WO2010107902A2 - Secure provisioning of random numbers to remote clients - Google Patents

Secure provisioning of random numbers to remote clients Download PDF

Info

Publication number
WO2010107902A2
WO2010107902A2 PCT/US2010/027646 US2010027646W WO2010107902A2 WO 2010107902 A2 WO2010107902 A2 WO 2010107902A2 US 2010027646 W US2010027646 W US 2010027646W WO 2010107902 A2 WO2010107902 A2 WO 2010107902A2
Authority
WO
WIPO (PCT)
Prior art keywords
random numbers
accordance
server
game server
remote client
Prior art date
Application number
PCT/US2010/027646
Other languages
French (fr)
Other versions
WO2010107902A3 (en
Inventor
Walter Szrek
Irene Szrek
Original Assignee
Szrek2Solutions, Llc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Szrek2Solutions, Llc filed Critical Szrek2Solutions, Llc
Publication of WO2010107902A2 publication Critical patent/WO2010107902A2/en
Publication of WO2010107902A3 publication Critical patent/WO2010107902A3/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F17/00Coin-freed apparatus for hiring articles; Coin-freed facilities or services
    • G07F17/32Coin-freed apparatus for hiring articles; Coin-freed facilities or services for games, toys, sports, or amusements
    • G07F17/3241Security aspects of a gaming system, e.g. detecting cheating, device integrity, surveillance
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information

Definitions

  • Game servers require random numbers for variety of reasons, for example, to draw winning numbers, to generate game outcomes, and to distribute cards.
  • conventional gaming regulators may require external (e.g., independent) random number generator (RNG) servers be used for random number generation.
  • RNG random number generator
  • Security guidelines/standards set by, for example, the World Lottery Association recommend that external RNG systems are used for random number generation for, for example, draws or instant winnings generation. As a result of required system redundancy, multiple RNG servers are often used.
  • RNG servers introduces issues for, for example, games that require a state of random numbers to be preserved, games that issue cards to different players from a same deck of cards, and/or games that issue random numbers for individual players where the issued random numbers are dependent upon previously generated random numbers.
  • An exemplary issue for game servers is vulnerability to an attack by insiders illegally accessing a game server which makes it possible, for example, to learn what cards have been dealt to a particular player.
  • random numbers can be generated on any RNG server and can not be revealed to persons having access to a game server.
  • a system that includes external RNG servers where a random number generation process is provided such that access to a game server does not permit access to random numbers (e.g., cards) that have been issued to a player.
  • the method includes receiving encrypted transformation information, decrypting the encrypted transformation information, generating random numbers, transforming random numbers according to the decrypted transformation information, sending the transformed random numbers to a game server, protecting, via the game server, the transformed random numbers, sending the transformed random numbers from the game server to a remote client, and transforming the transformed random numbers to recreate the generated random numbers.
  • a method for protecting random numbers using asymmetric encryption includes receiving a public key of a remote client by a random number server, generating random numbers, encrypting the random numbers with the public key, sending the encrypted random numbers to a game server, protecting the encrypted random numbers via the game server, sending the encrypted random numbers from the game server to a remote client, decrypting the encrypted random numbers with a private key by a remote client, and recreating the generated random numbers.
  • the system includes a random number generation server, a remote client, and one or more processors.
  • the one or more processors are programmed to receive transformed random numbers from the random number generation server, secure transformation information, and verify random numbers.
  • Figure 1 is an exemplary block diagram of a gaming environment.
  • Figure 2 is an exemplary block diagram for providing random numbers to a remote client from random number generator (RNG) servers without a game server knowing actual values of the provided random numbers.
  • RNG random number generator
  • Figure 3 is an exemplary block diagram for providing random numbers to player devices from RNG severs without knowledge from a game server of actual values of the provided random numbers.
  • Figures 4 and 5 are exemplary block diagrams of a verification of random numbers provided by a remote client to a game server.
  • Figure 6 is an exemplary flow chart illustrating a process for protecting random numbers.
  • the present disclosure provides systems and methods for protecting an "identity" of random numbers used in multiplayer games to, for example, prevent fraud related to access to random game elements by insiders.
  • the systems and methods described herein enable a distribution of random numbers by a game server in a way that the game server does not know the "identity" of random numbers but the game server may independently verify these random numbers.
  • RNG random number generator
  • Figure 1 is an exemplary gaming environment.
  • One or more remote clients (200) may communicate directly or indirectly with game server (100) via, for example, a network.
  • Game server (100) communicates directly or indirectly with one or more RNG server(s) (300) via, for example, a network.
  • a remote client (200) and RNG server(s) (300) use a transformation of random numbers (e.g., cards) that cannot be interpreted directly by a game server (100).
  • only transformed random numbers are passed between RNG server(s) (300) and remote client (200) while original random numbers are used by remote client (200).
  • a transformation may be one or more of the following: mapping a set of numbers into another set of numbers, standard symmetric or asymmetric encryption, algorithmic transformation, and a combination of the above transformations.
  • mapping is defined by ordering cards in a certain described way.
  • the 2 of clubs may be assigned a first position, followed by the 3 of clubs in the second position, and so on up to the ace of clubs.
  • Diamonds, hearts, and spades are ordered similarly from the 2 to the ace, respectively.
  • Each card is represented by a number corresponding to a position/natural order of the card.
  • the numbers/position assigned to each card range from, for example, 1-52. In this example, position number 1 represents the 2 of clubs, position number 2 represents the 3 of clubs . . .
  • position number 14 represents the 2 of diamonds . . . position number 27 represents the 2 of hearts, and so on.
  • 52 uniform different random numbers are generated (e.g., 27, 23, 11, 3, 51...) from a range of 1-52.
  • the generated random numbers are mapped to the assigned numbers representing each of the cards. This mapping is then used to encode random numbers received by remote client (200). That is, as the generated random numbers are received, the generated random numbers are assigned a new number according to the order in which they are received.
  • mapping is continued for each of the remaining 52 numbers.
  • position number 1 e.g., random number 27
  • the value of original number 27 is used (e.g., the 2 of hearts) replacing the previous value of position number 1 (e.g., the 2 of clubs)
  • position number 2 e.g., random number 23
  • the value of original number 23 is used (e.g., the jack of diamonds) replacing the previous value of position number 2 (e.g., the 3 of clubs).
  • encryption with an encryption key provided by remote client (200) may be used by RNG server(s) (300).
  • RNG server(s) (300) In case of symmetric encryption, such as 3DES or AES, a secret key may be used to encrypt generated random numbers.
  • a secret key is sent in a secure way between remote client (200) and RNG server(s) (300).
  • RNG server(s) (300) use this secret key to encrypt random numbers sent back to remote client (200).
  • Remote client (200) decrypts the received encrypted random numbers using the same secret key provided by remote client (200).
  • asymmetric encryption e.g. RSA encryption
  • a public key from remote client (200) is sent to RNG server(s) (300).
  • RNG servers (300) use this public key to encrypt random numbers before they are sent back to remote client (200).
  • Remote client (200) then uses the private key to decrypt received random numbers.
  • RNG server(s) (300) functionality can provide RNG server(s) (300) functionality.
  • RNG server(s) (300) functionality is provided by one or more systems and is explained using an example of a single RNG server (300).
  • Examples of a transformation using encryption are also provided herein.
  • symmetric encryption as a transformation method is similar to algorithmic transformation using a secret key, therefore, only the description of one method is provided herein as a description of one of the methods is sufficient for to both methods.
  • a remote client e.g., remote client (200)
  • a remote client may be, for example, a personal computer, a notebook, a netbook, a tablet computer, a mobile phone, a smart phone, a slot machine, an electronic poker table, a lottery terminal, a video lottery terminal, a POS device, a specialized gaming device, a server computer, a hand-held or laptop device, a multiprocessor system, a microprocessor-based system, a set top box, a programmable consumer electronics, a network PC, a minicomputer, a mainframe computer, or distributed computing environments that includes any of the above systems or devices, or any other device or application requiring random numbers.
  • each instance of remote client application may be treated as a separate remote client.
  • remote client (200) generates transformation information. For example, when mapping, remote client (200) may generate a set of unique random numbers from a same or bigger range as requested random numbers (209). These remote client generated random numbers are used to map random numbers, received from game server (100), into original random numbers.
  • symmetric encryption is used as a transformation, and thus, an encryption key may be generated.
  • remote client's (200) public key may be used.
  • AES AES key
  • an encryption algorithm or a transformation type may be included in transformation information.
  • transformation information is secured or encrypted (202) in such a way that only RNG server(s) (300) can understand it.
  • securing of the transformation information is accomplished using asymmetric encryption with a public key from RNG server(s) (300).
  • all RNG servers (300) may share a same private key.
  • an external server may be used by RNG servers (300) to decode transformation information and a public key of the external server may be used by remote client (200) for encrypting transformation information.
  • use of such an external server may be a part of RNG server(s) (300) functionality.
  • the public key of the remote client (200) does not need to be encrypted when sent to game server (100) and consequently to RNG server(s) (300).
  • Secured transformation (202) is sent with a request for one or more transformed random numbers (209) to game server (100).
  • Game server (100) retrieves encrypted RNG state information (103) and thereafter stores and sends the retrieved encrypted RNG state information (103) with a request for transformed random numbers (109) and secured transformation (102) to at least one of the RNG servers (300).
  • the request for one or more transformed random numbers (209) is a first request for a set of random numbers (e.g., a game is just starting and the first cards are retrieved for a first player)
  • game server (100) may send "dummy" RNG state information (103) or no RNG state information (103) at all.
  • RNG server(s) (300) receive secured transformation (302/102/202) and encrypted RNG state information (103/303), RNG server(s) (300) decrypt RNG state information (103/303) and retrieve remote client transformation (304). For example, if mapping is encrypted using an asymmetric algorithm or a symmetric algorithm, RNG server(s) (300) may decrypt the mapping using a corresponding algorithm and/or a corresponding key. Further, if a symmetric encryption is used for transformation, a secret key used for transformation is decrypted so that the decrypted secrete key can be used to encrypt random numbers sent back to game server (100).
  • RNG server(s) (300) may generate requested random numbers (305).
  • RNG server(s) (300) transform the generated requested random numbers (305) according to a transformation (306) used to create the transformed random numbers. For example, if mapping of random numbers is used, RNG server(s) (300) may map generated requested random numbers (305) according to mapping of remote client (200).
  • RNG server(s) (300) may encrypt requested random numbers using an appropriate algorithm with a key provided by remote client (200), and, once this is done, RNG server(s) (300) may encrypt RNG state information (313) and transformation information (312) by using, for example, symmetric encryption and/or a key shared between at least one RNG server(s) (300). In one embodiment, a same key is used for encryption of both transformation information (312) and RNG state information (313). Encrypted RNG state information (313) and/or encrypted transformation information (312) are sent to game server (100) with requested transformed random numbers (317). Encrypted RNG state information (113/313) and encrypted transformation information (112/312 and/or 302/102/202) may be preserved on game server (100) so that they can be sent at a later time to RNG server(s) (300).
  • encrypted transformation information (312) is not sent from RNG server(s) (300) to game server (100).
  • encrypted transformation information (312) is not sent from RNG server(s) (300) to game server (100) if encrypted transformation information (312) is provided to RNG server(s) (300) in a same format as originally provided from remote client (200).
  • Transformed random number response (117/317) may be sent to remote client (200).
  • Remote client (200) transforms back transformed random numbers (218), and if mapping is used, remote client (200) maps back random numbers. Further, if encryption is used, remote client (200) decrypts random numbers using a previously generated key.
  • transformed random numbers are preserved by game server (100) to allow for a verification that the transformed random numbers were provided to remote client (200).
  • transformed random numbers are secured by authentication data from game server (100). The authentication data is provided to remote client (200) together with transformed random numbers. This data may be subsequently provided by remote client (200) together with random numbers and transformed random numbers to game server (100) for verification.
  • authentication data may be, for example, HMAC, with a secret key known primarily by game server (100).
  • player identifier (108/308) may be provided.
  • player identifier (108/308) may be used to track distribution of random numbers to specific remote clients by RNG server(s) (300).
  • RNG server(s) (300) may create unique identifiers/tags for player or remote client (200).
  • a design of the RNG state information in such a way that player identifier (108/308) is related to random numbers issued is used to allow for verification of random number to be tied to a specific player.
  • a verification method may be simplified by verifying that correct transformation information is provided by game server (100), for example, that transformation information belongs to a specific player (e.g., a specific remote client (200)).
  • RNG server(s) (300) may verify that a particular random number belong to a specific player. For example, RNG server(s) (300) may generate unique player tags that are stored with RNG state information and transformation information. These tags can then be matched when random number, RNG state information, and/or transformation information are provided for verification.
  • processing of a request for subsequent random numbers is similar to the processes shown/described with respect to Figure 2.
  • FIG 3 there is not a need for a generation of a transformation of random numbers because transformation information is already generated and stored on game server (100) or another system.
  • secured transformation as shown in Figure 2 is neither sent nor processed by remote client (200).
  • Transformation information for remote client (200) is retrieved from either encrypted transformation sent with a first response ( Figure 2, data 112 and 212), or originally sent secured transformation ( Figure 2, data 102). Transformation information (102) and encrypted RNG state information (103) may be sent to one of the one or more RNG server(s) (300).
  • RNG server(s) (300) receives transformation information (102/202) and/or encrypted RNG state information (103/303), RNG server(s) (300) decrypts RNG state information and retrieves remote client transformation (304). However, if transformation information was encrypted using asymmetric algorithm or symmetric algorithm, RNG server(s) (300) decrypts transformation information using a corresponding algorithm and/or a corresponding key. RNG server(s) (300) may generate requested random numbers (305) and transform generated random numbers according to transformation (306) of remote client (200), and RNG server(s) (300) may encrypt RNG state information (313). Encrypted RNG state information (313) may be sent together with transformed random numbers (317) to game server (100).
  • encrypted or secured transformation information and encrypted RNG state information are preserved on game server (100) so that they can be sent to RNG server(s) (300) at a later time.
  • Transformed random numbers response (117/317) is sent to remote client (200).
  • Remote client (200) may retrieve random numbers from transformed random numbers using previously generated transformation (218). For example, if mapping is used, remote client (200) decodes mapped random numbers, and if encryption is used for transformation, remote client (200) decrypts transformed random numbers.
  • a transformed random number may be preserved on game server (100). The transformed random number could then be used by game server (100) for verifying that the transformed random number is provided to remote client (200).
  • RNG state information and transformation information can be kept on a single RNG server (300).
  • the information when information is kept on a single RNG server (300), the information does not have to be encrypted.
  • Remote client (200) may generate a new transformation for each activity session or game, or remote client (200) may generate a new transformation each time remote client (200) sends a request for transformed random numbers.
  • remote client (200) sends transformation information identification or a hash.
  • transformation information is requested from remote client (200).
  • secured or encrypted transformation and encrypted RNG state information are preserved on game server (100). This allows a request for random numbers combined with secured or encrypted transformation and encrypted RNG state information to be sent to any one of the RNG servers (300). Random numbers passed from RNG server(s) (300) to remote client (200) may be transformed using a transformation of an individual remote client (200) transformation. For example, when mapping is used, random numbers may be transformed using mapping of remote client (200), and when encryption is used, generated random numbers (e.g., generated random numbers combined with accidental or "dummy" data) may be encrypted using an encryption key provided by remote client (200).
  • game server (100) does not have access to the transformation information because the transformation information is encrypted, nor does game server (100) retrieve information about random numbers provided to different remote clients (200). [0035] In embodiments, game server (100) verifies random numbers as revealed, discarded, or played by remote client (200). This can be executed in a few different ways by, for example, using RNG state information and random numbers to verify random numbers, or using transformation information, random numbers, transformed random numbers, and optionally RNG state information to verify random numbers.
  • game server (100) provides player identifiers to RNG server(s) (300).
  • RNG server(s) (300) incorporates a relation between generated random numbers and player identifier, or an RNG server (300) generated player tag.
  • one or more random numbers (251/151/351) may be provided together with player identification (158/358) and encrypted RNG state information (153/353) to RNG server(s) (300).
  • RNG server(s) 300 decrypts RNG state info (354) and verifies (357) that random numbers were previously generated for remote client (200).
  • a verification result (361/161) is then sent back to game server (100).
  • RNG state information may be updated to include that a random number was already verified and new encrypted RNG state information (163) may be sent back to game server (100).
  • both RNG server(s) (300) and game server (100) may log the failure and, for example, set an alarm.
  • remote client (200) may send random numbers (251) together with transformed random numbers (252) to game server (100) to be stored.
  • game server (100) verifies whether transformed random numbers were provided to remote client (200).
  • Game server (100) may then forward random numbers (151/251) and transformed random numbers (152/252) together with secured or encrypted transformation information and encrypted RNG state information (153) to RNG server(s) (300).
  • RNG server(s) (300) decode transformation information and encrypted RNG state information (353/153), transform back (354) transformed random numbers (351/151/251), and verify (355) if these transformed back transformed random numbers match transformed random numbers received (352/152/252).
  • mapping random numbers may be mapped and checked against mapped random numbers. If encryption is used, encrypted random numbers may be decrypted and checked against random numbers. Verification result (361) is then sent back to game server (100). Any verification failure may then be logged (162/362) on both RNG server(s) (300) and game server (100).
  • game server (100) stores transformed random numbers during random number generation process. This allows for a verification of transformed random numbers received from remote client (200).
  • game server (100) may add some security information to the transformed data before sending the transformed data to remote client (200). This security information could be later sent back to game server (100) from remote client (200) during a verification process.
  • Security information may be, for example, an identifier of transformation information stored by a game server, an HMAC, or an encryption of the transformation information with a secret key known only to game server (100). Sending such additional information might be of particular importance if game server (100) is in a distributed environment.
  • verification may be done in many ways by, for example, sending a random number or transformed random number, encrypted transformation, and encrypted RNG state information only for transformation on RNG server(s) (300). However, some steps may be optional or done in a different order/location.
  • game server (100) may keep information about transformed random numbers and verify if a transformed random number belongs to a specific player, and RNG server(s) (300) may verify only transformation of random numbers, or game server (100) may request transformation information for a specific number and verify correctness.
  • RNG server(s) (300) log every transaction, and an identifier may be assigned to each transaction while remote client (200) receives and stores a transaction identifier.
  • Remote client (200) and game server (100) may use a transaction identifier to correlate a transaction to a random number.
  • RNG server(s) (300) may then use a transaction identifier to locate a random number and verify that the random number was issued for a particular transaction.
  • a state of available random numbers may be logged for future audit. This state could be logged on game server (100), RNG server(s) (300), or another external system.
  • an audit system that analyzes a sequence of random numbers and states of available random numbers to verify an integrity of generated random numbers. Furthermore, random numbers may be compared against game outcomes, for example, to validate how random numbers were used.
  • Random numbers may be generated using any random generation method, such as true RNG, PRNG (pseudorandom number generator), random numbers distributed from a previously generated file or set of random numbers, cryptographic random from external or internal source, auditable RNGs, such as described in U.S. Patent No. 6,934,846, which is incorporated herein by reference in its entirety, or any other method.
  • Verification may be executed in real time. For example, verification may be executed when a player's random number is presented, or in the alternative, verification can also be done at a later time.
  • Random numbers may be used for any kind of game, including but not limited to, dice games, card games, multiplayer games on the Internet or in a casino, multiplayer action games requiring random input, simulated racing games, slot machines, table games, and the like.
  • RNG server logs, locally or on an external system, necessary received and necessary processed information for future audit.
  • game server (100) stores information provided by RNG server(s) (300) in both encrypted and transformed format.
  • An audit system may retrieve, decrypt, and verify this information.
  • game server (100) and RNG server(s) (300) are integrated into a same system.
  • RNG server(s) (300) control access to RNG state information and transformation information, as well as control a general flow of information that follows the methods described above.
  • game server (100) is a single server. In a gaming environment, game server (100) might be replicated, work in distributed, n- plexed, a clustered environment, or be any other configuration.
  • an exemplary flow chart illustrates a process 600 for protecting random numbers.
  • encrypted transformation information is received.
  • the encrypted transformation information is decrypted.
  • random numbers are generated.
  • random numbers are transformed according to the decrypted transformation information.
  • the transformed random numbers are sent to the game server (100).
  • the transformed random numbers are secured, via the game server (100).
  • the transformed random numbers are sent from the game server (100) to the remote client (200).
  • the remote client (200) transforms the transformed random numbers to recreate the generated random numbers.
  • a computing device or a computer as described in the present disclosure may have one or more processors or processing units and a system memory.
  • the one or more processors execute computer-executable instructions for implementing aspects of the disclosure.
  • the one or more processors are transformed into a special purpose microprocessor by executing computer-executable instructions or by otherwise being programmed.
  • the one or more processors may be programmed with instructions such as described herein with reference to Figure 6.
  • the computer typically has at least some form of computer readable media.
  • Computer readable media which include both volatile and nonvolatile media, removable and non-removable media, may be any available medium that may be accessed by computer.
  • computer readable media comprise computer storage media and communication media.
  • Computer storage media include volatile and nonvolatile, removable and nonremovable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data.
  • computer storage media include RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital versatile disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium that may be used to store the desired information and that may be accessed by computer.
  • Communication media typically embody computer readable instructions, data structures, program modules, or other data in a modulated data signal such as a carrier wave or other transport mechanism and include any information delivery media.
  • Wired media such as a wired network or direct- wired connection
  • wireless media such as acoustic, RF, infrared, and other wireless media
  • the system memory includes computer storage media in the form of removable and/or non-removable, volatile and/or nonvolatile memory.
  • the computer may operate in a networked environment using logical connections to one or more remote computers, such as a remote computer.
  • Embodiments of the invention are operational with numerous other general purpose or special purpose computing system environments or configurations.
  • the computing system environment is not intended to suggest any limitation as to the scope of use or functionality of any aspect of the invention.
  • the computing system environment should not be interpreted as having any dependency or requirement relating to any one or combination of components illustrated in the exemplary operating environment.
  • Well known computing systems, environments, and/or configurations may be suitable for use with aspects of the invention.
  • Embodiments of the invention may be described in the general context of computer-executable instructions, such as program modules, executed by one or more computers or other devices.
  • the computer-executable instructions may be organized into one or more computer-executable components or modules.
  • program modules include, but are not limited to, routines, programs, objects, components, and data structures that perform particular tasks or implement particular abstract data types.
  • aspects of the invention may be implemented with any number and organization of such components or modules. For example, aspects of the invention are not limited to the specific computer-executable instructions or the specific components or modules illustrated in the figures and described herein.
  • Other embodiments of the invention may include different computer-executable instructions or components having more or less functionality than illustrated and described herein.
  • aspects of the invention may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network.
  • program modules may be located in both local and remote computer storage media including memory storage devices.
  • a computer executes computer-executable instructions embodied in one or more computer-executable components stored on one or more computer-readable media to implement aspects of the invention described and/or illustrated herein.

Abstract

The present disclosure provides a method for protecting the "identity" of random numbers used in multiplayer games, which prevents fraud related to access to random game elements by insiders. The method enables a distribution of random numbers by a game server in a way that the game server does not know the "identity" of random numbers but the game server may independently verify these random numbers. The method includes receiving transformation information, generating random numbers, transforming random numbers according to the transformation information, sending the transformed random numbers to a game server, securing, via the game server, the transformed random numbers, sending the transformed random numbers from the game server to a remote client, and transforming the transformed random numbers to recreate the generated random numbers.

Description

SECURE PROVISIONING OF RANDOM NUMBERS TO REMOTE CLIENTS
BACKGROUND
[0001] This patent application claims the benefit of U.S. Provisional Patent Application Serial No. 61/161304, filed on March 18, 2009, the entirety of which is hereby incorporated by reference herein.
[0002] Game servers require random numbers for variety of reasons, for example, to draw winning numbers, to generate game outcomes, and to distribute cards. To prevent attacks on random numbers generated by game servers, conventional gaming regulators may require external (e.g., independent) random number generator (RNG) servers be used for random number generation. Security guidelines/standards set by, for example, the World Lottery Association, recommend that external RNG systems are used for random number generation for, for example, draws or instant winnings generation. As a result of required system redundancy, multiple RNG servers are often used.
[0003] However, use of multiple RNG servers introduces issues for, for example, games that require a state of random numbers to be preserved, games that issue cards to different players from a same deck of cards, and/or games that issue random numbers for individual players where the issued random numbers are dependent upon previously generated random numbers. An exemplary issue for game servers is vulnerability to an attack by insiders illegally accessing a game server which makes it possible, for example, to learn what cards have been dealt to a particular player.
[0004] Therefore, a system and method are needed where random numbers can be generated on any RNG server and can not be revealed to persons having access to a game server. For example, what is needed is a system that includes external RNG servers where a random number generation process is provided such that access to a game server does not permit access to random numbers (e.g., cards) that have been issued to a player. SUMMARY
[0005] In embodiments, described herein is a method for protecting random numbers. The method includes receiving encrypted transformation information, decrypting the encrypted transformation information, generating random numbers, transforming random numbers according to the decrypted transformation information, sending the transformed random numbers to a game server, protecting, via the game server, the transformed random numbers, sending the transformed random numbers from the game server to a remote client, and transforming the transformed random numbers to recreate the generated random numbers.
[0006] In further embodiments, described herein is a method for protecting random numbers using asymmetric encryption. The method includes receiving a public key of a remote client by a random number server, generating random numbers, encrypting the random numbers with the public key, sending the encrypted random numbers to a game server, protecting the encrypted random numbers via the game server, sending the encrypted random numbers from the game server to a remote client, decrypting the encrypted random numbers with a private key by a remote client, and recreating the generated random numbers.
[0007] In still further embodiments, described herein is a system for playing card games. The system includes a random number generation server, a remote client, and one or more processors. The one or more processors are programmed to receive transformed random numbers from the random number generation server, secure transformation information, and verify random numbers.
BRIEF DESCRIPTION OF THE DRAWINGS
[0008] The embodiments described herein may be better understood by referring to the following description in conjunction with the accompanying drawings.
[0009] Figure 1 is an exemplary block diagram of a gaming environment. [0010] Figure 2 is an exemplary block diagram for providing random numbers to a remote client from random number generator (RNG) servers without a game server knowing actual values of the provided random numbers.
[0011] Figure 3 is an exemplary block diagram for providing random numbers to player devices from RNG severs without knowledge from a game server of actual values of the provided random numbers.
[0012] Figures 4 and 5 are exemplary block diagrams of a verification of random numbers provided by a remote client to a game server.
[0013] Figure 6 is an exemplary flow chart illustrating a process for protecting random numbers.
DETAILED DESCRIPTION
[0014] The present disclosure provides systems and methods for protecting an "identity" of random numbers used in multiplayer games to, for example, prevent fraud related to access to random game elements by insiders. The systems and methods described herein enable a distribution of random numbers by a game server in a way that the game server does not know the "identity" of random numbers but the game server may independently verify these random numbers.
[0015] While the making and use of various embodiments of the present disclosure are discussed in detail below, the embodiments of the present disclosure provide many applicable inventive concepts that may be embodied in a wide variety of specific contexts. The specific embodiments discussed herein are merely illustrative of specific ways to make and use the invention and do not delimit the scope of the present disclosure.
[0016] To facilitate the understanding of the present disclosure, a number of terms are defined below. Terms defined herein have meanings as commonly understood by a person of ordinary skill in the areas relevant to the embodiments of the present disclosure. Terms such as "a," "an" and "the" are not intended to refer to only a singular entity, but include the general class of which a specific example may be used for illustration. The terminology herein is used to describe specific embodiments of the present disclosure, but their usage does not delimit the present disclosure, except as outlined in the claims.
[0017] The order of execution or performance of the operations in embodiments of the present disclosure illustrated and described herein is not essential, unless otherwise specified. For example, it is contemplated that executing or performing a particular operation before, contemporaneously with, or after another operation is within the scope of aspects of the present disclosure. Embodiments of the present disclosure may include additional or fewer operations than those disclosed herein.
[0018] Provided herein are systems and methods for securing random data generated on one or more random number generator (RNG) servers (300). In embodiments, the random data generated on one or more RNG servers (300) are not provided to game server (100), and therefore, cannot be obtained by an attack on game server (100).
[0019] Figure 1 is an exemplary gaming environment. One or more remote clients (200) may communicate directly or indirectly with game server (100) via, for example, a network. Game server (100) communicates directly or indirectly with one or more RNG server(s) (300) via, for example, a network. In embodiments, a remote client (200) and RNG server(s) (300) use a transformation of random numbers (e.g., cards) that cannot be interpreted directly by a game server (100). In one embodiment, only transformed random numbers are passed between RNG server(s) (300) and remote client (200) while original random numbers are used by remote client (200). However, one of ordinary skill in the art guided by the teaching herein will appreciate that there may be multiple ways of verifying random numbers presented by remote client (200) to game server (100).
[0020] In embodiments, there are multiple different transformations of random numbers that are possible. For example, a transformation may be one or more of the following: mapping a set of numbers into another set of numbers, standard symmetric or asymmetric encryption, algorithmic transformation, and a combination of the above transformations.
[0021] Following is an example of mapping a set of numbers into another set of numbers in a game using a deck of cards (e.g., a standard deck of 52 different cards). Mapping is defined by ordering cards in a certain described way. For example, the 2 of clubs may be assigned a first position, followed by the 3 of clubs in the second position, and so on up to the ace of clubs. Diamonds, hearts, and spades are ordered similarly from the 2 to the ace, respectively. Each card is represented by a number corresponding to a position/natural order of the card. The numbers/position assigned to each card range from, for example, 1-52. In this example, position number 1 represents the 2 of clubs, position number 2 represents the 3 of clubs . . . position number 14 represents the 2 of diamonds . . . position number 27 represents the 2 of hearts, and so on. Next, 52 uniform different random numbers are generated (e.g., 27, 23, 11, 3, 51...) from a range of 1-52. The generated random numbers are mapped to the assigned numbers representing each of the cards. This mapping is then used to encode random numbers received by remote client (200). That is, as the generated random numbers are received, the generated random numbers are assigned a new number according to the order in which they are received. For example, when a random number is received in position number 1 (e.g., random number 27) the value of original number 27 is used (e.g., the 2 of hearts) replacing the previous value of position number 1 (e.g., the 2 of clubs), and when a random number is received in position number 2 (e.g., random number 23) the value of original number 23 is used (e.g., the jack of diamonds) replacing the previous value of position number 2 (e.g., the 3 of clubs). This process of "mapping" is continued for each of the remaining 52 numbers. One of ordinary skill in the art guided by the teaching herein will appreciate that any other mapping method could be used, as long as the mapping method enables a representation of each random number.
[0022] When using encryption as a method of transformation, encryption with an encryption key provided by remote client (200) may be used by RNG server(s) (300). In case of symmetric encryption, such as 3DES or AES, a secret key may be used to encrypt generated random numbers. In this example, a secret key is sent in a secure way between remote client (200) and RNG server(s) (300). RNG server(s) (300) use this secret key to encrypt random numbers sent back to remote client (200). Remote client (200) decrypts the received encrypted random numbers using the same secret key provided by remote client (200). In case of asymmetric encryption, (e.g. RSA encryption), a public key from remote client (200) is sent to RNG server(s) (300). RNG servers (300) use this public key to encrypt random numbers before they are sent back to remote client (200). Remote client (200) then uses the private key to decrypt received random numbers.
[0023] In some embodiments, more than one system can provide RNG server(s) (300) functionality. As described herein, RNG server(s) (300) functionality is provided by one or more systems and is explained using an example of a single RNG server (300). Examples of a transformation using encryption are also provided herein. Furthermore, symmetric encryption as a transformation method is similar to algorithmic transformation using a secret key, therefore, only the description of one method is provided herein as a description of one of the methods is sufficient for to both methods.
[0024] The sequence of events described in Figures 2 and 3 illustrate embodiments of a process that provide random numbers to a remote client application. In embodiments, a remote client (e.g., remote client (200)) may be, for example, a personal computer, a notebook, a netbook, a tablet computer, a mobile phone, a smart phone, a slot machine, an electronic poker table, a lottery terminal, a video lottery terminal, a POS device, a specialized gaming device, a server computer, a hand-held or laptop device, a multiprocessor system, a microprocessor-based system, a set top box, a programmable consumer electronics, a network PC, a minicomputer, a mainframe computer, or distributed computing environments that includes any of the above systems or devices, or any other device or application requiring random numbers. In one embodiment, each instance of remote client application may be treated as a separate remote client.
[0025] As shown in Figure 2, remote client (200) generates transformation information. For example, when mapping, remote client (200) may generate a set of unique random numbers from a same or bigger range as requested random numbers (209). These remote client generated random numbers are used to map random numbers, received from game server (100), into original random numbers. In this example, symmetric encryption is used as a transformation, and thus, an encryption key may be generated. For asymmetric encryption, remote client's (200) public key may be used. For example, when using AES as a transformation algorithm, an AES key is generated. In embodiments, an encryption algorithm or a transformation type may be included in transformation information.
[0026] After transformation information is generated, transformation information is secured or encrypted (202) in such a way that only RNG server(s) (300) can understand it. In one embodiment, securing of the transformation information is accomplished using asymmetric encryption with a public key from RNG server(s) (300). In further embodiments, all RNG servers (300) may share a same private key. In still further embodiments, an external server may be used by RNG servers (300) to decode transformation information and a public key of the external server may be used by remote client (200) for encrypting transformation information. For the purpose of this disclosure, use of such an external server may be a part of RNG server(s) (300) functionality. In one embodiment, if remote client's (200) public key is used as transformation information, the public key of the remote client (200) does not need to be encrypted when sent to game server (100) and consequently to RNG server(s) (300).
[0027] Secured transformation (202) is sent with a request for one or more transformed random numbers (209) to game server (100). Game server (100) retrieves encrypted RNG state information (103) and thereafter stores and sends the retrieved encrypted RNG state information (103) with a request for transformed random numbers (109) and secured transformation (102) to at least one of the RNG servers (300). However, if the request for one or more transformed random numbers (209) is a first request for a set of random numbers (e.g., a game is just starting and the first cards are retrieved for a first player), game server (100) may send "dummy" RNG state information (103) or no RNG state information (103) at all. Once RNG server(s) (300) receive secured transformation (302/102/202) and encrypted RNG state information (103/303), RNG server(s) (300) decrypt RNG state information (103/303) and retrieve remote client transformation (304). For example, if mapping is encrypted using an asymmetric algorithm or a symmetric algorithm, RNG server(s) (300) may decrypt the mapping using a corresponding algorithm and/or a corresponding key. Further, if a symmetric encryption is used for transformation, a secret key used for transformation is decrypted so that the decrypted secrete key can be used to encrypt random numbers sent back to game server (100).
[0028] In one embodiment, RNG server(s) (300) may generate requested random numbers (305). RNG server(s) (300) transform the generated requested random numbers (305) according to a transformation (306) used to create the transformed random numbers. For example, if mapping of random numbers is used, RNG server(s) (300) may map generated requested random numbers (305) according to mapping of remote client (200). Further, if encryption is used, RNG server(s) (300) may encrypt requested random numbers using an appropriate algorithm with a key provided by remote client (200), and, once this is done, RNG server(s) (300) may encrypt RNG state information (313) and transformation information (312) by using, for example, symmetric encryption and/or a key shared between at least one RNG server(s) (300). In one embodiment, a same key is used for encryption of both transformation information (312) and RNG state information (313). Encrypted RNG state information (313) and/or encrypted transformation information (312) are sent to game server (100) with requested transformed random numbers (317). Encrypted RNG state information (113/313) and encrypted transformation information (112/312 and/or 302/102/202) may be preserved on game server (100) so that they can be sent at a later time to RNG server(s) (300).
[0029] In some embodiments, encrypted transformation information (312) is not sent from RNG server(s) (300) to game server (100). For example, encrypted transformation information (312) is not sent from RNG server(s) (300) to game server (100) if encrypted transformation information (312) is provided to RNG server(s) (300) in a same format as originally provided from remote client (200). Transformed random number response (117/317) may be sent to remote client (200). Remote client (200) transforms back transformed random numbers (218), and if mapping is used, remote client (200) maps back random numbers. Further, if encryption is used, remote client (200) decrypts random numbers using a previously generated key. In one embodiment, transformed random numbers are preserved by game server (100) to allow for a verification that the transformed random numbers were provided to remote client (200). In one embodiment, transformed random numbers are secured by authentication data from game server (100). The authentication data is provided to remote client (200) together with transformed random numbers. This data may be subsequently provided by remote client (200) together with random numbers and transformed random numbers to game server (100) for verification. In embodiments, authentication data may be, for example, HMAC, with a secret key known primarily by game server (100).
[0030] Together, with a request for transformed random numbers (209/109/309), player identifier (108/308) may be provided. In one embodiment, player identifier (108/308) may be used to track distribution of random numbers to specific remote clients by RNG server(s) (300). In an environment where game server (100) does not provide player or remote client identifier (108/308), RNG server(s) (300) may create unique identifiers/tags for player or remote client (200). A design of the RNG state information in such a way that player identifier (108/308) is related to random numbers issued is used to allow for verification of random number to be tied to a specific player. However, if player or remote client identifier (108/308) is provided by game server (100) for random number generation, a verification method may be simplified by verifying that correct transformation information is provided by game server (100), for example, that transformation information belongs to a specific player (e.g., a specific remote client (200)). In a situation where player identification is not provided by game server (100), RNG server(s) (300) may verify that a particular random number belong to a specific player. For example, RNG server(s) (300) may generate unique player tags that are stored with RNG state information and transformation information. These tags can then be matched when random number, RNG state information, and/or transformation information are provided for verification. [0031 ] In embodiments, processing of a request for subsequent random numbers, as shown in Figure 3, is similar to the processes shown/described with respect to Figure 2. For example, as shown in Figure 3, there is not a need for a generation of a transformation of random numbers because transformation information is already generated and stored on game server (100) or another system. Subsequently, secured transformation, as shown in Figure 2, is neither sent nor processed by remote client (200). Transformation information for remote client (200) is retrieved from either encrypted transformation sent with a first response (Figure 2, data 112 and 212), or originally sent secured transformation (Figure 2, data 102). Transformation information (102) and encrypted RNG state information (103) may be sent to one of the one or more RNG server(s) (300). Once RNG server(s) (300) receives transformation information (102/202) and/or encrypted RNG state information (103/303), RNG server(s) (300) decrypts RNG state information and retrieves remote client transformation (304). However, if transformation information was encrypted using asymmetric algorithm or symmetric algorithm, RNG server(s) (300) decrypts transformation information using a corresponding algorithm and/or a corresponding key. RNG server(s) (300) may generate requested random numbers (305) and transform generated random numbers according to transformation (306) of remote client (200), and RNG server(s) (300) may encrypt RNG state information (313). Encrypted RNG state information (313) may be sent together with transformed random numbers (317) to game server (100). In one embodiment, encrypted or secured transformation information and encrypted RNG state information (113/313) are preserved on game server (100) so that they can be sent to RNG server(s) (300) at a later time. Transformed random numbers response (117/317) is sent to remote client (200). Remote client (200) may retrieve random numbers from transformed random numbers using previously generated transformation (218). For example, if mapping is used, remote client (200) decodes mapped random numbers, and if encryption is used for transformation, remote client (200) decrypts transformed random numbers. In one embodiment, a transformed random number may be preserved on game server (100). The transformed random number could then be used by game server (100) for verifying that the transformed random number is provided to remote client (200). [0032] In one embodiment, with a single RNG sever (300), RNG state information and transformation information can be kept on a single RNG server (300). In embodiments, when information is kept on a single RNG server (300), the information does not have to be encrypted.
[0033] Remote client (200) may generate a new transformation for each activity session or game, or remote client (200) may generate a new transformation each time remote client (200) sends a request for transformed random numbers. In one embodiment, remote client (200) sends transformation information identification or a hash. However, if a transformation identification or hash on game server (100) is not the same transformation identification or hash on remote client (200), transformation information is requested from remote client (200). One of ordinary skill in the art guided by the teachings here in will appreciate that steps for transforming and transforming back random numbers to protect random numbers content from game server (100), and combining transformation information for different players together may be executed in a number of different orders.
[0034] In embodiments, secured or encrypted transformation and encrypted RNG state information are preserved on game server (100). This allows a request for random numbers combined with secured or encrypted transformation and encrypted RNG state information to be sent to any one of the RNG servers (300). Random numbers passed from RNG server(s) (300) to remote client (200) may be transformed using a transformation of an individual remote client (200) transformation. For example, when mapping is used, random numbers may be transformed using mapping of remote client (200), and when encryption is used, generated random numbers (e.g., generated random numbers combined with accidental or "dummy" data) may be encrypted using an encryption key provided by remote client (200). In one embodiment, game server (100) does not have access to the transformation information because the transformation information is encrypted, nor does game server (100) retrieve information about random numbers provided to different remote clients (200). [0035] In embodiments, game server (100) verifies random numbers as revealed, discarded, or played by remote client (200). This can be executed in a few different ways by, for example, using RNG state information and random numbers to verify random numbers, or using transformation information, random numbers, transformed random numbers, and optionally RNG state information to verify random numbers.
[0036] In embodiments, as shown in Figures 2 and 3 at (108/308), respectively, game server (100) provides player identifiers to RNG server(s) (300). RNG server(s) (300) incorporates a relation between generated random numbers and player identifier, or an RNG server (300) generated player tag.
[0037] For a verification shown in Figure 4, one or more random numbers (251/151/351) may be provided together with player identification (158/358) and encrypted RNG state information (153/353) to RNG server(s) (300). In one embodiment, RNG server(s) 300 decrypts RNG state info (354) and verifies (357) that random numbers were previously generated for remote client (200). A verification result (361/161) is then sent back to game server (100). Optionally, RNG state information may be updated to include that a random number was already verified and new encrypted RNG state information (163) may be sent back to game server (100). However, in a case of a verification failure, both RNG server(s) (300) and game server (100) may log the failure and, for example, set an alarm.
[0038] In embodiments, as shown Figure 5, remote client (200) may send random numbers (251) together with transformed random numbers (252) to game server (100) to be stored. In one embodiment, game server (100) verifies whether transformed random numbers were provided to remote client (200). Game server (100) may then forward random numbers (151/251) and transformed random numbers (152/252) together with secured or encrypted transformation information and encrypted RNG state information (153) to RNG server(s) (300). RNG server(s) (300) decode transformation information and encrypted RNG state information (353/153), transform back (354) transformed random numbers (351/151/251), and verify (355) if these transformed back transformed random numbers match transformed random numbers received (352/152/252). If mapping is used, random numbers may be mapped and checked against mapped random numbers. If encryption is used, encrypted random numbers may be decrypted and checked against random numbers. Verification result (361) is then sent back to game server (100). Any verification failure may then be logged (162/362) on both RNG server(s) (300) and game server (100).
[0039] In one embodiment, game server (100) stores transformed random numbers during random number generation process. This allows for a verification of transformed random numbers received from remote client (200). In one embodiment, game server (100) may add some security information to the transformed data before sending the transformed data to remote client (200). This security information could be later sent back to game server (100) from remote client (200) during a verification process. Security information may be, for example, an identifier of transformation information stored by a game server, an HMAC, or an encryption of the transformation information with a secret key known only to game server (100). Sending such additional information might be of particular importance if game server (100) is in a distributed environment.
[0040] While the verification process above illustrates particular embodiments, it is within the scope of the present disclosure to provide a different verification process. Thus, in embodiments, verification may be done in many ways by, for example, sending a random number or transformed random number, encrypted transformation, and encrypted RNG state information only for transformation on RNG server(s) (300). However, some steps may be optional or done in a different order/location. In one embodiment, game server (100) may keep information about transformed random numbers and verify if a transformed random number belongs to a specific player, and RNG server(s) (300) may verify only transformation of random numbers, or game server (100) may request transformation information for a specific number and verify correctness.
[0041] In one embodiment, during verification, RNG server(s) (300) log every transaction, and an identifier may be assigned to each transaction while remote client (200) receives and stores a transaction identifier. Remote client (200) and game server (100) may use a transaction identifier to correlate a transaction to a random number. RNG server(s) (300) may then use a transaction identifier to locate a random number and verify that the random number was issued for a particular transaction.
[0042] In embodiments, a state of available random numbers may be logged for future audit. This state could be logged on game server (100), RNG server(s) (300), or another external system. In one embodiment, provided herein is an audit system that analyzes a sequence of random numbers and states of available random numbers to verify an integrity of generated random numbers. Furthermore, random numbers may be compared against game outcomes, for example, to validate how random numbers were used.
[0043] The methods described above allow for generations of any type of distributions. Random numbers may be generated using any random generation method, such as true RNG, PRNG (pseudorandom number generator), random numbers distributed from a previously generated file or set of random numbers, cryptographic random from external or internal source, auditable RNGs, such as described in U.S. Patent No. 6,934,846, which is incorporated herein by reference in its entirety, or any other method.
[0044] Verification may be executed in real time. For example, verification may be executed when a player's random number is presented, or in the alternative, verification can also be done at a later time.
[0045] Random numbers may be used for any kind of game, including but not limited to, dice games, card games, multiplayer games on the Internet or in a casino, multiplayer action games requiring random input, simulated racing games, slot machines, table games, and the like.
[0046] In one embodiment, RNG server logs, locally or on an external system, necessary received and necessary processed information for future audit. In one embodiment, for future audit, game server (100) stores information provided by RNG server(s) (300) in both encrypted and transformed format. An audit system may retrieve, decrypt, and verify this information.
[0047] In a further embodiment, game server (100) and RNG server(s) (300) are integrated into a same system. In this embodiment, RNG server(s) (300) control access to RNG state information and transformation information, as well as control a general flow of information that follows the methods described above.
[0048] As illustrated herein, game server (100) is a single server. In a gaming environment, game server (100) might be replicated, work in distributed, n- plexed, a clustered environment, or be any other configuration.
[0049] It is within the scope of the present disclosure to generate individual mapping of random numbers for remote client (200) in RNG server(s) (300) and pass this mapping to remote client (200) using encryption in a way that game server (100) cannot decode it.
[0050] Referring next to Figure 6, an exemplary flow chart illustrates a process 600 for protecting random numbers. At 602, encrypted transformation information is received. At 604, the encrypted transformation information is decrypted. At 606, random numbers are generated. At 608, random numbers are transformed according to the decrypted transformation information. At 610, the transformed random numbers are sent to the game server (100). At 612, the transformed random numbers are secured, via the game server (100). At 614, the transformed random numbers are sent from the game server (100) to the remote client (200). In embodiments, the remote client (200) transforms the transformed random numbers to recreate the generated random numbers.
EXEMPLARY OPERATING ENVIRONMENT
[0051] A computing device or a computer as described in the present disclosure may have one or more processors or processing units and a system memory. The one or more processors execute computer-executable instructions for implementing aspects of the disclosure. In some embodiments, the one or more processors are transformed into a special purpose microprocessor by executing computer-executable instructions or by otherwise being programmed. For example, the one or more processors may be programmed with instructions such as described herein with reference to Figure 6. The computer typically has at least some form of computer readable media. Computer readable media, which include both volatile and nonvolatile media, removable and non-removable media, may be any available medium that may be accessed by computer. By way of example and not limitation, computer readable media comprise computer storage media and communication media. Computer storage media include volatile and nonvolatile, removable and nonremovable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. For example, computer storage media include RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital versatile disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium that may be used to store the desired information and that may be accessed by computer. Communication media typically embody computer readable instructions, data structures, program modules, or other data in a modulated data signal such as a carrier wave or other transport mechanism and include any information delivery media. Those skilled in the art are familiar with the modulated data signal, which has one or more of its characteristics set or changed in such a manner as to encode information in the signal. Wired media, such as a wired network or direct- wired connection, and wireless media, such as acoustic, RF, infrared, and other wireless media, are examples of communication media. Combinations of any of the above are also included within the scope of computer readable media.
[0052] The system memory includes computer storage media in the form of removable and/or non-removable, volatile and/or nonvolatile memory. The computer may operate in a networked environment using logical connections to one or more remote computers, such as a remote computer.
[0053] Embodiments of the invention are operational with numerous other general purpose or special purpose computing system environments or configurations. The computing system environment is not intended to suggest any limitation as to the scope of use or functionality of any aspect of the invention. Moreover, the computing system environment should not be interpreted as having any dependency or requirement relating to any one or combination of components illustrated in the exemplary operating environment. Well known computing systems, environments, and/or configurations may be suitable for use with aspects of the invention.
[0054] Embodiments of the invention may be described in the general context of computer-executable instructions, such as program modules, executed by one or more computers or other devices. The computer-executable instructions may be organized into one or more computer-executable components or modules. Generally, program modules include, but are not limited to, routines, programs, objects, components, and data structures that perform particular tasks or implement particular abstract data types. Aspects of the invention may be implemented with any number and organization of such components or modules. For example, aspects of the invention are not limited to the specific computer-executable instructions or the specific components or modules illustrated in the figures and described herein. Other embodiments of the invention may include different computer-executable instructions or components having more or less functionality than illustrated and described herein. Aspects of the invention may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.
[0055] In operation, a computer executes computer-executable instructions embodied in one or more computer-executable components stored on one or more computer-readable media to implement aspects of the invention described and/or illustrated herein.
[0056] Having described aspects of the invention in detail, it will be apparent that modifications and variations are possible without departing from the scope of aspects of the invention as defined in the appended claims. As various changes could be made in the above constructions, products, and methods without departing from the scope of aspects of the invention, it is intended that all matter contained in the above description and shown in the accompanying drawings shall be interpreted as illustrative and not in a limiting sense.

Claims

WHAT IS CLAIMED IS:
1. A method for protecting random numbers, the method comprising:
receiving encrypted transformation information;
decrypting the encrypted transformation information;
generating random numbers;
transforming random numbers according to the transformation information;
sending the transformed random numbers to a game server;
securing, via the game server, the transformed random numbers;
sending the transformed random numbers from the game server to a remote client, wherein the remote client transforms the transformed random numbers to recreate the generated random numbers.
2. A method in accordance with claim 1, further comprising:
generating transformation information;
encrypting the transformation information using an asymmetric algorithm; and
sending the encrypted transformation information.
3. A method in accordance with claim 1 , wherein transforming random numbers according to the decrypted transformation information comprises mapping, standard encryption, or using a private algorithm with a secret key.
4. A method in accordance with claim 1, further comprising retrieving encrypted transformation information by at least one or more of the following: using a separate system providing decryption service, and decrypting information with a private key used by one or more random number generation servers.
5. A method in accordance with claim 1, further comprising:
encrypting transformation information; and
safeguarding transformation information on a same system or another system for one or more remote clients.
6. A method in accordance with claim 5, further comprising adding a player identifier or player tag with transformation information.
7. A method in accordance with claim 5, further comprising using a same encryption key by one or more random number generation servers for encryption.
8. A method in accordance with claim 1, further comprising:
preserving, in an encrypted format, random number generator state information on a random number generation server, the game server, or another system; and
passing random number generator state between the game server and one or more random number generation servers
9. A method in accordance with claim 8, further comprising preserving random number generator state information about specific random numbers issued to specific remote clients.
10. A method in accordance with claim 8, further comprising preserving, in an unencrypted format, random number generator state information and transformation information on a random number generation server or another trusted system.
11. A method in accordance with claim 1 , further comprising providing, by the remote client, one or more random numbers and one or more transformed random numbers for verifying random numbers.
12. A method in accordance with claim 1, further comprising verifying, via a game server, random numbers generated by sending random numbers and/or transformed random numbers and transformation information to a random number generation server or a third party system for verification.
13. A method in accordance with claim 1 , further comprising storing transformed random numbers for future verification.
14. A method in accordance with claim 1 , further comprising one of storing encrypted random number generator state information for future generation and/or verification of random numbers, or sending transformed random numbers with authentication information to the remote client.
15. A method in accordance with claim 1 , further comprising using a separate system for verifying random numbers, wherein the separate system is a random number generation server or another third party system, and wherein the separate system is configured to do one or more of the following:
use encrypted transformation information;
use encrypted random number generator state information and at least one random number; and
verify that a specific random number belongs to a particular remote client.
16. A method in accordance with claim 1, further comprising verifying random numbers, via an audit system, by one or more of the following: analyzing consecutively issued random numbers for a game, verifying if random numbers are properly issued to particular remote clients, and verifying if random numbers are consecutively issued for a game.
17. A method in accordance with claim 1, further comprising verifying issued random numbers by providing random numbers and a transaction identifier to a random number generation server.
18. A method in accordance with claim 1 , further comprising using random numbers for a card game or a dice game.
19. A method in accordance with claim 1, connecting the gaming or gambling devices to the game server, and wherein the remote client is part of the gaming or gambling devices.
20. A method in accordance to claim 1, further comprising, sending, from the remote client to the game server, random numbers and one or more of the following: security information, and transformation information.
21. A method in accordance with claim 1 , further comprising:
generating transformation information in a random number generation server;
encrypting transformation information using either an asymmetric or a symmetric algorithm; and
sending encrypted transformation information by the random number generation server to the remote client via a gaming system.
22. A method for protecting random numbers, the method comprising:
receiving a public key of a remote client;
generating random numbers;
encrypting the random numbers with the public key; and
sending the encrypted random numbers to a game server, wherein the game server secures the encrypted random number and sends the secured encrypted random numbers to a remote client for decryption.
23. A gaming system for playing card games, the system comprising:
a game server; and
one or more processors programmed to: receive transformed random numbers, the transformed random numbers transformed by a random number generation server according to transformation information received from a remote client;
secure the transformation information; and
verify random numbers.
24. A gaming system in accordance with claim 23, wherein the one or more processors are programmed to verify random numbers by sending the random numbers to the random number generation server for verification, or by sending the random numbers to a separate third party for verification.
PCT/US2010/027646 2009-03-18 2010-03-17 Secure provisioning of random numbers to remote clients WO2010107902A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US16130409P 2009-03-18 2009-03-18
US61/161,304 2009-03-18

Publications (2)

Publication Number Publication Date
WO2010107902A2 true WO2010107902A2 (en) 2010-09-23
WO2010107902A3 WO2010107902A3 (en) 2011-01-13

Family

ID=42738124

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2010/027646 WO2010107902A2 (en) 2009-03-18 2010-03-17 Secure provisioning of random numbers to remote clients

Country Status (2)

Country Link
US (1) US20100240440A1 (en)
WO (1) WO2010107902A2 (en)

Families Citing this family (53)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6676127B2 (en) 1997-03-13 2004-01-13 Shuffle Master, Inc. Collating and sorting apparatus
US6655684B2 (en) 1998-04-15 2003-12-02 Shuffle Master, Inc. Device and method for forming and delivering hands from randomly arranged decks of playing cards
US6254096B1 (en) 1998-04-15 2001-07-03 Shuffle Master, Inc. Device and method for continuously shuffling cards
US8590896B2 (en) 2000-04-12 2013-11-26 Shuffle Master Gmbh & Co Kg Card-handling devices and systems
US8011661B2 (en) 2001-09-28 2011-09-06 Shuffle Master, Inc. Shuffler with shuffling completion indicator
US7753373B2 (en) 2001-09-28 2010-07-13 Shuffle Master, Inc. Multiple mode card shuffler and card reading device
US8337296B2 (en) 2001-09-28 2012-12-25 SHFL entertaiment, Inc. Method and apparatus for using upstream communication in a card shuffler
US8616552B2 (en) 2001-09-28 2013-12-31 Shfl Entertainment, Inc. Methods and apparatuses for an automatic card handling device and communication networks including same
US7677565B2 (en) 2001-09-28 2010-03-16 Shuffle Master, Inc Card shuffler with card rank and value reading capability
US6886829B2 (en) 2002-02-08 2005-05-03 Vendingdata Corporation Image capturing card shuffler
US20160136511A9 (en) 2002-05-20 2016-05-19 Bally Gaming, Inc. Four Card Poker Game with Variable Wager
US9126102B2 (en) 2002-05-20 2015-09-08 Bally Gaming, Inc. Four-card poker game with variable wager
US9183705B2 (en) 2004-09-10 2015-11-10 Bally Gaming, Inc. Methods of playing wagering games
US20060284376A1 (en) 2005-06-17 2006-12-21 Shuffle Master, Inc. Casino table variant of Texas hold'em poker
US20060066048A1 (en) 2004-09-14 2006-03-30 Shuffle Master, Inc. Magnetic jam detection in a card shuffler
US7764836B2 (en) 2005-06-13 2010-07-27 Shuffle Master, Inc. Card shuffler with card rank and value reading capability using CMOS sensor
US7556266B2 (en) 2006-03-24 2009-07-07 Shuffle Master Gmbh & Co Kg Card shuffler with gravity feed system for playing cards
US8342525B2 (en) 2006-07-05 2013-01-01 Shfl Entertainment, Inc. Card shuffler with adjacent card infeed and card output compartments
US8579289B2 (en) 2006-05-31 2013-11-12 Shfl Entertainment, Inc. Automatic system and methods for accurate card handling
US8353513B2 (en) 2006-05-31 2013-01-15 Shfl Entertainment, Inc. Card weight for gravity feed input for playing card shuffler
US8070574B2 (en) 2007-06-06 2011-12-06 Shuffle Master, Inc. Apparatus, system, method, and computer-readable medium for casino card handling with multiple hand recall feature
US8919775B2 (en) 2006-11-10 2014-12-30 Bally Gaming, Inc. System for billing usage of an automatic card handling device
US7988152B2 (en) 2009-04-07 2011-08-02 Shuffle Master, Inc. Playing card shuffler
US8967621B2 (en) 2009-04-07 2015-03-03 Bally Gaming, Inc. Card shuffling apparatuses and related methods
US8800993B2 (en) 2010-10-14 2014-08-12 Shuffle Master Gmbh & Co Kg Card handling systems, devices for use in card handling systems and related methods
US8485527B2 (en) 2011-07-29 2013-07-16 Savant Shuffler LLC Card shuffler
US9731190B2 (en) 2011-07-29 2017-08-15 Bally Gaming, Inc. Method and apparatus for shuffling and handling cards
US8974305B2 (en) 2012-01-18 2015-03-10 Bally Gaming, Inc. Network gaming architecture, gaming systems, and related methods
US9120007B2 (en) 2012-01-18 2015-09-01 Bally Gaming, Inc. Network gaming architecture, gaming systems, and related methods
WO2013158466A1 (en) 2012-04-15 2013-10-24 Shfl Entertainment, Inc. Interactive financial transactions
US8960674B2 (en) 2012-07-27 2015-02-24 Bally Gaming, Inc. Batch card shuffling apparatuses including multi-card storage compartments, and related methods
US9511274B2 (en) 2012-09-28 2016-12-06 Bally Gaming Inc. Methods for automatically generating a card deck library and master images for a deck of cards, and a related card processing apparatus
US9378766B2 (en) 2012-09-28 2016-06-28 Bally Gaming, Inc. Card recognition system, card handling device, and method for tuning a card handling device
US9785408B2 (en) * 2013-02-02 2017-10-10 Novomatic Ag System and method of centralized random number generator processing
US9336646B2 (en) * 2013-02-02 2016-05-10 Novomatic A.G. System and method of centralized random number generator processing
US9819727B2 (en) 2013-02-28 2017-11-14 Amazon Technologies, Inc. Computing infrastructure for configurable-quality random data
EP2962441B1 (en) * 2013-02-28 2020-04-22 Amazon Technologies, Inc. Configurable-quality random data service
TW201447804A (en) * 2013-06-11 2014-12-16 Real Time Winning System Inc Real time betting, drawing and winning system and method thereof
EP3263193B1 (en) 2014-04-11 2019-06-05 Bally Gaming, Inc. Method and apparatus for shuffling and handling cards
US9474957B2 (en) 2014-05-15 2016-10-25 Bally Gaming, Inc. Playing card handling devices, systems, and methods for verifying sets of cards
USD764599S1 (en) 2014-08-01 2016-08-23 Bally Gaming, Inc. Card shuffler device
US9566501B2 (en) 2014-08-01 2017-02-14 Bally Gaming, Inc. Hand-forming card shuffling apparatuses including multi-card storage compartments, and related methods
US9504905B2 (en) 2014-09-19 2016-11-29 Bally Gaming, Inc. Card shuffling device and calibration method
US10027487B2 (en) * 2015-05-14 2018-07-17 Sca Promotions, Inc. System and method for providing auditable secure seeds to random number generators across multiple entities
US9993719B2 (en) 2015-12-04 2018-06-12 Shuffle Master Gmbh & Co Kg Card handling devices and related assemblies and components
US10339765B2 (en) 2016-09-26 2019-07-02 Shuffle Master Gmbh & Co Kg Devices, systems, and related methods for real-time monitoring and display of related data for casino gaming devices
US10933300B2 (en) 2016-09-26 2021-03-02 Shuffle Master Gmbh & Co Kg Card handling devices and related assemblies and components
US11896891B2 (en) 2018-09-14 2024-02-13 Sg Gaming, Inc. Card-handling devices and related methods, assemblies, and components
US11376489B2 (en) 2018-09-14 2022-07-05 Sg Gaming, Inc. Card-handling devices and related methods, assemblies, and components
US11338194B2 (en) 2018-09-28 2022-05-24 Sg Gaming, Inc. Automatic card shufflers and related methods of automatic jam recovery
CN112546608A (en) 2019-09-10 2021-03-26 夏佛马士特公司 Card handling apparatus for defect detection and related methods
US11173383B2 (en) 2019-10-07 2021-11-16 Sg Gaming, Inc. Card-handling devices and related methods, assemblies, and components
CN114978503B (en) * 2022-05-23 2024-02-23 国汽智控(北京)科技有限公司 Vehicle-mounted data storage method, vehicle-mounted data acquisition method, device and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040141611A1 (en) * 2003-01-22 2004-07-22 Walter Szrek Method of generating unpredictable and auditable random numbers
US20060165235A1 (en) * 1994-12-19 2006-07-27 Carlson Rolf E Method for control of gaming systems and for generating random numbers
US20080064494A1 (en) * 1996-12-31 2008-03-13 Bruce Schneier System and method for securing electronic games

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1996027155A2 (en) * 1995-02-13 1996-09-06 Electronic Publishing Resources, Inc. Systems and methods for secure transaction management and electronic rights protection
US9659459B2 (en) * 2006-07-20 2017-05-23 Aristocrat Technologies Australia Pty Limited Game server, gaming system and a gaming method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060165235A1 (en) * 1994-12-19 2006-07-27 Carlson Rolf E Method for control of gaming systems and for generating random numbers
US20080064494A1 (en) * 1996-12-31 2008-03-13 Bruce Schneier System and method for securing electronic games
US20040141611A1 (en) * 2003-01-22 2004-07-22 Walter Szrek Method of generating unpredictable and auditable random numbers

Also Published As

Publication number Publication date
WO2010107902A3 (en) 2011-01-13
US20100240440A1 (en) 2010-09-23

Similar Documents

Publication Publication Date Title
US20100240440A1 (en) Secure Provisioning of Random Numbers to Remote Clients
US6477251B1 (en) Apparatus and method for securely determining an outcome from multiple random event generators
US8775316B2 (en) Wagering game with encryption and authentication
US6934846B2 (en) Method of generating unpredictable and auditable random numbers
CN102484638B (en) Layered protection and validation of identity data delivered online via multiple intermediate clients
US20060253702A1 (en) Secure gaming server
US20080254850A1 (en) Trusted Computing in a Wagering Game Machine
US20100075760A1 (en) Partition management in a wagering game system
US20170161991A1 (en) System and method for public verification of a gambling website or gaming event
US20100122320A1 (en) Secure and Self Monitoring Slot Gaming Network
US9454648B1 (en) Distributing token records in a market environment
US10599072B2 (en) System and method for generating auditable secure seeds from real-world data
US7350081B1 (en) Secure execution of downloaded software
US8150036B2 (en) Encrypted data installation
US8241115B2 (en) Multiple key failover validation in a wagering game machine
US9087432B2 (en) Creation and monitoring of “fair play” online gaming
CN113794679B (en) Method and system for preventing automatic script number robbing
CN201364576Y (en) Network software account password and computer system safety device
US10026262B2 (en) Computer implemented frameworks and methodologies for enabling software authentication at an electronic gaming machine
CN100433161C (en) Digital content intelligent playing device and its controllable playing method
Sharma et al. Two different authentication protocol for RFID credit card security

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10754051

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10754051

Country of ref document: EP

Kind code of ref document: A2