Browse Prior Art Database

Use of PKCS#7 and Digital Signatures to Authenticate Software Downloaded to Gaming Machines

IP.com Disclosure Number: IPCOM000223731D
Publication Date: 2012-Nov-26
Document File: 2 page(s) / 169K

Publishing Venue

The IP.com Prior Art Database

Abstract

With this invention, a digital signature of the software package is produced by a trusted source using the private key of the trusted source. For example, the trusted source may calculate a SHA1 hash value for the package and then use its private key to encrypt the hash value, thus, producing a digital signature. The resulting digital signature and the software package are then transmitted to the gaming machine. The gaming machine uses the public key of the trusted source, which may be included in the PKCS#7 envelope, to decrypt the hash value and then compares the resulting hash value to the hash value that the gaming machine calculated itself. If the hash values match then the gaming machine considers the software package to be authentic and may install the contents of the software package. Further details of this process are described in PKCS#7 and RFC 2315.

This text was extracted from a Microsoft Word document.
This is the abbreviated version, containing approximately 53% of the total text.

Committee procedure for IP.com filing to establish Prior Art

At the end of each committee meeting the Chair will ask the group if any significant idea was developed that should be filed to establish prior art. If so, this document will need to be completed and signed by the Committee Chair and forwarded to the President with a copy to the Executive Director.

Committee Meeting date: November 15, 2012

Committee:      S2S

Attendees:  Clyde Craig, Todd Sims, Michael Bilek, Joe Carlon, Lisa Rodriguez, Ethan Tower, Nicolas Nostheide, Kevin Higgins, Dennis Kleppen, Russ Ristine, Chris Jarrell, Dale Buchholz, Pat Flint, John Sommer, Miroslav Jurkas

Title: Use of PKCS#7 and Digital Signatures to Authenticate Software Downloaded to Gaming Machines

Purpose (what problem is intended to solve):

Gaming machines often communicate with systems to download software packages that are then installed on the gaming machine or its peripheral devices. For example, a system might download a package containing new game software to the gaming machine or the system might download a package containing new software for the gaming machine’s printer. Before the software package is installed on the gaming machine or its peripheral devices, it may be necessary to authenticate the package to make sure that the package was approved by a trusted source and was not corrupted while being downloaded. PKCS#7 and digital signatures provide a method for authenticating software packages following download.

Description (structural and functional):

With this invention, a digital signature of the software package is produced by a trusted source using the private key of the trusted source. For example, the trusted source may calculate a SHA1 hash value for the package and then use its private key to encrypt the hash value, thus, producing a digital signature. The resulting digital signature and the software package are then transmitted to the gaming machine. The gaming machine uses the public key of the trusted source, which may be included in the PKCS#7 envelope, to decrypt the hash value and then compares the resulting hash value to the hash value that the gaming machine calculated itself. If the hash values match then the gaming machine considers the software package to be authentic and may install the contents of the software package. Further details of this...