1)
`
`Fig. 2
`
`ROM 29
`AUTHENTICATION
`PROGRAM
`MESSAGE .
`DIGEST
`| PROGRAM
`DESN
`- PROGRAM
`DECRYPTION
`KEY
`
`32
`
`34
`
`Fig 3
`
`IPR2020-01218
`Sony EX1010 Page 2
`
`
`
`U.S. Patent
`
`Jul. 1, 1997
`
`Sheet 2 of 2
`
`5,643,086
`
`
`
`
`
`36
`
`
`
`
`
`LOADABLE
`DATASET
`
`HASH
`FUNCTION
`
`M5SAGE
`
`STORE
`IN MASS
`STORAGE
`UNIT
`
`
`
`
`
`PRIVATE
`KEY
`
`ENCRYPTION
`PROGRAM
`
`Fig. 4
`
`
`
`37
`
`SIGNATURE
`
`
`
`36
`
`4.
`
`LOADABLE
`DATASE
`
`SIGNATURE
`
`HASH
`FUNCTION
`
`DECRYPTION
`PROGRAM
`
`
`
`DECRYPTION
`KEY
`
`
`
`
`
`
`
`46
`COMPUTED
`MESSAGE
`DIGEST
`
`DECRYPTED
`MESSAGE
`DIGEST
`
`MATCH
`COMPARE (PERMIT GAME PLAY)
`NO MATCH
`(PROHIBIT GAME PLAY
`
`a
`
`Fig. 5
`
`IPR2020-01218
`Sony EX1010 Page 3
`
`
`
`5,643,086
`
`1.
`ELECTRONIC CASNO GAMING
`APPARATUS WITH IMPROVED PLAY
`CAPACITY, AUTHENTICATION AND
`SECURITY
`
`2
`tems is severely limited. For sophisticated games using
`motion video and audio multi-media elements, much more
`memory capacity, on the order of hundreds of megabytes, is
`necessary. However, physical verification of such a large
`quantity of physical devices is not practical, and has thus far
`been an impediment to creating sophisticated games with
`more player appeal. Second, the authentication checkis only
`conducted on a limited basis (usually after a jackpot) or
`other significant winning game outcome, and the authenti
`cation procedure requires that game play be halted until the
`ROM contents have been found to be authentic.
`SUMMARY OF THE INVENTION
`The invention comprises an electronic casino gaming
`system which greatly expands casino game play capability
`and enhances security and authentication capabilities. More
`particularly, the invention comprises an electronic casino
`gaming system and method having greatly expanded mass
`storage capability for storing a multiplicity of high
`resolution, high sound quality casino type games, and pro
`vides enhanced authentication of the stored game program
`information with a high security factor.
`According to a first aspect of the invention, authentication
`of a casino game data set is carried out within the casino
`game console using an authentication program stored in an
`unalterable ROM physically located within the casino game
`console. The casino game data set and a unique signature are
`stored in a mass storage device, which may comprise a read
`only unit or a read/write unit and which may be physically
`located either within the casino game console or remotely
`located and linked to the casino game console over a suitable
`network. The authentication program stored in the unalter
`able ROM performs an authentication check on the casino
`game data set at appropriate times, such as prior to com
`mencement of game play, at periodic intervals or upon
`demand. At appropriate occasions, the contents of the unal
`terable ROM can be verified by computing the message
`digest of the unalterable ROM contents and comparing this
`computed message digest with a securely stored copy of the
`message digest computed from the ROM contents prior to
`installation in the casino game console.
`From a process standpoint, this aspect of the invention
`comprises a method of authenticating a data set of a casino
`style game which consists of two phases: a game data set
`preparation phase and a game data set checking phase. In the
`game data set preparation phase, the method proceeds by
`providing a data set for a casino game, computing a first
`abbreviated bit string unique to the casino game data set,
`encrypting the first abbreviated bit string to provide an
`encrypted signature of the casino game data set, and storing
`the casino game data set and the signature in a mass storage
`device. The first abbreviated bit string is preferably com
`puted using a hash function to produce a message digest of
`the casino game data set. The signature is then encrypted
`from the message digest. After storage of the game data set
`and unique signature, this information is installed in a casino
`game console. The casino game data set checking phase
`proceeds by computing a second abbreviated bit string from
`the stored casino game data set using the same hash
`function, decrypting the stored encrypted signature to
`recover the first abbreviated bit string, and comparing the
`first and second abbreviated bit strings to determine whether
`the two strings match. If a match does occur, the casino
`game data set is deemed authentic; if there is no match,
`authentication is denied and game play is prohibited.
`The encryption/decryption process is preferably per
`formed using a private key/public key technique in which
`
`15
`
`20
`
`25
`
`BACKGROUND OF THE INVENTION
`This invention relates to microprocessor based gaming
`systems used in gambling casinos.
`Microprocessor based gaming systems are known which
`are used in gambling casinos to augment the traditional slot
`machine games (e.g. three reel single or multi-line games)
`and card games, such as poker and blackjack. In a typical
`gaming system of this type, a microprocessor based system
`includes both hardware and software components to provide
`the game playing capabilities. The hardware components
`include a video display for displaying the game play,
`mechanical switches for enabling player selection of addi
`tional cards or game play choices, coin acceptors and
`detectors and the electronic components usually found in a
`microprocessor based system, such as random access
`memory (RAM), read only memory (ROM), a processor and
`one or more busses. The software components include the
`initialization software, credit and payout routines, the game
`image and rules data set, and a random number generator
`algorithm. In order to be acceptable for casino use, an
`electronic gaming system must provide both security and
`authentication for the software components. For this reason,
`gaming commissions have heretofore required that all soft
`ware components of an electronic gaming system be stored
`30
`in unalterable memory, which is typically an unalterable
`ROM. In addition, a copy of the contents of the ROM or a
`message digest of the contents (or both) are normally kept on
`file in a secure location designated by the gaming commis
`sion so that the contents of an individual ROM removed
`from a gaming machine can be verified against the custodial
`version.
`In a typical arrangement, a message digest of the ROM
`contents is initially generated prior to the installation of the
`ROM in the machine by using a known algorithm usually
`40
`referred to as a hash function. A hash function is a compu
`tation procedure that produces a fixed-size string of bits
`from a variable-size digital input. The fixed-sized string of
`bits is termed the hash value. If the hash function is difficult
`to invert-termed a one-way hash function-the hash func
`45
`tion is also termed a message digest function, and the result
`is termed the message digest. The message digest is unique
`to any given variable size input data set, i.e., the game data
`set stored in the ROM. When it becomes necessary to later
`authenticate the ROM from any given machine, the ROM is
`physically removed from the game console and the message
`digest of the ROM contents is computed directly from the
`ROM using the original hash function. The computed mes
`Sage digestis compared with the message digest on file at the
`designated custodial location (typically in the casino itself).
`This procedure is typically carried out whenever a machine
`produces a payoff beyond a given threshold value. If the two
`message digests match, then the contents of the ROM are
`considered to be authenticated (verified) and the payout is
`made to the player.
`While such electronic casino gaming systems have been
`found to be useful in promoting casino game play, the
`restriction requiring that the casino game program be stored
`in unalterable ROM memory, leads to a number of disad
`vantageous limitations. First, due to the limited capacity of
`the ROM storage media traditionally used to hold the
`program, the scope of game play available with such sys
`
`35
`
`50
`
`55
`
`65
`
`IPR2020-01218
`Sony EX1010 Page 4
`
`
`
`5,643,086
`
`O
`
`5
`
`20
`
`25
`
`35
`
`40
`
`3
`the first abbreviated bit string is encrypted by the game
`manufacturer using a private encryption key maintained in
`the custody of the game manufacturer. The decryption of the
`signature is performed using a public key which is contained
`in an unalterable read only memory element located in the
`game console, along with the casino game data set. The
`casino game data set is preferably stored in a mass storage
`device, such as a magnetic or CD-ROM disk drive unit or a
`network file unit, the selected unit having a relatively large
`capacity. The actual size of the mass storage device will
`depend upon the casino game storage requirements and can
`be tailored to any specific application.
`Each time a casino game data set is transferred from the
`mass storage device to the main memory of the system, the
`authentication routine is run. The authentication routine can
`also be run automatically on a periodic basis, or on
`demand-either locally by means of an operator Switch
`mounted in the game console or remotely via a network.
`Consequently, the authenticity of the data set can be auto
`matically checked whenever the transfer occurs and at other
`appropriate times.
`In order to detect attempts to tamper with the contents of
`the unalterable read only memory element located in the
`game console, a message digest computed for the authenti
`cation program stored therein is stored in a secure manner in
`a different location from the game console, such as the
`casino operator's security facilities or the facilities of a
`gaming commission (or both). The authenticity of the unal
`terable read only memory element is checked in the same
`way as that now performed in prior art devices: viz. com
`30
`puting the message digest directly from the unalterable read
`only memory device, and comparing the message digest thus
`computed with the custodial version.
`From an apparatus standpoint, the first aspect of the
`invention comprises an electronic casino gaming System for
`providing authentication of a game data set of a casino type
`game prior to permitting game play, the System including
`first means for storing a casino game data set and a signature
`of the casino game data set, the signature comprising an
`encrypted version of a unique first abbreviated bit string
`computed from the casino game data set; second means for
`storing an authentication program capable of computing a
`second abbreviated bit string from the casino game data set
`stored in the first storing means and capable of decrypting
`the encrypted signature stored in the first storing means to
`recover the first abbreviated bit string; processing means for
`enabling the authentication program to compute an abbre
`viated bit string from the casino game data set stored in the
`first storing means and for enabling the authentication
`program to decrypt the encrypted signature; and means for
`comparing the computed second abbreviated bit string with
`the decrypted abbreviated bit string to determine whether a
`match is present. The first storing means preferably com
`prises a mass storage device, such as a disk drive unit, a
`CD-ROM unit or a network storage unit. The second storing
`means preferably comprises an unalterable read only
`memory in which the authentication program is stored.
`According to a second aspect of the invention, the authen
`tication program stored in the unalterable ROM located
`within the casino game console is used to test the authen
`ticity of all other programs and fixed data stored in memory
`devices in the electronic casino gaming system, such as a
`system boot ROM, memory devices containing the operat
`ing system program, system drivers and executive/loader
`programs, and other memory devices incorporated into the
`electronic casino game system architecture. The contents of
`each such memory device, whether program information or
`
`45
`
`50
`
`55
`
`65
`
`4
`fixed data, include signatures encrypted from message
`digests computed using a hash function from the original
`program information or fixed data set. Upon system
`initialization, the authentication program in the unalterable
`ROM is used to authenticate the individual memory device
`contents in essentially the same fashion as that used to
`authenticate the casino game data sets. More specifically, the
`message digest for the given program or fixed data set is
`computed using the same hash function originally used to
`produce the message digest for that program or fixed data
`set. The encrypted signature is decrypted using the proper
`decryption program and decryption key to recover the
`message digest. The two versions of the message digest are
`then compared and, if found to be matching, the concerned
`program or fixed data set is deemed authentic and is per
`mitted to be used by the system. Once all of the concerned
`programs and fixed data sets have been so authenticated, the
`casino game data set authentication procedure is run, after
`which game play is permitted (provided a match occurs).
`From a process standpoint, this second aspect of the
`invention comprises a method of authenticating a program
`or data set of a casino style game which consists of two
`phases: a program or fixed data set preparation phase, and a
`program or fixed data set checking phase. In the program or
`fixed data set preparation phase, the method proceeds by
`providing a program or fixed data set for a casino game,
`computing a first abbreviated bit string unique to the pro
`gram or fixed data set, encrypting the first abbreviated bit
`string to provide an encrypted signature of the program or
`fixed data set, and storing the program or fixed data set and
`the signature in a memory device. The first abbreviated bit
`string is preferably computed using a hash function to
`produce a message digest of the program or fixed data set.
`The signature is then encrypted from the message digest.
`After storage of the program or fixed data set and unique
`signature in the memory device, the memory device is
`installed in a casino game console. The casino game pro
`gram or fixed data set checking phase proceeds by comput
`ing a second abbreviated bit string from the stored casino
`game program or fixed data set stored in the memory device
`using the same hash function, decrypting the encrypted
`signature stored in the memory device to recover the first
`abbreviated bit string, and comparing the first and second
`abbreviated bit strings to determine whether the two strings
`match. If a match does occur, the casino game program or
`fixed data set is deemed authentic; if there is no match,
`authentication is denied and use of that casino game pro
`gram or fixed data set is prohibited.
`The authentication routine is run each time a given casino
`game program or fixed data set needs to be called or used.
`The authentication routine can also be run automatically on
`a periodic basis, or on demand-either locally by means of
`an operator switch mounted in the casino game console or
`remotely via a network. Consequently, the authenticity of
`the casino game program or fixed data set can be automati
`cally checked whenever use of that program or fixed data set
`is required and at other appropriate times, such as in the
`course of a gaming commission audit.
`From an apparatus standpoint, this second aspect of the
`invention comprises an electronic casino gaming system for
`providing authentication of a casino game program or fixed
`data set prior to permitting system use of that casino game
`program or fixed data set, the system including first means
`for storing a casino game program or fixed data set and a
`signature of the casino game program or fixed data set, the
`signature comprising an encrypted version of a unique first
`abbreviated bit string computed from the casino game
`
`IPR2020-01218
`Sony EX1010 Page 5
`
`
`
`S
`program or fixed data set; second means for storing an
`authentication program capable of computing a second
`abbreviated bit string from the casino game program or fixed
`data set stored in the first storing means and capable of
`decrypting the encrypted signature stored in the first storing
`means to recover the first abbreviated bit string; processing
`means for enabling the authentication program to compute
`an abbreviated bit string from the casino game program or
`fixed data set stored in the first storing means and for
`enabling the authentication program to decrypt the
`encrypted signature; and means for comparing the computed
`second abbreviated bit string with the decrypted abbreviated
`bit string to determine whether a match is present. The first
`storing means preferably comprises a memory device, such
`as a read only memory or random access memory. The
`second storing means preferably comprises an unalterable
`read only memory in which the authentication program is
`stored.
`Electronic casino game systems incorporating the inven
`tion provide a vastly expanded capacity for more sophisti
`cated and attractive casino-style games, while at the same
`time improving the authentication of the games without
`compromising security. In addition, casino game systems
`incorporating the invention provide great flexibility in
`changing casino game play, since the casino game data sets
`representing the various games can be stored in alterable
`media rather than read only memory units as with present
`casino game systems.
`By separating the authentication process from the casino
`game data set storage, the invention affords secure distribu
`tion and execution of program code and data, regardless of
`the particular distribution or storage technique employed.
`More specifically, the invention allows the casino game data
`set to reside in any form of secondary storage media, such
`as the traditional ROM storage, hard magnetic disk drives
`and CD-ROM drives, or networked file systems. So long as
`the authentication procedure conducted on the game data set
`is performed using the authentication program stored in an
`unalterable ROM, and so long as that ROM can be verified
`reliably, any casino game data set can be loaded from any
`source and can be verified by the system at any time: either
`prior to use, during runtime, periodically during runtime or
`upon demand. The large quantities of storage that can be
`made available in a secure fashion using the invention,
`facilitates the creation of casino gaming systems offering
`both an increased diversity of games, and individual games
`of Superior quality. In addition, the authentication of all
`casino game program and fixed data software ensures the
`integrity of all system software both prior to game play and
`thereafter at periodic or random intervals.
`For a fuller understanding of the nature and advantages of
`the invention, reference should be had to the ensuing
`detailed description taken in conjunction with the accom
`panying drawings.
`BRIEF DESCRIPTION OF THE DRAWINGS
`FIG. 1 is a block diagram of a system incorporating the
`invention;
`FIG. 2 is a schematic diagram illustrating the contents of
`the read only memory and the mass storage device;
`FIG. 3 is a more detailed schematic view of the authen
`tication program stored in the ROM and the game data
`stored in the mass storage unit;
`FIG. 4 is a diagram illustrating the preparation of the
`signature of the game data set; and
`FIG. 5 is a diagram illustrating the authentication proce
`dure for the game data set.
`
`45
`
`50
`
`55
`
`65
`
`5,643,086
`
`5
`
`10
`
`15
`
`25
`
`30
`
`35
`
`6
`DETALED DESCRIPTION OF THE
`PREFERRED EMBODIMENTS
`Turning now to the drawings, FIG. 1 is a block diagram
`of an electronic casino gaming system incorporating the
`invention. As seen in this figure, the system consists of
`several system components under software control. These
`system components include a microprocessor 12, which may
`comprise any general purpose microprocessor, such as a
`PowerPC 603 or 604 processor available from Motorola,
`Inc., or a Pentium-based microprocessor from Intel Corpo
`ration. A main memory unit 13 is provided, which is
`typically a random access memory having a capacity of
`between 8 and 16 megabytes for storing the majority of
`programs and graphics elements during game play. A system
`boot ROM 14 provides the initialization software required
`when power is first applied to the system. ROM 14 contains
`additional programs in read only form, including the oper
`ating system, related drivers and the authentication software
`described in detail below. A non-volatile RAM 17 is a
`battery backed static RAM capable of maintaining its con
`tents through power cycling. NVRAM 17 stores significant
`information relating to game play, such as the number of
`player credits, the last game outcome and certain diagnostic
`and error information not critical to an understanding of the
`invention.
`A mass storage unit implemented in the FIG. 1 system as
`a magnetic hard disk drive unit 18 is coupled to and
`controlled by a disk subsystem 19 of conventional design
`and operation. Disk drive unit 18 provides storage for the
`game specific data set, which includes both program data
`and image data specifying the rules of the various different
`casino games or single casino game variations, and the types
`of images and image sequences to be displayed to the game
`players. The size of the disk drive unit 18 is a function of the
`number of games and game variations provided for a given
`system, as well as the amount of data required for each
`specific game. In general, the more motion video designed
`into a particular casino game, the more storage required for
`that casino game software. A disk drive unit 18 with a 1
`gigabyte capacity will usually provide sufficient storage
`capacity. Disk subsystem 19 comprises a disk controller
`connected to a PCIbus 20 for controlling the disk drive unit
`18. Controller 19 preferably supports SCSI-2, with options
`of fast and wide. It should be noted that a number of different
`types of locally-based disk drive units may be used in the
`FIG. 1 system, including a CD-ROM storage unit. Also, the
`mass storage unit need not be physically located within the
`game console along with the other elements depicted in FIG.
`1: the mass storage unit may be located remotely from the
`game console and coupled thereto by means of an appro
`priate network, such as an ethernet, an RS232 link, or some
`other network link. This latter alternate arrangement is
`indicated by the inclusion of a network subsystem 21 of
`appropriate configuration and functional characteristics,
`which may have ethernet, RS232 serial, or other network
`compatibility.
`A video subsystem 22 is coupled to the PCI bus an
`provides the capability of displaying full color still images
`and MPEG movies with a relatively high frame rate (e.g. 30
`frames per second) on an appropriate monitor (not shown).
`Optional 3D texture mapping may be added to this system,
`if desired.
`A sound subsystem 23 having a stereo sound playback
`capability with up to 16 bit CD quality sound is coupled to
`an ISA bus 24. A general purpose input/output unit 25
`provides interfaces to the game mechanical devices (not
`
`IPR2020-01218
`Sony EX1010 Page 6
`
`
`
`5,643,086
`
`10
`
`15
`
`20
`
`25
`
`7
`illustrated) such as manually actuatable switches and display
`lights. A first bridge circuit 27 provides an interface between
`microprocessor 12, ROM 14, main memory 13 and PCIbus
`20. Bridge circuit 27 is preferably an MPC 105 chip avail
`able from Motorola, Inc. A second bridge circuit 28 provides
`an interface between the PCI bus 20 and the ISA bus 24.
`Bridge circuit 28 is preferably a type 82378 chip available
`from Intel Corp.
`FIG. 2 illustrates the types of information stored in the
`system ROM 14 and the mass storage unit. As seen in FIG.
`2, the ROM unit 14 used in the FIG. 1 system comprises two
`separate ROM elements: ROM 29 and ROM 30. ROM 29
`must be an unalterable device, such as a Toshiba type
`C53400 512Kx8 bit mask programmed ROM. ROM 30 is
`preferably an unalterable device like ROM 29, but may
`comprise a different type of ROM, such as a type 29FO40
`field programmable flash ROM available from Intel Corp.
`ROM 29 contains the system initialization or boot code, an
`authentication program, a random number generator pro
`gram and an initial portion of the executive/loader programs.
`ROM 30 contains the operating system program, the system
`drivers and the remainder of the executive/loader programs
`as noted below. The mass storage unit contains the
`applications, which include the game image and sound data,
`rules of game play and the like, and the signature associated
`to each particular casino game.
`FIG. 3 illustrates the authentication and application pro
`gram information in more detail. As seen in this figure, the
`authentication program stored in unalterable ROM 29 com
`prises a message digest algorithm component 32, a decryp
`tion algorithm component 33, and a decryption key compo
`nent 34. The message digest algorithm component 32 stored
`in ROM 29 comprises an exact copy of a hash function
`program routine used to originally compute a message digest
`from the loadable game data set 36 in the manner described
`below. The decryption algorithm component 33 stored in
`ROM 29 comprises the algorithm required to decrypt any
`encrypted casino game data set signature using the decryp
`tion key component 34. The decryption key component 34
`comprises the decryption key that is required to decrypt any
`of the encrypted signatures 37 in the manner described
`below during the authentication routine.
`FIG. 4 illustrates the manner in which an encrypted data
`set signature 37 is generated. A loadable casino game data
`set 36 is processed using a hash function 41 to generate a
`message digest 42 which is unique to the loadable game data
`set 36. The hash function employed may be one of a number
`45
`of known hash functions, such as the MD2, MD4, and MD5
`hash functions and the SHS hash function; or any other
`suitable hash function capable of producing a unique abbre
`viated bit string from a variable size input data set. For
`further information about these hash functions, reference
`50
`should be had to the publication entitled "Answers To
`Frequently Asked Questions About Today's Cryptographyā€¯,
`Revision 2.0, Oct. 5, 1993, published by RSA Laboratories,
`Redwood City, Calif., and the publications listed in the
`references section thereof, the disclosures of which are
`hereby incorporated by reference. After generation, the
`message digest 42 is then encrypted with an encryption
`algorithm 43 using a private encryption key 44 to generate
`a signature 37 of the message digest. In the preferred
`embodiment, the two-key (private/public key) encryption
`technique developed by RSA Data Security, Inc., of Red
`wood City, Calif., is used. This technique is disclosed and
`described in U.S. Pat. Nos. 4,200,770, 4,218,582 and 4405,
`829, the disclosures of which are hereby incorporated by
`reference. The signature 37 of the message digest 42 is then
`stored in the mass storage unit along with the loadable data
`set 36.
`
`40
`
`8
`FIG. 5 illustrates the authentication routine carried out in
`accordance with the invention. When the authentication
`routine is called (see below), the loadable casino game data
`set 36 is transferred from the mass storage unit to main
`memory 13 (unless already there), and the message digest of
`casino game data set 36 is computed using the message
`digest algorithm 32, stored in ROM 29. Message digest
`algorithm 32 uses the same hash function 41 as that used by
`the manufacturer to prepare the original message digest 42.
`The result is an unencrypted version 46 of the message
`digest computed from the casino game data set 36 currently
`present in the mass storage unit. The encrypted data set
`signature 37 is decrypted using the public decryption key 34
`matching the private key 44 used to originally encrypt the
`message digest 42 of the casino game data set 36. The
`message digest 47 decrypted with decryption key 34 is then
`compared with the message digest 46 computed from the
`casino game data set 36. If the two message digests match,
`then the casino game data set 36 is deemed authentic and
`game play may proceed. If there is no match, either the
`casino game data set 36 or the signature 37 is deemed
`corrupted and not authentic. Game play is prohibited and
`appropriate actions can be taken: e.g. alerting a security
`employee using a suitable messaging system (an audible
`alarm, flashing lights, or a network message from the game
`console to a central security area).
`In order to ensure that the authentication routine cannot be
`bypassed by tampering with the loader program stored in
`ROM 30, an initial part of th