Software Verification and Authentication in a Gaming Device



Similar documents
Implementation Guide. SAS Serial Protocol. for. Montana Department of Justice Gambling Control Division. October 22, Version 1.4.

Management Challenge. Managing Hardware Assets. Central Processing Unit. What is a Computer System?

A+ Guide to Managing and Maintaining Your PC, 7e. Chapter 1 Introducing Hardware

Parts of a Computer. Preparation. Objectives. Standards. Materials Micron Technology Foundation, Inc. All Rights Reserved

1 PERSONAL COMPUTERS

CF to Serial Adapter Quick Installation Guide

CSCA0102 IT & Business Applications. Foundation in Business Information Technology School of Engineering & Computing Sciences FTMS College Global

Obj: Sec 1.0, to describe the relationship between hardware and software HW: Read p.2 9. Do Now: Name 3 parts of the computer.

Computer Basics: Chapters 1 & 2

Embedded Software development Process and Tools: Lesson-3 Host and Target Machines

Chapter 5 Busses, Ports and Connecting Peripherals

Chapter 6. Inside the System Unit. What You Will Learn... Computers Are Your Future. What You Will Learn... Describing Hardware Performance

Programming NAND devices

Network Client. Troubleshooting Guide FREQUENTLY ASKED QUESTIONS

Digital Evidence Search Kit

Hard Disk Drives and RAID

MINIMUM TOOL REQUIREMENT FOR EPROM UPGRADE

UltraCade Multi-Game System Frequently Asked Questions

Security Policy Revision Date: 23 April 2009

Lecture 2: Computer Hardware and Ports.

EUCIP IT Administrator - Module 1 PC Hardware Syllabus Version 3.0

Algorithms and Methods for Distributed Storage Networks 3. Solid State Disks Christian Schindelhauer

SERVICE LEVEL AGREEMENT (SLA)

PC2400 EEPROM PROGRAMMER INSTRUCTION MANUAL

Programming Flash Microcontrollers through the Controller Area Network (CAN) Interface

Checking the Package Contents. Installing the Printer Software. Connecting. Unpacking the. the Printer. Printer. Attaching

SecureLinx Spider Duo Quick Start Guide

User Guide USB 2.0 LAPTOP DOCKING STATION WITH VIDEO N2953

Chapter 5 Understanding Input. Discovering Computers Your Interactive Guide to the Digital World

USB 2.0 VGA ADAPTER USER MANUAL

Computer Hardware HARDWARE. Computer Hardware. Mainboard (Motherboard) Instructor Özgür ZEYDAN

STEM ANIMATION. RScientific OVERVIEW ELIGIBILITY TIME LIMITS ATTIRE PROCEDURE

Computer Storage. Computer Technology. (S1 Obj 2-3 and S3 Obj 1-1)

MSc Computer Security and Forensics. Examinations for / Semester 1

CONFIGURATION M5000 APPLICATIONS SOFTWARE INSTALLATION HARDWARE INSTALLATION OPTION INSTALLATION HIGH MEMORY OPTION SIMM PACK INSTALLATION

Enova X-Wall LX Frequently Asked Questions

Eureka Technology. Understanding SD, SDIO and MMC Interface. by Eureka Technology Inc. May 26th, Copyright (C) All Rights Reserved

NCDware Publications Roadmap

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Digital Cameras: Activities, Assessment, and Administration

Executable Integrity Verification

Lesson-3 CASE STUDY OF AN EMBEDDED SYSTEM FOR SMART CARD

Office of Liquor Gaming and Regulation Random Number Generators Minimum Technical Requirements Version 1.4

With respect to the way of data access we can classify memories as:

Enterprise Erase LAN

Title: ZOLL USB Direct Connect Cable Installation Instructions

Protected Cash Withdrawal in Atm Using Mobile Phone

FLASH TECHNOLOGY DRAM/EPROM. Flash Year Source: Intel/ICE, "Memory 1996"

QuickSpecs. HP IP Console Switch with Virtual Media Overview

Animated Lighting Software Overview

22 nd NISS Conference

Filing Systems. Filing Systems

Electronic Mail Security. Security. is one of the most widely used and regarded network services currently message contents are not secure

STIM202 Evaluation Kit

CS 464/564 Introduction to Database Management System Instructor: Abdullah Mueen

Computer Components Study Guide. The Case or System Box

Application Note. Atmel CryptoAuthentication Product Uses. Atmel ATSHA204. Abstract. Overview

Trabajo Memorias flash

Logical Operations. Control Unit. Contents. Arithmetic Operations. Objectives. The Central Processing Unit: Arithmetic / Logic Unit.

Quick Start Guide. DVR DS-7200HWI-SH Series DVR. First Choice For Security Professionals

Read Me UNISTREAM AUTOMATION IDE

Product Support Bulletin

Installation Guide v1.11 and Higher

Embedded Display Module EDM6070

Firmware security features in HP Compaq business notebooks

Discovering Computers Living in a Digital World

Sample Project List. Software Reverse Engineering

RAM & ROM Based Digital Design. ECE 152A Winter 2012

MMGD0203 Multimedia Design MMGD0203 MULTIMEDIA DESIGN. Chapter 3 Graphics and Animations

10 Secure Electronic Transactions: Overview, Capabilities, and Current Status

Be sure to connect the USB cable from TonePort into your computer s USB port, and then proceed with the following steps

INTEGRITY CERTIFICATION REQUIREMENTS: SLOT MACHINES

Copyright 1999 by EPSON America, Inc. 3/99 Torrance, California, USA

CSCA0201 FUNDAMENTALS OF COMPUTING. Chapter 5 Storage Devices

PUF Physical Unclonable Functions

UniKey Family 0. UniKey Time

Lesson 1 Quiz. 3. The Internet is which type of medium? a. Passive b. Broadcast c. One-to-one d. Electronic print

miniflash User Manual

Common Access Card Application

MIFARE CONTACTLESS CARD TECHNOLOLGY AN HID WHITE PAPER

Virtual Private Networks (VPN) Connectivity and Management Policy

Computers. Hardware. The Central Processing Unit (CPU) CMPT 125: Lecture 1: Understanding the Computer

TABLE OF CONTENTS NETWORK SECURITY 2...1

Signature Verification Why xyzmo offers the leading solution.

Implementing a Digital Answering Machine with a High-Speed 8-Bit Microcontroller

이 기기는 업무용 급 으로 전자파적합등록을 한 기기이오니 판매자 또는 사용자는 이점을 주의하시기 바라며 가정 외의 지역에서 사용하는 것을 목적으로 합니다

Cisco Digital Media System: Cisco Digital Media Player 4305G

Universal Push2TV HD Adapter PTVU1000 Installation Guide

SecureDoc Disk Encryption Cryptographic Engine

The Programming Interface

Tomorrow s Technology and You

Chapter 1 Computer System Overview

Transcription:

Software Verification and Authentication in a Gaming Device White Paper Date: February 15, 2000 39355 California Street, Suite 307 Fremont, CA 94538

1 Introduction Gaming machine development has progressed further in the last several years than in all of the years since their invention. This is especially true of video based gaming machines. No longer are poker hands simply being dealt or are keno cards checked off as random numbers are drawn. Bonus games are added and have increasingly sophisticated animation. Video monitors have higher screen resolution and color depth. And audio has gone from a mono speaker to stereo surround sound. All of this requires increasing amounts of program media storage to store the executable code, graphic images and sound data. Gaming machine manufacturers have had to turn to other memory storage devices not typically associated with gaming machines. This change in technology has outgrown the current methods of ensuring the integrity of the gaming machine s software. The scope of this paper is to discuss the verification and authentication methods associated with this change in technology. Strictly speaking, verification and authentication are two separate processes. Verification is the process of determining that the program code or other stored data is intact and is not corrupted by storage media failures. In contrast, authentication is the process of determining that the program code or other stored data are authentic copies of the approved components. 2 Verification In order to check for corruption in the storage media, the gaming machine software performs the verification process that is internal to the gaming machine. At selected events such as power resets, door closures, and before game play, the software performs a mathematical calculation and uses the software itself that resides in the storage media as the data for this calculation. With a properly chosen mathematical algorithm, errors in the data, or in this case, the storage media, can be detected. For EPROM based storage media, the gaming regulations generally do not specify the exact algorithm that must be used, only that it must be able to detect 99.99 percent of all possible media failures 1. The most common algorithm is the cyclic redundancy check (CRC). The CRC of the software data is calculated and the results are stored in the EPROM itself at the time it is programmed. During the operation of the game, the software calculates the CRC of itself and compares it with the results previously stored in the EPROM. If the results match, it is assumed that the software is intact and therefore, the program storage media is free from any failures. 3 Authentication In order to authenticate the software in the storage media, the contents of the media are checked against a known good copy. For EPROM based storage media, there are two common methods of authentication. Both involve a process that is external to the gaming machine. The EPROM device(s) is(are) physically removed from the machine. In the first method, the EPROM is inserted into an electronic device and the data is read. The data is then compared, bit by bit, with the data of a master EPROM that has been kept in a secure location. If the results of the comparison indicate that both EPROM s have the same binary image, that is, every single bit in every single location matches exactly, then the software is considered to be authenticated. 1 Example, Nevada Regulation 14, Technical Standards for Gaming Devices, Standard 1, Integrity of Devices, Section 1.080 Control Program Requirements. Page 2 of 3

In the second method, the EPROM is inserted into an electronic device. However, instead of simply reading the contents, an algorithm is performed on the data, in much the same way as during verification. The result of the algorithm is referred to as the EPROM s signature. This signature is compared with the previously calculated signature of the master EPROM. If the calculated signature matches that of the master EPROM signature, then the software is considered to be authenticated. The methods for verification and authentication discussed so far work reasonably well for EPROM technology as the storage media. However, the methods do not work well or simply do not work at all for the other storage technologies gaining use. Case in point is high capacity storage devices such as hard drives. 4 High Capacity Storage Devices These storage devices typically have from 10 to even 40,000 times the storage capacity of a single EPROM chip. Thus the attractiveness in using these devices to store the increasing amounts of graphics and sound data in gaming machines. There are several devices in use today and can be divided into two categories: rotating media and solid state. Hard s CD-ROM s DVD s Flash Unlike EPROM technology, these are mass storage devices only. The program does not actually execute directly from them. The program is copied into higher speed memory and executed from there. Although flash could be used in a system where the program can execute directly from the flash device, there are other considerations of why it generally does not. That consideration is the operating system. The operating system is the software that controls the resources of the electronic hardware. There are many variations of operating systems to select from. They range from proprietary to those commercially available from third parties. They all have one thing in common though, a format to store that data. The format is how the data is organized in the device so that the operating system and application can access it. In addition to the software considerations of using these devices, there are hardware considerations as well. The first is the many interface technologies available. The interface dictates how to connect the devices, both electrically and mechanically, to the computer. Below is a summary of the various software data formats and hardware interfaces for these mass storage devices. SOFTWARE HARDWARE DEVICE Data Format Electrical Mechanical Hard FAT16 FAT32 Unix SCSI/SCSI 2 CD-ROM ISO9660 Unix SCSI/SCSI 2 Page 3 of 3

SOFTWARE HARDWARE DEVICE Data Format Electrical Mechanical DVD Linear IDE IC chips FAT16 PCMCIA-Type I Flash FAT32 PCMCIA PCMCIA-Type II PCMCIA-Type III CompactFlash 5 Levels of Verification and Authentication Many manufacturers have physical constraints in choosing a location to mount the storage device such as cooling requirements, size, maximum cable length, etc. This sometimes results in a less than optimal location for easy removal. It would be beneficial for the manufacturers to have all verification and authentication take place without removing the storage device. However, there may be instances where the storage device would need to be removed. Therefore different levels of verification and authentication can be defined based on length of time to verify or authenticate as well as level of security such as routine or resolving a dispute. Define two levels of verification: Level Process Data 0 Internal Control Program 1 Internal Control Program, Graphic data, Sound data Define four levels of authentication: Level Process Data 0 Internal Control Program 1 Internal Control Program, Graphic data, Sound data 2 External Control Program 3 External Control Program, Graphic data, Sound data Process: Internal External Storage media remains internal to the gaming machine Storage media is removed from the gaming machine Page 4 of 3

6 Verification/Authentication Environment Internal External 1 2 CD-ROM 3 DRAM EPROM Hard 4 5 Verification takes place over steps 1, 2, 3, and 4, in the above figure. In Step 1: In Step 2: In Step 3: In Step 4: Verify nonvolatile storage media Verify storage media is intact and not corrupted by media failure. Verify code as it is brought into DRAM to execute is intact and not corrupted by media failure. Continuously verify code/data in DRAM is intact and not corrupted by media failures. Authentication takes place over steps 1, 2, and 4, in the above figure. In Step 1: In Step 2: In Step 4: Authenticate code/data in storage media itself Authenticate code/data as it is brought into DRAM to execute Authenticate code/data in storage media itself and send results via serial port to laptop The internal authentication involves performing a given authentication algorithm and sending the results to a laptop or some other data collection device. A standard format for sending the results is beneficial to the manufacturers and regulators alike. The format should have a minimum of information to make its parsing easier. The essential information includes the following: Gaming machine manufacturer ID Authentication file size Authentication level Authentication method used File(s) verified and their Authentication data (digest) Authentication file signature. This allows a lot of flexibility for the manufacturers to select their own authentication algorithms. Page 5 of 3

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information