Abstract: The present invention in various embodiments provides a computerized wagering game method and apparatus that features an operating system kernel, a system handler application that loads and executes gaming program shared objects and features nonvolatile storage that facilitates sharing of information between gaming program objects. The system handler of some embodiments further provides an API library of functions callable from the gaming program objects, and facilitates the use of callback functions on change of data stored in nonvolatile storage. The nonvolatile storage also provides a nonvolatile record of the state of the computerized wagering game, providing protection against loss of the game state due to power loss. The system handler application in various embodiments includes a plurality of device handlers, providing an interface to selected hardware and the ability to monitor hardware-related events.

Abstract: Methods and arrangements are provided for handling, within a communications system comprising a distributed domain and a central domain, electronic records that contain predictions of the outcome of a certain incident. Within the distributed domain there is generated, before the outcome of the incident is known, a multitude of electronic records that contain predictions of the outcome of the incident. The electronic records are conveyed from the distributed domain to the central domain. After the outcome of the incident is known, the central domain finds out which of the electronic records, if any, contain correct predictions of the outcome of the incident. Each of the electronic records is furnished, within the distributed domain, with a cryptographically protected proof of a certain moment of time associated with the generation of the electronic record.

Abstract: Control system of an electronic instrument for metrological measurements, comprising an electronic local processing unit including a handling application of said instrument. The system includes a control application for said handling application, which can be associated with said local processing unit, said control application being suitable for generating a univocal certification code for the application.

Abstract: A method and apparatus for restricting access of an application to computer hardware. The apparatus includes both an authentication module and a validation module. The authentication module is within the trusted firmware layer. The purpose of the authentication module is to verify a cryptographic key presented by an application. The validation module is responsive to the authentication module and limits access of the application to the computer hardware. The authentication modules may be implemented in software through a firmware call, or through a hardware register of the computer.

Abstract: Methods and devices are provided for managing gaming accounts. Some aspects of the invention provide for the cancellation, revocation or consolidation of cashless gaming instruments. For example, if a player has lost a cashless gaming instrument, the player could request that the cashless gaming instrument be cancelled. The request could be made in response to information (such as an activity log, an account statement, etc.) presented by a central network device. The information could be presented on a screen, printed on paper, etc. In order for such a request to be acted upon, it is preferable that the player, the gaming establishment that issued the cashless gaming instrument and the cashless gaming instrument itself be positively identified. Some implementations of the present invention provide for more flexible redemption in a cashless gaming system. Some such implementations allow a player to “cash out,” preferably in a single transaction, after one or more gaming sessions.

Abstract: A rollback attack prevention system 10 for a gaming machine 20 includes a configuration log 30 and a revocation list 40. Preferably, the configuration log 30 includes a protected record of software that has been installed on the gaming machine 20. Further, the revocation list 40 includes an inventory of unauthorized software that the prevention system 10 prevents from being installed and/or used on the gaming machine 20.

Abstract: A hand-held game apparatus comprises a pointing device, such as a touch panel or the like. A predetermined program including a letter recognition program is transmitted from a stationary game apparatus to a plurality of hand-held game apparatuses. Players perform handwriting input using the touch panels or the like of the respective hand-held game apparatuses. A letter recognition process is performed in each hand-held game apparatus. A result of letter recognition is transmitted to the stationary game apparatus. In the stationary game apparatus, a game process is executed based on the result of letter recognition received from each hand-held game apparatus.

Abstract: An information processing system includes a monitoring program starting unit and a protection target program monitoring unit. When a protection target program to be protected is started, the monitoring program starting unit starts a monitoring program that monitors the protection target program. The protection target program monitoring unit monitors the protection target program by the monitoring program.

Abstract: A competitive game management system is disclosed which manages a competitive game played by a plurality of players. Take, for example, a league competition played by players A, B, C, and D. Between the player A and the player B, for instance, a home game operated by the player A and an away game in which a CPU acts as the simulated player A are arranged. Similarly, between the player A and each of the other players C and D, two games are arranged respectively. These arrangements are made for all combinations of players, and a league ranking is determined based on all the results of the games. Therefore, a player can play the game against other real players, and the result of the competitive game will be evaluated equally for each player.

Abstract: A rollback attack prevention system 10 for a gaming machine 20 includes a configuration log 30 and a revocation list 40. Preferably, the configuration log 30 includes a protected record of software that has been installed on the gaming machine 20. Further, the revocation list 40 includes an inventory of unauthorized software that the prevention system 10 prevents from being installed and/or used on the gaming machine 20.

Abstract: Processing load on an executing device for conducting playback is high during the playback of contents since the executing device performs verification of the contents validity in parallel with the contents playback, and therefore the executing device has to be equipped with a highly efficient processor. The present invention reduces the processing load involved in the verification by using, for the verification, only a predetermined number of encrypted units selected randomly from multiple encrypted units constituting encrypted contents recorded on the DVD. In addition, the present invention is capable of improving the accuracy of detecting unauthorized contents to some extent by randomly selecting a predetermined number of encrypted units every time the verification is performed.

Abstract: Embodiments of the invention address deficiencies of the art in respect to electronic messaging security through replicated certificate stores and provide a method, system and computer program product user-specific certificate repository replication. In one embodiment of the invention, a method of replicating with multiple different messaging systems disposed in correspondingly different computing clients, retrieving a local repository of untrusted certificates from each of the different messaging systems during replication, and associating each retrieved local repository with a particular end user can be provided. Moreover, the method can include updating a global repository of untrusted certificates with the untrusted certificates of each local repository while eliminating redundant instances of an untrusted certificate present in different retrieved local repositories.

Abstract: A gaming system may include a first gaming unit, a second gaming unit, and a monitoring apparatus operatively coupled to the first and second gaming unit. The monitoring apparatus may include a display terminal and a monitoring apparatus controller operatively coupled to the display terminal. The monitoring apparatus controller may comprise a processor and a memory having encrypted license data representing a license parameter and a corresponding license parameter value stored therein, and may be programed to determine if the encrypted license data is authentic and may be programmed to determine if a configuration of the gaming system is in compliance with the license parameter value of the license parameter.

Abstract: Various techniques are disclosed for authenticating a first gaming application adapted for deployment at a first gaming machine that is operable to receive a wager on a game of chance. A first gaming application signature is accessed. In at least one embodiment, the first gaming application signature is associated with a first portion of a first plurality of gaming objects that are associated with the first gaming application. A first certified gaming signature associated with the first gaming application may also be accessed. Authentication of the first gaming application may be performed. In at least one embodiment, the first gaming application may be authenticated, for example, by comparing at least one gaming application signature with at least one certified gaming signature. If it is determined that the first gaming application is not authentic, the first gaming application signature may be analyzed to identify at least one invalid gaming object.

Abstract: A method for awarding a bonus to a player of an electronic gaming device at one of a plurality of casino properties is implemented with a slave server networked with gaming devices at each property. The slave servers are networked with a master server that accumulates a pool comprising a percentage of play on the gaming devices. The pool is initiated with a starting value, which defines the lower end of a range having a predetermined maximum number at the upper end. A number is randomly selected from within the range. As play progresses, the pool increases until it hits the random number. As a result, a slave server is randomly selected. The randomly selected slave server then awards the bonus to a randomly selected one of its associated gaming devices.

Abstract: A gaming apparatus may comprise a display unit, a value input device, and a controller having a processor and a memory that stores first gaming data and encrypted gaming data that was generated by doubly encrypting gaming data utilizing an encryption key of a gaming data authoring organization and an encryption key of a gaming regulatory organization. The controller may be programmed to doubly decrypt the encrypted gaming data utilizing an encryption key of the gaming data authoring organization and an encryption key of the gaming regulatory organization to form decrypted gaming data, to check to determine if the first gaming data is authorized based on the decrypted gaming data and the first gaming data, and to cause, if the first gaming data is authorized, the display unit to generate a game display.

Abstract: Memories coupled to a gaming terminal, are reprogrammed by a method and apparatus which includes identification, negotiation, downloading and verification information from an external information source to a gaming terminal. Hardware devices are used to identify gaming terminals or components.

Abstract: The present invention provides an architecture and method for a gaming-specific platform that features secure storage and verification of game code and other data, provides the ability to securely exchange data with a computerized wagering gaming system, and does so in a manner that is straightforward and easy to manage. Some embodiments of the invention provide the ability to identify game program code as certified or approved, such as by the Nevada Gaming Regulations Commission or other regulatory agency. The invention provides these and other functions by use of encryption, including digital signatures and hash functions as well as other encryption methods.

Abstract: Methods and systems for downloading subscription data to a client system associated with a subscriber are provided. In one embodiment, these methods may include causing a pass-phase to be generated, with this pass phrase associating a unique identifier of a device of the client system with the subscriber. These methods may also include encrypting the subscription data based at least in part on the generated pass-phase, such that the subscription data is uniquely associated with both the device of the client system and with the subscriber. In addition, when the device is changed, the subscription data is no longer able to be decrypted, and when the subscriber is changed, the subscription data is no longer able to be decrypted. These methods may further include transmitting the encrypted subscription data to the client system.

Abstract: A game console determines if a hard disk drive is authorized for use with the game console by analyzing an encrypted certificate. The encrypted certificate is stored in memory of the drive. Upon detection of the drive, the game console receives the encrypted certificate and decrypts it. The certificate contains parameters relating to the drive, such as the drives serial number, model number, memory capacity of the drive, and a trademark indicative of the drive's authenticity, for example. The game console also receives these parameters from the drive in unencrypted form. The parameters extracted from the encrypted certificate are compared with the parameters read from the hard disk drive's memory. If the parameters match, the drive is determined to be authentic. The certificate is encrypted with the private key of a public-private key pair and decrypted with the corresponding public key in accordance with well known public-key cryptographic techniques.

Abstract: An executing device conducts playback of contents. The executing device is equipped with a highly efficient processor and reduces the processing load involved in verification by using, for the verification, only a predetermined number of encrypted units selected randomly from multiple encrypted units constituting encrypted contents recorded on a DVD. In addition, the executing device is capable of improving the accuracy of detecting unauthorized contents by randomly selecting a predetermined number of encrypted units every time the verification is performed.

Abstract: A method to transmit commands across a gaming network is implemented with digitally signed messages. The command messages are generated upon a triggering event, such as the winning of a bonus. The messages are digitally signed by the transmitting node and transmitted to the subservient device. When the subservient device receives the message, it verifies the signature and executes the command. If the signature does not verify, the subservient device may raise an alarm.

Abstract: A digital file system where the files are encrypted and are decrypted for playing by using a specified decryption key. The decryption key can be personalized, e.g., to a machine, to a user, to a location or some other personalization.

Abstract: A gaming machine includes a gaming operation execution device, a loading device and a processing device. The gaming operation execution device executes gaming operations. The loading device includes a connector for connecting a storage medium, a first program memory part for storing a first authentication program, a second program memory part for storing a second authentication program, and a first processor for authenticating the first authentication program with the second authentication program. The processing device includes a memory, a reading unit for reading out the gaming information from the storage medium and for reading out the first authentication program authenticated by the first processor, a second processor for authenticating the gaming information with the authenticated first authentication program, a writing unit for writing the authenticated gaming information to the memory, and an operation control unit for controlling the gaming operation execution device.

Abstract: To ensure data integrity, data are signed using a server-side key before being stored with a signature in a persistent storage on a client. Before the data that were stored are subsequently used, the data signature is verified to confirm that the data have not been modified. A signer identification (ID) uniquely identifying the client is sealed into the signature so that the identity of the signer cannot be changed without invalidating the data signature. If the data or the signer ID is altered, a temporary signature computed for the stored data and signer ID will differ from the signature that was stored. The server preferably signs a digest of the data to be stored and verifies a digest of the stored data. An intermediate key can be provided by the server to enable plural sets of data on the client to be signed before storage.

Abstract: A method and apparatus for controlling access to digital information utilizes a location identity attribute that defines a specific geographic location. The location identity attribute is associated with the digital information such that the digital information can be accessed only at the specific geographic location. The location identity attribute further includes a location value and a proximity value. The location value corresponds to a location of an intended recipient appliance of the digital information, and may be further defined in terms of latitude, longitude and altitude dimensions. The digital information is encrypted using a geolocking key based at least in part on the location identity attribute. The geolocking key is based on a shape parameter that is determined from the location identity attribute and is included with the encrypted digital information. The shape parameter describes a shape of a geographic area, but does not identify where the geographic area is located.

Abstract: An arrangement for effective updating of video game terminals uses a security key device which is capable of operating next major generation software that at the time of sale or distribution of the security device is not available. Once this software is available, the security key with this forward compatibility to the next major generation of software, allows the owner to update any terminal having the security device. Therefore, existing product, both terminals and/or software upgrades can be sold with the capability for the purchaser to upgrade without return of the security key device. Software can be made generally freely available as it requires a security key device to function. This system is convenient and effective, and allows continued sale of product up to the release of the next major generation of software. The purchaser is buying a next generation key and as such, is buying product that is not about to be replaced.

Abstract: Methods are provided for detecting the processing status of data blocks. A hash value is used at times in place of a block's data content, thereby reducing processing of the block. Superblocks and superblock hash values are used to manage collisions between hash values of individual blocks, in order to reduce or eliminate the risk that blocks having different content will be treated as though they have the same content merely because they have the same hash value. Systems and configured storage media are also provided.

Abstract: An arrangement is provided for performing MD5 digesting. The arrangement includes apparatuses and methods that pipeline the MD5 digesting process to produce a 128 bit digest for an input message of any arbitrary length.

Abstract: The present invention in various embodiments provides a computerized wagering game method and apparatus that features an operating system kernel, a system handler application that loads and executes gaming program shared objects and features nonvolatile storage that facilitates sharing of information between gaming program objects. The system handler of some embodiments further provides an API library of functions callable from the gaming program objects, and facilitates the use of callback functions on change of data stored in nonvolatile storage. The nonvolatile storage also provides a nonvolatile record of the state of the computerized wagering game, providing protection against loss of the game state due to power loss. The system handler application in various embodiments includes a plurality of device handlers, providing an interface to selected hardware and the ability to monitor hardware-related events.

Abstract: A casino game is implemented on the basis of a wireless mobile player unit adapted to play poker, slots, bingo and other casino games. The unit obtains random game outcomes from a central computer over a radio channel utilizing a data encryption technique relying on an authentication key. The authentication key is downloaded into the unit from the central computer via a secure wired communication channel while the unit is stored, recharged and locked in a dispensing kiosk controlled by the central computer. A player rents the unit from the kiosk, plays it throughout the casino and returns the unit to the kiosk to obtain prizes and/or bonus points earned. The central computer tracks the inventory of the units in the kiosk and on the casino floor.

Abstract: An M6 block cipher system and method for encoding content and authenticating a device may use an M6 core. The M6 block cipher system may include a rotate constant selector selecting one or more rotate constants from a plurality of input rotate constants for output based on a selection signal input thereto, a rotate constant ordering device ordering the selected rotate constants and a common rotate constant input thereto based on a received ordering signal and an M6 core generating one or more of an output signal, a validity signal and a round number based on the ordered rotate constants and a plurality of input signals. The system may include a rotate constant scheduler outputting the ordering signal to the rotate constant ordering device in response to the selection signal and the round number.

Abstract: Methods and arrangements are provided for handling, within a communications system comprising a distributed domain (301) and a central domain (303), electronic records that contain predictions of the outcome of a certain incident. Within the distributed domain (301) there is generated (304), before the outcome of the incident is known, a multitude of electronic records that contain predictions of the outcome of the incident. The electronic records are conveyed (305) from the distributed domain (301) to the central domain (303). After the outcome of the incident is known, the central domain (303) finds out (306) which of the electronic records, if any, contain correct predictions of the outcome of the incident. Each of the electronic records is furnished (304, 401, 502, 902, 1202, 1911), within the distributed domain (301), with a cryptographically protected proof of a certain moment of time associated with the generation of the electronic record.

Abstract: Systems, apparatus and methods for on-the-fly encryption of data storage on a computerized wagering gaming machine are described herein. In some embodiments, a method includes accessing, using an on-the-fly encryption operation, data from a nonvolatile data storage in a computerized wagering gaming machine.

Abstract: The present invention provides methods and devices for determining the location, identity and age of a user who desires to initiate a gaming session from an uncontrolled environment such as a home, a gaming kiosk or a hotel room. In some implementations, the user's location is determined in part by reference to a database of land telephone lines and corresponding addresses. The location may be verified by other methods, e.g., by determining the location of an Internet service provider's network device that is near a user's host device or via a cellular telephone network. The user may be asked to input a confirmation number and/or make an oral response during a telephone call to a telephone number associated with the uncontrolled environment. The user may also be prompted to make statements verifying his or her identity, age, a maximum amount available for wagering or other statements.

Abstract: A secure key exchange with mutual authentication allows devices on a network to perform, in a single roundtrip over the network, the exchange. A key exchange initiator packet that does not include a key to be established is sent from an initiating device to another device via a network. The key exchange initiator packet is validated and the other device generates the key without requiring any additional packets to be received from the initiating device in order to generate the key. A key exchange response packet that does not include the key is returned to the initiating device, which validates the key exchange response packet and generates the key without requiring any additional packets to be sent to the other device or received from the other device.

Abstract: A computer is provided with an isolated computing environment. The isolated computing environment is adapted to allow initial programming for use in manufacturing, distribution and sales. The isolated computing environment further allows an authenticated source or authenticated code to update the isolated computing environment with code and configuration data for use in the end-user environment. To encourage final updating, the computer may be placed in a limited-function mode until authorized code is installed and operational. A method and apparatus are disclosed for the sanctioning and secure update of the isolated computing environment.

Abstract: A license managing apparatus comprises an inputting device, an encrypting device for encrypting information inputted from the inputting device to produce encrypted information, and an outputting device for outputting the encrypted information. The encrypting device encrypts at least identification information of the game apparatus to be licensed and license condition information thereof to produce the foregoing encrypted information. The game apparatus includes an inputting device for inputting the outputted encrypted information, an encryption decoding device for decoding the inputted encrypted information, and a controller for controlling execution of a game program. The game apparatus further includes a storing device for storing identification information of the game apparatus, and a storing device for storing internal information.

Abstract: A secure smart card or other secure modular memory device is plugged into (or otherwise connected to) a port of a game controller board internal to a gaming machine. The smart card is programmed to detect an encrypted “challenge” message from the host CPU and output an encrypted “response.” If the host CPU determines that the response has the expected properties, then the host CPU verifies that the game program is authentic (i.e., the game program is accurate and authorized for use by that particular gaming machine and customer), and the game can be played. The challenge/request exchange may be performed before every game is played on the machine or at any other time. If the response is improper, then the host CPU will issue a halt command to halt play of the game. By controlling access to the properly programmed smart card, gaming machines cannot run unauthorized copies of the game program.

Abstract: An executing device for conducting playback is high during the playback of contents. The executing device is equipped with a highly efficient processor and reduces the processing load involved in verification by using, for the verification, only a predetermined number of encrypted units selected randomly from multiple encrypted units constituting encrypted contents recorded on a DVD. In addition, the executing device is capable of improving the accuracy of detecting unauthorized contents by randomly selecting a predetermined number of encrypted units every time the verification is performed.

Abstract: Methods and arrangements are provided for handling, within a communications system comprising a distributed domain (301) and a central domain (303), electronic records that contain predictions of the outcome of a certain incident. Within the distributed domain (301), a multitude of electronic records are generated that contain predictions of the outcome of the incident and are conveyed (305) from the distributed domain (301) to the central domain (303). Each of the electronic records is furnished (304, 401, 502, 902, 1202, 1911), within the distributed domain (301), with a cryptographically protected proof of a certain moment of time associated with the generation of the electronic record.

Abstract: A base encryption method may be applied to plain data to form base encrypted data. An installation encryption method may be applied to the base encryption data to provide encrypted installation data. During installation, the encrypted installation data are encrypted to form encrypted storage data for storage on a storage medium such as a hard drive. Preferably, the data are not fully decrypted at any stage of the installation process. The host CPU may be minimally involved (or not involved) in the encryption/decryption process. Some embodiments provide a logic seal (a/k/a a “tell-tale circuit”) that monitors access to a machine. In some such implementations, an encryption/decryption key may be stored in the logic seal. When the logic seal is broken, countermeasures may be taken, e.g., at least some data may be deleted. For example, one or more cryptographic keys may be erased.

Abstract: A console-based multi-user authentication process allows multiple users of a game console to be authenticated together in a single request/reply exchange with an authentication entity. The results of which is the possession of a single ticket that can be used to prove authenticity of multiple authentication principals to one or more online services. Also described is a handshake process that can be used to initially establish an authentication account for each game console, in which the account creation server can trust that a genuine game console is making the request.

Abstract: The exemplary embodiments described herein relate to a light-weight encryption/decryption technique for peripherals (e.g., gaming machines, overhead displays, a jackpot controllers, etc.) attached to gaming networks. In certain exemplary embodiments, a peripheral device for use in a networked gaming environment is provided. A network interface is configured to send and receive at least one data stream, with each said data stream including at least a data block and a predetermined portion to be used in key generation. An encrypt table includes an index of random numbers in a predetermined range, with the encrypt table size and the range of the random numbers being set in dependence on the predetermined portion of the data stream. A decrypt table is provided, with the decrypt table being the inverse of the encrypt table. Key generating programmed logic circuitry is configured to generate a key in dependence on the predetermined portion of the data stream.

Abstract: An architecture is described to manufacture console-based gaming systems in a manner that allows them to be authenticated to a remote entity for online participation. The architecture involves placing pre-established secrets on the game console during console manufacturing that may be subsequently used to guarantee the authenticity of the game console during registration time.

Abstract: An architecture is described to manufacture console-based gaming systems in a manner that allows them to be authenticated to a remote entity for online participation. The architecture involves placing pre-established secrets on the game console during console manufacturing that may be subsequently used to guarantee the authenticity of the game console during registration time.

Abstract: An architecture is described to manufacture console-based gaming systems in a manner that allows them to be authenticated to a remote entity for online participation. The architecture involves placing pre-established secrets on the game console during console manufacturing that may be subsequently used to guarantee the authenticity of the game console during registration time.

Abstract: A server provides a secure environment for establishing peer-to-peer communications between clients. When two clients of the server wish to establish peer-to-peer communication, they first connect to the server. The server authenticates each client and provides information to authenticated clients to enable them to establish peer-to-peer communication. Any client who abuses the peer-to-peer communication privileges can lose the right to be authenticated. In an exemplary embodiment, the server is a game server and the clients joining in playing games, preferably using voiced-based peer-to-peer communication. Different levels of authorization may be granted to different clients, to limit the interaction between clients.

Abstract: An architecture is described to manufacture console-based gaming systems in a manner that allows them to be authenticated to a remote entity. The architecture involves creating a console public key and a console private key for each console-based gaming system. A digital certificate is created that contains the console public key and additional information about the console-based gaming system. The digital certificate is signed with a factory private key associated with the factory that manufactured the console-based gaming system.

Abstract: Apparatus and system for configuring a wireless bridge for a computing device such as a game console. The wireless bridge must include a key (not known to the public) employed in producing a digest. The digest is passed to the game console to authenticate that the wireless bridge is compatible and can thus be configured by the game console. Once the wireless bridge proves its compatibility, a configuration procedure included in an operating system on the game console configures the wireless bridge to connect to a wireless network so that the game console can communicate through the wireless bridge with a gaming site that is accessed over the Internet. The configuration is done without using a web browser program or a configuration program that is specific to a particular model and manufacturer of the wireless bridge.