JP2011045584A - Electronic device, game machine, main control board, peripheral board, authentication method and authentication program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To correct an expected value to be used for authenticating a main control board by a simple method, and to prevent fraudulent control of a peripheral board from a main control board and diversion of the expected value and information about authentication. <P>SOLUTION: In an electronic device including the main control board 310 and the peripheral board 330 conducting a predetermined processing based on a control command transmitted by the main control board 310, when a control command to be transmitted to the peripheral board 330 is a predetermined control command, the main control board 310 adds correction data for correcting the expected value to be used for collating data transmitted from the main control board 310 and authentication data to authenticate the main control board 310. The main control board 310 transmits the correction data before the end of transmitting authentication data for the partition number to the peripheral board 330. The peripheral board 330 performs dyadic operation for the received authentication data, and authenticates the main control board 310 using the value calculated by the dyadic operation and the corrected expected value. <P>COPYRIGHT: (C)2011,JPO&INPIT

Description

  The present invention relates to an electronic device, a gaming machine, a main control board, a peripheral board, an authentication method, and an authentication program that include a plurality of boards and authenticate communication between these boards.

  Conventionally, in an electronic apparatus having a plurality of substrates, various techniques have been proposed for preventing fraud on these substrates. As an electronic device provided with a plurality of substrates, for example, there is a pachinko gaming machine. The pachinko gaming machine includes a main control board that controls the operation of the entire electronic device and a controlled board (peripheral board) that performs the operation of each part of the electronic device. The main control board outputs a control signal including a control command to the peripheral board, and the other peripheral boards have a function of executing an operation according to the control signal transmitted from the main control board.

  Examples of frauds with respect to the main control board include a method of replacing a regular main control board with an illegal control board, or altering a program code that defines processing performed by the main control board. In order to prevent such fraud, for example, a technique has been proposed in which program data stored in a ROM mounted in the main control board is checked by a ROM checker to prevent unauthorized exchange of the ROM ( For example, see the following Patent Document 1.)

  As another method, the ROM mounted in the peripheral board such as the display control unit holds in advance an expected value for collating other boards, and this expected value is compared with the main control board and When the sum of IDs (unique values) of other peripheral boards matches, a technique for detecting that an illegal board has been inserted by authenticating other boards has been proposed (for example, (See Patent Document 2 below.)

JP 11-333108 A JP-A-2005-21330

  However, according to the technique disclosed in Patent Document 1 described above, although falsification of program data can be detected, it is possible to prevent an unauthorized control board from being connected between a regular main control board and a controlled board. Can not. For this reason, there is a problem that the controlled substrate performs unauthorized control by the control signal output from the unauthorized control substrate.

  Here, a fraud prevention technique according to the prior art will be described with reference to FIGS. 16 and 17. FIG. 16 is an explanatory diagram showing an outline of a fraud prevention technique according to the prior art. FIG. 17 is an explanatory diagram showing an example of inserting an unauthorized control board. As shown in FIG. 16, the regular main control board 1601 outputs a regular control signal RS to the peripheral board 1602 to control the operation of the peripheral board 1602. The regular main control board 1601 is provided with an inspection port 1603. The program data stored in the ROM or the like provided inside the regular main control board 1601 is inspected from the inspection port 1603 to inspect whether the regular main control board 1601 is fraudulent.

  However, as shown in FIG. 17, an unauthorized control board 1701 may be inserted between the regular main control board 1601 and the peripheral board 1602. The unauthorized control board 1701 discards or ignores the regular control signal RS output from the regular main control board 1601 and outputs an unauthorized control signal FS to the peripheral board 1602 instead. Here, the peripheral board 1602 cannot determine whether the input signal is the normal control signal RS or the illegal control signal FS. For this reason, there is a problem that the peripheral board 1602 operates in accordance with an illegal control signal FS.

  In addition, since the inspection port 1603 is provided only on the regular main control board 1601, even if the inspection using the inspection port 1603 is performed, the inspection result for the process in the regular main control board 1601 is returned. . For this reason, there is a problem that even if the inspection using the inspection port 1603 is performed, the unauthorized control by the unauthorized control board 1701 cannot be detected.

  Further, with the technique of Patent Document 2 described above, it can be detected that an unauthorized control board has been inserted. However, since the ID changes when the substrate is changed, there is a problem that the expected value must be rewritten every time another substrate is changed. Therefore, there is a problem that the setting of the board for performing authentication of the main control board and other peripheral boards must be changed every time the main control board and other peripheral boards are changed, which is troublesome.

  Further, in the technique of Patent Document 2, when any of the boards is changed, an abnormality canceling switch is provided that automatically updates the expected value with the sum of the IDs of the changed main control board and other peripheral boards. . However, for example, if the abnormality release switch is operated while an unauthorized substrate is inserted, there is a problem that the unauthorized substrate is authenticated as a regular substrate.

  The present invention corrects the expected value used for authenticating the main control board by a simple method in order to solve the above-mentioned problems caused by the prior art, and also performs illegal control from the main control board to the peripheral board, the expected value and It is an object of the present invention to provide an electronic device, a gaming machine, a main control board, a peripheral board, an authentication method, and an authentication program that can prevent the use of information related to authentication.

  In order to solve the above-described problems and achieve the object, an electronic device according to a first aspect of the present invention includes a main control unit that transmits a control command, and a predetermined control based on the control command transmitted by the main control unit. An electronic device comprising: a peripheral unit that performs processing, wherein the main control unit stores data storage means for storing predetermined data, and a number for dividing the data stored in the data storage means (hereinafter referred to as the data storage means) , "Determining the number of divisions"), dividing the data in the data storage means into the number of divisions, and performing a binary operation that satisfies the combining law for each of the divided data Authentication data generating means for generating authentication data for the number of divisions, and a correction process for correcting an expected value used for collation of the authentication data held in the peripheral section and transmitted from the main control section Correction data generating means for generating correction data for the data, dummy data generating means for generating dummy data of the authentication data or the correction data, and the control command transmitted to the peripheral part is a predetermined control command Adding the authentication data for the number of divisions generated by the authentication data generating means to the control command, and transmitting the control command to the peripheral section before adding the authentication data for the number of divisions Is a predetermined control command, the correction data generated by the correction data generation means is added to the control command, and the control command other than the control command to which the correction data or the authentication data is added, Adding means for adding the dummy data generated by the dummy data generating means; The control command to which data is added (hereinafter referred to as “control command with correction data”), the control command to which authentication data is added (hereinafter referred to as “control command with authentication data”) or the dummy data is added. Transmission means for transmitting the control command (hereinafter referred to as “control command with dummy data”) to the peripheral portion, the peripheral portion including the control command with correction data transmitted by the main control portion, When receiving the control command with authentication data or the control command with dummy data, and when receiving the control command with correction data by the receiving means, the control command with correction data is held in the peripheral portion. Correction means for correcting the expected value, and binary calculation for the authentication data for the number of divisions Authentication means for authenticating the main control unit based on whether or not the value calculated by the binary operation and the expected value corrected by the correction means match, The authenticating unit authenticates the main control unit when the receiving unit receives the control command with dummy data.

  According to the first aspect of the present invention, when the control command transmitted from the main control unit is a predetermined control command, correction data or authentication data is added to the control command. Thereby, compared with the case where correction data or authentication data is transmitted independently, the communication load between a main control part and a peripheral part can be reduced. Moreover, compared with the case where correction data or authentication data is transmitted alone, the possibility that correction data or authentication data is extracted from communication data and analyzed can be reduced. In addition, since the correction process or authentication process for correcting the expected value is performed only when a predetermined control command is transmitted, the main control is compared with the case where the authentication process or the correction process is performed when all control commands are transmitted. The processing load on the part and the peripheral part can be reduced. In addition, since the correction process can be performed before the authentication process is performed, for example, even if the main control unit is changed, the changed main control unit can be authenticated as a regular board.

  In addition, the main control unit transmits the correction data at an arbitrary timing before starting to transmit the authentication data for the number of divisions or after starting to transmit the authentication data for the number of divisions. Accordingly, the main control unit can transmit the correction data before transmitting the authentication data transmitted last in the authentication data for the number of divisions. For example, when the number of divisions is 3, the main control unit can transmit the correction data at an arbitrary timing until transmission of authentication data transmitted third is completed. For this reason, it is possible to prevent a third party from knowing the timing of transmitting the correction data. Further, the number of divisions is a value that only the main control unit knows, and the peripheral unit can know the number of authentication data (number of connections) subjected to the binary operation when authentication to the main control unit is established. it can. For this reason, the third party cannot know the number of divisions. For example, even if one authentication data is known to a third party, the value calculated by combining the authentication data for the number of divisions is the third party. Can be prevented from being known. The value calculated by combining the authentication data for the number of divisions is a value for establishing authentication for the main control unit in the peripheral part. Therefore, it is possible to prevent the third party from stealing the correction data and the value for establishing the authentication for the main control unit, so that the authentication strength can be improved.

  Further, the main control unit can transmit the control command with dummy data added when it is not the timing to transmit the correction data or the authentication data. This can prevent a third party from knowing when correction data or authentication data has been transmitted. Therefore, the correction data and the authentication data can be prevented from being stolen, so that the authentication strength can be increased.

  In addition, when receiving the dummy data, the peripheral unit can perform a process of temporarily authenticating the main control unit (hereinafter referred to as “dummy authentication process”). As a result, it is possible to prevent a third party from knowing the timing at which authentication processing using regular authentication data is performed in the peripheral portion, so that the strength of authentication can be increased.

  The electronic device according to a second aspect of the present invention is the electronic device according to the first aspect, wherein the authentication means performs two or more types of binary operations that satisfy a combining rule for the authentication data for the number of divisions. And the main control unit is authenticated based on whether any of the two or more values calculated by the binary operation matches the expected value.

  According to the invention of claim 2, the peripheral unit performs all binary operations that can be selected when generating the authentication data in the main control unit with respect to the authentication data transmitted from the main control unit. Then, a value used for collation of the main control unit is calculated for each of the two terms. Then, the peripheral unit authenticates the main control unit based on whether any of the values used for collation of the main control unit matches the expected value. Thus, the peripheral unit can generate a value for establishing authentication for the main control unit without knowing the number of divisions determined by the determination unit, and can perform authentication processing of the main control unit. . For example, even if the number of divisions and the calculation method are not known, the peripheral unit can generate a value for establishing authentication for the main control unit, and can authenticate the main control unit. Further, since the number of persons who can know the number of authentication data for generating a value for establishing authentication for the main control unit can be limited, the strength of authentication can be improved.

  An electronic device according to a third aspect of the invention is the electronic device according to the first aspect, wherein the authentication data generating means is based on the number of divisions and is selected from two or more types of binary operations satisfying a coupling law. The binomial calculation used for the next generation of the authentication data is selected, and the authentication means determines the number of the authentication data that is the target of the selected binary calculation when the authentication for the main control unit is established. Based on the two or more types of binary operations, a binary operation used for the next authentication is selected.

  According to the third aspect of the invention, the main control unit selects a binary operation used for generating authentication data at the time of the next authentication based on the number of divisions obtained by dividing the data in the data storage means. Since the number of divisions is a value known only by the main control unit, a third party cannot know the switching timing of the calculation method used for generating the authentication data.

  In addition, the peripheral unit switches the calculation method used for generating the authentication data based on the number of authentication data when the authentication for the main control unit is established. In addition, in order to generate a value for establishing authentication for the main control unit, the peripheral unit uses the same calculation method as the calculation method for generating authentication data in the main control unit, and calculates the authentication data for the number of divisions. To do. For this reason, even if the authentication data for the number of divisions is stolen and reused by a third party, the peripheral portion is the same as when the authentication data for the stolen number of divisions is generated after the calculation method is switched. Using a calculation method different from the calculation method, the authentication data corresponding to the stolen number of divisions is calculated. As a result, even if the peripheral part receives authentication data for the number of divisions stolen by a third party, it does not calculate a value that matches the expected value, so the authentication data for the number of stolen divisions is illegal. It can be judged. Therefore, even if an unauthorized control unit is inserted between the main control unit and the peripheral unit, and authentication data for the number of divisions stolen by a third party is transmitted from the unauthorized control unit to the peripheral unit. It is possible to detect that an unauthorized control unit has been inserted. Therefore, unauthorized processing by the unauthorized control unit can be prevented.

  An electronic device according to a fourth aspect of the present invention is the electronic device according to any one of the first to third aspects, wherein the authentication data generating means encrypts the authentication data by a predetermined encryption method, The authenticating means decrypts the authentication data by a decryption method corresponding to the predetermined encryption method, and performs the authentication.

  According to the fourth aspect of the present invention, it is possible to reduce the possibility that the authentication data generation method is analyzed or the authentication data is reused.

  According to a fifth aspect of the present invention, in the electronic device according to the fourth aspect of the invention, the authentication data generation means changes the authentication data encryption method based on the number of divisions, and the authentication means The authentication data decryption method is changed based on the number of the authentication data subjected to the binary operation when the authentication for the main control unit is established.

  According to the invention of claim 5, the third party cannot know the switching timing of the encryption method of the authentication data, and the generation method of the authentication data can be analyzed or the authentication data can be reused. Can be further reduced.

  According to a sixth aspect of the present invention, in the electronic device according to any one of the first to fifth aspects of the present invention, the two or more binary operations are addition and exclusive OR operations. Features.

  According to the sixth aspect of the present invention, addition and exclusive OR operation can be switched and used as the binary operation used for generating the authentication data.

  An electronic device according to a seventh aspect of the present invention is the electronic device according to any one of the first to sixth aspects, wherein the authentication means receives the control command with dummy data by the receiving means. The main control unit is authenticated by omitting the process of whether or not the value calculated using dummy data matches the expected value.

  According to the seventh aspect of the present invention, dummy data transmission processing can be added without increasing unnecessary processing in the peripheral portion. Therefore, the correction data and authentication data can be prevented from being stolen by a simple method, and the strength of authentication can be increased.

  According to an eighth aspect of the present invention, in the electronic device according to any one of the first to sixth aspects, the authentication unit uses the control command with dummy data received by the reception unit. Regardless of whether the calculated value matches the expected value, the main control unit is authenticated.

  According to the eighth aspect of the present invention, even when the peripheral portion receives dummy data, the peripheral portion can perform dummy authentication processing by the same processing as when authentication data is received. For this reason, the processing time in the peripheral portion or the amount of heat generated by the processing can be comparable to that when the normal authentication data is received and the authentication processing is performed. Therefore, since it is possible to prevent a third party from knowing the timing at which the authentication processing is performed in the peripheral portion, the strength of authentication can be further increased.

  An electronic device according to a ninth aspect of the invention is the electronic device according to any one of the first to eighth aspects, wherein the adding means finishes adding the authentication data for the number of divisions. In the meantime, the dummy data generated by the dummy data generating means is added to the control command.

  According to the ninth aspect of the present invention, the main control unit can transmit dummy data to the peripheral unit while transmitting the authentication data for the number of divisions. For example, the main control unit transmits dummy data between the time when authentication data of one of the divided number of pieces of authentication data for establishing authentication for the main control unit is transmitted and before the next authentication data is transmitted. To the periphery. Accordingly, the main control unit can transmit the dummy data and the authentication data for the number of divisions at random, thereby preventing the third party from knowing the timing of transmitting the authentication data. Therefore, since it is possible to prevent legitimate authentication data from being stolen by a third party, the strength of authentication can be improved.

  An electronic device according to a tenth aspect of the present invention is the electronic device according to any one of the first to ninth aspects, wherein the adding means uses the correction data, the authentication data, or the dummy data as a similar type. It is added to the control command.

  According to the tenth aspect of the present invention, by adding correction data, authentication data, or dummy data to the same type of control command, the same type of control command is transmitted for the correction processing, authentication processing, or dummy authentication processing. Can only be done sometimes. For this reason, the processing load on the main control unit and the peripheral part due to the correction process, the authentication process or the dummy authentication process is reduced as compared with the case where the correction process, the authentication process or the dummy authentication process is performed when all the control commands are transmitted. Can do. For example, when correction data, authentication data, or dummy data is added to the jackpot command transmitted to the peripheral part by the main control unit, the jackpot command is transmitted for each round of jackpot, so during a certain period in the jackpot state Correction processing and authentication processing can be performed. Furthermore, the dummy authentication process can be performed at a timing other than the timing at which the correction process or the authentication process is performed. For this reason, the time interval between the correction process and the authentication process is shortened, and further, it is possible to prevent a third party from knowing the timing for performing the correction process or the authentication process. As a result, the strength of the authentication process can be improved.

  An electronic device according to an eleventh aspect of the present invention is the electronic device according to any one of the first to ninth aspects, wherein the adding unit has different types of the correction data, the authentication data, or the dummy data. It is added to the control command.

  According to the eleventh aspect of the invention, by adding correction data, authentication data or dummy data to different types of control commands, the main control unit can correct the correction data, authentication data or dummy data according to the transmission order of the control commands. Correction data, authentication data or dummy data can be added so that the data is transmitted in the desired order. In this case, for example, the main control unit adds correction data, authentication data, or dummy data to a control command in which the order of transmission from the main control unit to the peripheral unit is determined. Thereby, the main control unit can transmit the correction data, the authentication data, or the dummy data at an arbitrary timing without increasing the processing load on the main control unit. Further, the main control unit can transmit the correction data before the authentication data transmitted last in the authentication data for the number of divisions is transmitted, for example. Further, the main control unit can transmit dummy data while transmitting authentication data for the number of divisions, for example.

  Specifically, for example, when the main control unit adds authentication data to the jackpot command and adds correction data or dummy data to the jackpot reach command or jackpot start command transmitted before the jackpot command, authentication is performed. Correction processing or dummy authentication processing can be performed before the processing is performed. Therefore, by adding correction data, authentication data, or dummy data to different types of control commands in consideration of the transmission order of control commands, the peripheral unit can perform correction processing, authentication processing, or dummy authentication processing at an arbitrary timing. Can be done.

  The peripheral part can identify correction data, authentication data, or dummy data according to the type of control command. Accordingly, the peripheral part can identify the correction data, the authentication data, or the dummy data and perform the correction process, the authentication process, or the dummy authentication process without increasing the processing load on the peripheral part.

  An electronic device according to a twelfth aspect of the present invention is the electronic device according to any one of the first to eleventh aspects, wherein the correction data generating means is configured such that the main control unit is changed to another main control unit. In this case, correction data for correcting the expected value held in the peripheral portion to an expected value used for collation of data transmitted from the other main control unit is generated.

  According to the twelfth aspect of the present invention, the correction process can be performed every time the main control unit is changed. For this reason, it is possible to prevent the expected value held in the peripheral part from being corrected, although the main control part is changed.

  An electronic apparatus according to a thirteenth aspect of the present invention is the electronic device according to any one of the first to twelfth aspects, wherein the correction data generation means uses a unique value stored in the data storage means. The correction data is generated.

  According to the thirteenth aspect of the present invention, when there are a plurality of main control units, it is possible to generate correction data with values that can recognize each main control unit. As a result, the expected value can be set to a value unique to each main control unit, so that it becomes easier to detect an unauthorized substrate and the strength of authentication can be improved.

  According to a fourteenth aspect of the present invention, in the electronic device according to the thirteenth aspect, the correction data generating unit is configured to store the data storage unit when the main control unit is changed to another main control unit. The difference between the unique value set in the main controller before being changed and the unique value set in the other main controller after being changed is stored in It is generated as data.

  According to the fourteenth aspect of the present invention, when there are a plurality of main control units, it is possible to generate correction data based on a difference between values that can recognize each main control unit. As a result, the expected value can be set to a value unique to each main control unit, so that it becomes easier to detect an unauthorized substrate and the strength of authentication can be improved.

  According to a fifteenth aspect of the present invention, in the electronic device according to the thirteenth or fourteenth aspect, the correction data generation means uses the control command to add the correction data together with the specific value. It is characterized by generating data.

  According to the fifteenth aspect of the present invention, the authentication data is generated using the predetermined control command transmitted together with the correction data. In general, an unauthorized control board attempts to cause an unauthorized operation to be performed by transmitting a control command different from that of a regular main control unit. Therefore, if the correction data is generated by using the control command transmitted this time, even if the correction data is reused by an unauthorized control board, the correction data and the control command cannot be matched, and the fraud is detected. be able to.

  An electronic device according to a sixteenth aspect of the present invention is the electronic device according to any one of the first to twelfth aspects, wherein the correction data generation means uses the program data stored in the data storage means. Correction data is generated.

  According to the sixteenth aspect of the present invention, correction data is generated using program data such as instruction codes and fixed data stored in the main control unit. Thereby, fraud such as rewriting of program data stored in the main control unit or replacement of the main control unit can be detected.

  According to a seventeenth aspect of the present invention, in the electronic device according to the sixteenth aspect, the correction data generating means generates the correction data using the control command for adding the correction data together with the program data. It is characterized by doing.

  According to the invention of claim 17, the authentication data is generated using the control command (predetermined control command) transmitted together with the correction data. In general, an unauthorized control board attempts to cause an unauthorized operation to be performed by transmitting a control command different from that of a regular main control unit. Therefore, if the correction data is generated by using the control command transmitted this time, even if the correction data is reused by an unauthorized control board, the correction data and the control command cannot be matched, and the fraud is detected. be able to.

  An electronic device according to an invention of claim 18 is the electronic device according to any one of claims 1 to 17, wherein the authentication data generation means uses the program data stored in the data storage means. The authentication data is generated.

  According to the eighteenth aspect of the present invention, the authentication data is generated using the program data stored in the main control unit. Thereby, fraud such as rewriting of program data stored in the main control unit or replacement of the main control unit can be detected.

  An electronic device according to a nineteenth aspect of the present invention is the electronic device according to the eighteenth aspect, wherein the authentication data generating means generates the authentication data using the control command that adds the authentication data together with the program data. It is characterized by doing.

  According to the nineteenth aspect of the present invention, the authentication data is generated using the predetermined control command transmitted together with the authentication data. Therefore, if the authentication data is generated using the control command transmitted this time, even if the authentication data is reused by an unauthorized control board, the authentication data cannot be matched with the control command, and the fraud is detected. be able to.

  An electronic device according to a twentieth aspect of the present invention is the electronic device according to any one of the first to nineteenth aspects, wherein the correction means includes the control command transmitted from the main control unit with the correction data. In the case of a control command, the expected value held in the peripheral portion is corrected using the control command with correction data.

  According to the twentieth aspect of the present invention, the peripheral portion can determine whether or not to perform the correction process only by checking whether or not the correction data is added to the control command. Therefore, it is possible to reduce the processing load on the peripheral part due to the correction process.

  An electronic device according to a twenty-first aspect of the present invention is the electronic device according to any one of the first to nineteenth aspects, wherein the correction unit is configured such that the control command transmitted from the main control unit is the predetermined control. If it is a command, the expected value held in the peripheral portion is corrected using the control command with correction data.

  According to the twenty-first aspect of the present invention, the peripheral unit can confirm the type of the control command transmitted by the main control unit and determine whether or not to perform the correction process. Therefore, it is possible to facilitate the timing design between the process based on the control command and the correction process.

  An electronic device according to a twenty-second aspect of the present invention is the electronic device according to any one of the first to twenty-first aspects, wherein the correction means receives the control command with dummy data by the receiving means. The value of the expected value before receiving the control command with dummy data is maintained by the receiving means without correcting the value of the expected value held in the peripheral portion.

  According to the twenty-second aspect of the present invention, when the dummy data is received, the peripheral portion can perform the same processing as when, for example, correction data is received while maintaining the expected value. As a result, the peripheral portion maintains the normal expected value, and the processing time in the peripheral portion or the amount of heat generated by the processing is the same as when the normal correction data is received and the correction processing is performed. Can be done. Therefore, it is possible to prevent a third party from knowing the timing at which correction processing is performed in the peripheral portion.

  An electronic device according to a twenty-third aspect of the invention is the electronic device according to any one of the first to twenty-second aspects, wherein the peripheral unit is notified when the main control unit is not authenticated by the authentication unit. Output means for outputting a signal is provided.

  According to the twenty-third aspect of the present invention, the user can be notified that fraud has been made to the main control unit.

  A gaming machine according to a twenty-fourth aspect of the invention includes the electronic device according to any one of the first to twenty-third aspects, wherein the main control unit transmits the control command with authentication data, and the peripheral unit includes: An authentication process is performed based on the control command with authentication data transmitted by the main control unit.

  According to the twenty-fourth aspect of the present invention, the function of the electronic device according to the first to twenty-second aspects can be applied to a gaming machine such as a pachinko gaming machine.

  A main control board according to the invention of claim 25 is a main control board which is mounted on an electronic device and transmits a control command for causing a peripheral board to perform a predetermined process, and is a data storage means for storing predetermined data. Determining means for determining the number of the data stored in the data storage means (hereinafter referred to as “number of divisions”), and dividing the data in the data storage means into the number of divisions; Authentication data generation means for generating the authentication data for the number of divisions by performing a binary operation satisfying a coupling law for each of the divided data, and held by the peripheral board and transmitted from the main control board Correction data generating means for generating correction data for correction processing for correcting an expected value used for verification of the authentication data, and a dummy of the authentication data or the correction data When the control command transmitted to the peripheral board is a predetermined control command, the dummy data generating means for generating data and the authentication data for the number of divisions generated by the authentication data generating means And when the control command to be transmitted to the peripheral part is a predetermined control command before the transmission of the authentication data for the number of divisions, the correction data generated by the correction data generation means is An adding means for adding the dummy data generated by the dummy data generating means to a control command other than the control command to which the correction data or the authentication data is added; The added control command (hereinafter referred to as “control command with correction data”), the authentication data The control command to which data is added (hereinafter referred to as “control command with authentication data”) or the control command to which the dummy data is added (hereinafter referred to as “control command with dummy data”) is transmitted to the peripheral board. And a transmission means.

  According to the invention of claim 25, when the control command transmitted from the main control board is a predetermined control command, correction data or authentication data is added to the control command. Thereby, the communication load between the main control board and the peripheral board can be reduced as compared with the case where the correction data or the authentication data is transmitted alone. Moreover, compared with the case where correction data or authentication data is transmitted alone, the possibility that correction data or authentication data is extracted from communication data and analyzed can be reduced. In addition, the correction process or the authentication process for correcting the expected value is performed only when a predetermined control command is transmitted. Therefore, the authentication process is performed when all control commands are transmitted. The processing load on the substrate can be reduced. Further, since the correction process can be performed before the authentication process is performed, for example, even if the main control board is changed, the changed main control board can be reliably authenticated as a regular board.

  In addition, the main control board sends correction data to the peripheral board at an arbitrary timing before starting to transmit the authentication data for the number of divisions or from the start of transmission of the authentication data for the number of divisions to the end of transmission. To do. As a result, the main control board can transmit the correction data before transmitting the authentication data transmitted last among the authentication data for the number of divisions. For example, when the number of divisions is 3, the main control board can transmit the correction data at an arbitrary timing until transmission of authentication data transmitted third is completed. For this reason, it is possible to prevent a third party from knowing the timing of transmitting the correction data. Further, the number of divisions is a value that only the main control board knows, and the peripheral board knows the number of authentication data (the number of connections) that has been subjected to the binary operation when authentication for the main control board is established. it can. For this reason, the third party cannot know the number of divisions. For example, even if one authentication data is known to a third party, the value calculated by combining the authentication data for the number of divisions is the third party. Can be prevented from being known. The value calculated by combining the authentication data for the number of divisions is a value for establishing authentication for the main control board in the peripheral board. Therefore, it is possible to prevent the third party from stealing the correction data and the value for establishing the authentication for the main control board, so that the authentication strength can be improved.

  Further, the main control board can transmit dummy data added to the control command when it is not the timing of the correction process or the authentication process. This can prevent a third party from knowing when correction data or authentication data has been transmitted. Therefore, the correction data and the authentication data can be prevented from being stolen, so that the authentication strength can be increased.

  The main control board according to the invention of claim 26 is the main control board according to claim 25, wherein the authentication data generating means is a method of performing two or more kinds of binary operations satisfying a combining law based on the division number. To select a binary operation to be used for the next generation of the authentication data.

  According to the invention of claim 26, the main control board selects one binary operation from two or more types of binary operations and generates authentication data. Since the number of divisions is a value known only by the main control board, a third party cannot know the switching timing of the binary operation used for generating the authentication data. Therefore, the third party cannot know the binary operation used for generating the authentication data this time. Therefore, the strength of authentication can be improved.

  A peripheral board according to a twenty-seventh aspect of the present invention is a peripheral board that is mounted on an electronic device and performs processing according to a control command transmitted from a main control board, and is transmitted by the main control board, The control command to which correction data for correcting expected values used for collation of data transmitted by the control board is added (hereinafter referred to as “control command with correction data”), and authentication for authenticating the main control board The control command to which data is added (hereinafter referred to as “control command with authentication data”) or the control command to which dummy data of the authentication data or the correction data is added (hereinafter referred to as “control command with dummy data”). When receiving the control command with correction data by the receiving means and the receiving means, the correction data A correction means for correcting the expected value held on the peripheral board using an attached control command, and a value calculated by performing the binary operation on the authentication data corresponding to the number of divisions And authentication means for authenticating the main control board based on whether or not the expected value corrected by the correction means matches, the authentication means by the receiving means the dummy data When the attached control command is received, the main control board is authenticated, and the authentication means performs two or more types of binary operations satisfying a coupling law on the authentication data for the number of divisions, and the binary operation The main control board is authenticated based on whether or not any of the two or more values calculated by the above match the expected value.

  According to the twenty-seventh aspect of the present invention, when the control command transmitted from the main control board is a predetermined control command, correction data or authentication data is added to the control command. Thereby, the communication load between the main control board and the peripheral board can be reduced as compared with the case where the correction data or the authentication data is transmitted alone. Moreover, compared with the case where correction data or authentication data is transmitted alone, the possibility that correction data or authentication data is extracted from communication data and analyzed can be reduced. In addition, the correction process or the authentication process for correcting the expected value is performed only when a predetermined control command is transmitted. Therefore, the authentication process is performed when all control commands are transmitted. The processing load on the substrate can be reduced. Further, since the correction process can be performed before the authentication process is performed, for example, even if the main control board is changed, the changed main control board can be authenticated as a regular board.

  In addition, by not holding the fixed value, which is the final expected value (expected value after correction) itself used for verification of the main control board, in the peripheral board, it is possible to limit who can know the final expected value used for verification. As a result, it is possible to reduce risks such as leakage of information regarding expected values.

  In addition, the peripheral board performs all binary operations that can be selected when generating authentication data in the main control board on the authentication data transmitted from the main control board. A value used for control board verification is calculated. Then, the peripheral board authenticates the main control board based on whether any of the values used for matching the main control board matches the expected value. As a result, the peripheral board can generate a value for establishing authentication for the main control board without knowing the number of divisions determined by the determination unit, and can perform authentication processing of the main control board. . For example, even when the number of divisions and the calculation method are not known, the peripheral board can generate a value for establishing authentication for the main control board, and can authenticate the main control board. In addition, since the number of persons who can know the number of authentication data for generating a value for establishing authentication for the main control board can be limited, the strength of authentication can be improved.

  Further, when the peripheral board receives dummy data, the peripheral board can perform a process of temporarily authenticating the main control board (hereinafter referred to as “dummy authentication process”). As a result, it is possible to prevent a third party from knowing the timing at which authentication processing using regular authentication data is performed in the peripheral portion, so that the strength of authentication can be increased.

  An authentication method according to a twenty-eighth aspect of the invention is an electronic device comprising: a main control unit that transmits a control command; and a peripheral unit that performs predetermined processing based on the control command transmitted by the main control unit. A determination step of determining a number of divisions of predetermined data stored in the data storage means (hereinafter referred to as “division number”) in the main control unit; and in the data storage step An authentication data generation step of generating the authentication data for the number of divisions by performing a binary operation satisfying a combining law on each of the divided data, and generating the authentication data for the number of divisions; A correction data generating step for generating correction data for correction processing for correcting an expected value used for collation of the authentication data transmitted from the main control unit, and When dummy data generation step for generating authentication data or dummy data of the correction data and the control command to be transmitted to the peripheral part are predetermined control commands, the number of divisions generated by the authentication data generation step If the control command to be transmitted to the peripheral part is a predetermined control command before adding the authentication data to the control command and adding the authentication data for the number of divisions, the correction data generating step Addition of adding the generated correction data to the control command and adding the dummy data generated by the dummy data generation step to a control command other than the control command to which the correction data or the authentication data is added Process and the control command with the correction data added (hereinafter referred to as “correction data”). Control command to which the authentication data is added (hereinafter referred to as “control command with authentication data”) or the control command to which the dummy data is added (hereinafter referred to as “control command with dummy data”). Transmitting the control command with correction data, the control command with authentication data, or the control command with dummy data transmitted by the main control unit in the peripheral portion. A receiving step for receiving, a correction step for correcting the expected value held in the peripheral portion using the control command with correction data when the control command with correction data is received by the receiving step, and the division A binary operation is performed on the authentication data for several minutes, a value calculated by the binary operation, An authentication step of authenticating the main control unit based on whether or not the expected value corrected by the correction step matches, and the authentication step includes the control with dummy data by the reception step When the command is received, the main control unit is authenticated.

  According to the twenty-eighth aspect of the present invention, when the control command transmitted from the main control unit is a predetermined control command, correction data or authentication data is added to the control command. Thereby, compared with the case where correction data or authentication data is transmitted independently, the communication load between a main control part and a peripheral part can be reduced. Moreover, compared with the case where correction data or authentication data is transmitted alone, the possibility that correction data or authentication data is extracted from communication data and analyzed can be reduced. In addition, since the correction process or the authentication process for correcting the expected value is performed only when a predetermined control command is transmitted, the main control unit and peripheral devices are compared with the case where the authentication process is performed when all control commands are transmitted. The processing load on the part can be reduced. In addition, since the correction process can be performed before the authentication process is performed, for example, even if the main control unit is changed, the changed main control unit can be authenticated as a regular board.

  In addition, the main control unit transmits correction data to the peripheral unit at an arbitrary timing before the start of transmission of authentication data for the number of divisions or after the start of transmission of authentication data for the number of divisions. To do. Accordingly, the main control unit can transmit the correction data before transmitting the authentication data transmitted last in the authentication data for the number of divisions. For example, when the number of divisions is 3, the main control unit can transmit correction data at an arbitrary timing until transmission of authentication data transmitted third is completed. For this reason, it is possible to prevent a third party from knowing the timing of transmitting the correction data. Further, the number of divisions is a value that only the main control unit knows, and the peripheral unit can know the number of authentication data (number of connections) subjected to the binary operation when authentication to the main control unit is established. it can. For this reason, the third party cannot know the number of divisions. For example, even if one authentication data is known to a third party, the value calculated by combining the authentication data for the number of divisions is the third party. Can be prevented from being known. The value calculated by combining the authentication data for the number of divisions is a value for establishing authentication for the main control unit in the peripheral part. Therefore, it is possible to prevent the third party from stealing the correction data and the value for establishing the authentication for the main control unit, so that the authentication strength can be improved.

  Further, the main control unit can add dummy data to the control command and transmit it when it is not the timing of the correction process or the authentication process. This can prevent a third party from knowing when correction data or authentication data has been transmitted. Therefore, the correction data and the authentication data can be prevented from being stolen, so that the authentication strength can be increased.

  In addition, when receiving the dummy data, the peripheral unit can perform a process of temporarily authenticating the main control unit (hereinafter referred to as “dummy authentication process”). As a result, it is possible to prevent a third party from knowing the timing at which authentication processing using regular authentication data is performed in the peripheral portion, so that the strength of authentication can be increased.

  An authentication method according to an invention of claim 29 is the authentication method according to claim 28, wherein the authentication step performs two or more binary operations satisfying a combining rule for the authentication data for the number of divisions. And the main control unit is authenticated based on whether any of the two or more values calculated by the binary operation matches the expected value.

  According to the invention of claim 29, the peripheral unit performs all the binary operations that can be selected when generating the authentication data in the main control unit with respect to the authentication data transmitted from the main control unit. Then, a value used for collation of the main control unit is calculated for each of the two terms. Then, the peripheral unit authenticates the main control unit based on whether any of the values used for collation of the main control unit matches the expected value. Thus, the peripheral unit can generate a value for establishing authentication for the main control unit without knowing the number of divisions determined by the determination unit, and can perform authentication processing of the main control unit. . For example, even if the number of divisions and the calculation method are not known, the peripheral unit can generate a value for establishing authentication for the main control unit, and can authenticate the main control unit. Further, since the number of persons who can know the number of authentication data for generating a value for establishing authentication for the main control unit can be limited, the strength of authentication can be improved.

  An authentication method according to a thirty-third aspect of the present invention is the authentication method according to the twenty-eighth aspect, wherein the authentication data generating step is based on the number of divisions and is selected from two or more types of binary operations that satisfy a combination rule. The binary operation used for the next generation of the authentication data is selected, and the authentication step determines the number of the authentication data that is the target of the selected binary operation when the authentication for the main control unit is established. Based on the two or more types of binary operations, a binary operation used for the next authentication is selected.

  According to the invention of claim 30, the main control unit selects a binary operation used for generating authentication data at the time of the next authentication based on the number of divisions obtained by dividing the data in the storage means. Since the number of divisions is a value known only by the main control unit, a third party cannot know the switching timing of the binary operation used for generating the authentication data.

  In addition, the peripheral unit switches the calculation method used for generating the authentication data based on the number of authentication data when the authentication for the main control unit is established. In addition, in order to generate a value for establishing authentication for the main control unit, the peripheral unit uses the same calculation method as the calculation method for generating authentication data in the main control unit, and calculates the authentication data for the number of divisions. To do. For this reason, even if the authentication data for the number of divisions is stolen and reused by a third party, the peripheral portion is the same as when the authentication data for the stolen number of divisions is generated after the calculation method is switched. Using a calculation method different from the calculation method, the authentication data corresponding to the stolen number of divisions is calculated. As a result, even if the peripheral part receives authentication data for the number of divisions stolen by a third party, it does not calculate a value that matches the expected value, so the authentication data for the number of stolen divisions is illegal. It can be judged. Therefore, even if an unauthorized control unit is inserted between the main control unit and the peripheral unit, and authentication data for the number of divisions stolen by a third party is transmitted from the unauthorized control unit to the peripheral unit. It is possible to detect that an unauthorized control unit has been inserted. Therefore, unauthorized processing by the unauthorized control unit can be prevented.

  An authentication program according to the invention of claim 31 causes a computer to execute the authentication method according to any one of claims 28 to 30.

  According to the invention of claim 31, it is possible to cause a computer to execute the authentication method according to any one of claims 28 to 30.

  According to the electronic device, the gaming machine, the main control board, the peripheral board, the authentication method, and the authentication program according to the present invention, the expected value used for authenticating the main control board is corrected by a simple method, and from the main control board There is an effect that it is possible to prevent unauthorized control on the peripheral board and diversion of information on expected values and authentication.

It is a front view which shows an example of the game board of the pachinko game machine of this invention. It is a block diagram which shows the internal structure of the control part of a pachinko game machine. It is a block diagram which shows the functional structure of a main control board and a peripheral board | substrate. It is a flowchart which shows the procedure of the control process of the production | presentation control part by the main control part. It is a flowchart which shows the procedure of the control process of the production | presentation control part by the main control part. It is a time chart which shows the transmission timing of a jackpot related command. It is a flowchart which shows the procedure of the symbol variation process by an effect control part. It is a flowchart which shows the procedure of the process at the time of the big hit by an effect control part. It is a flowchart which shows the procedure of the lamp control process at the time of the symbol variation by a lamp control part. It is explanatory drawing which shows typically the data format of the control signal which a main control part outputs. It is explanatory drawing which shows typically the production | generation method of the authentication data (inspection value) in a main control part. It is a flowchart which shows the procedure of the transmission process of the control signal by a main control part. It is a flowchart which shows the procedure of the reception process of the control signal by an effect control part. It is a sequence diagram which shows an example of the flow of the control signal between control parts. It is a sequence diagram which shows an example of the flow of the control signal between control parts. It is explanatory drawing which shows the outline | summary of the fraud prevention technique by a prior art. It is explanatory drawing which shows the example of insertion of an unauthorized control board.

(Embodiment)
Referring to the accompanying drawings, control signals between a pachinko gaming machine having the function of an electronic device according to the present invention and a plurality of boards (main control board and peripheral board) mounted on the pachinko gaming machine will be described below. A preferred embodiment of an authentication method and an authentication program for authenticating an included control command will be described in detail.

(Basic configuration of pachinko machine)
FIG. 1 is a front view showing an example of a game board of a pachinko gaming machine according to the present invention. A game ball launched by driving a launching unit (see FIG. 2) arranged at a lower position of the game board 101 ascends between the rails 102a and 102b and reaches an upper position of the game board 101, and then the game area 103 Fall inside. A plurality of nails (not shown) are provided in the game area 103, and a game ball is dropped in various directions, and a windmill or a prize opening that changes the fall direction of the game ball is placed in the middle of the fall. Is arranged.

  A symbol display unit 104 is arranged at the center of the game area 103 of the game board 101. As the symbol display unit 104, for example, a liquid crystal display (LCD) is used. The symbol display unit 104 is not limited to the LCD, and a CRT or the like can also be used. Below the symbol display unit 104, a start winning port 105 for starting winning is arranged. Winning gates 106 are arranged on the left and right of the symbol display unit 104, respectively.

  The winning gate 106 is provided to detect the passing of the game ball and perform a lottery to open the start winning opening 105 for a predetermined time. A normal winning opening 107 is disposed on the side of the symbol display unit 104 or below. When a game ball wins the normal winning opening 107, the number of winning balls (for example, 10) at the time of the normal winning is paid out. At the bottom of the game area 103, there is provided a collection port 108 for collecting game balls that have not won any winning ports.

  The symbol display unit 104 described above starts a variation in the display of a plurality of symbols when a game ball is won at a specific winning opening (at the time of starting winning), and the symbol stops after a predetermined time. When the specific symbols (for example, “777”) are aligned at the time of the stop, a big hit state is obtained. In the big hit state, the big winning opening 109 located below repeats opening for a predetermined period for a predetermined round (for example, 15 rounds), and pays out the number of winning balls corresponding to the winning game balls.

  FIG. 2 is a block diagram showing the internal configuration of the control unit of the pachinko gaming machine. The control unit 200 includes a plurality of control units. In the example of illustration, it has the main control part 201 and the peripheral part (The effect control part 202, the prize ball control part 203). The main control unit 201 controls basic operations related to the game of the pachinko gaming machine. The production control unit 202 controls the production operation during the game. The prize ball control unit 203 controls the number of prize balls to be paid out.

  Based on the program data stored in the ROM 212, the main control unit 201 executes a CPU 211 that performs basic processing as the game content progresses, a RAM 213 that functions as a data work area when the CPU 211 performs arithmetic processing, and each detection unit 221- An interface (I / F) 214 that receives various data from the H.224 and transmits various data to the effect control unit 202 and the prize ball control unit 203 is configured. The main control unit 201 realizes its function by, for example, a so-called main control board.

  On the input side of the main control unit 201, a start winning port detection unit 221 that detects a winning ball that has won a winning winning port 105, a gate detection unit 222 that detects a game ball that has passed through the winning gate 106, and a normal win An ordinary winning opening detection unit 223 that detects a game ball won in the mouth 107 and a large winning opening detection unit 224 that detects a winning ball won in the big winning opening 109 are connected via the I / F 214. These detection units can be configured using proximity switches or the like.

  A prize winning opening / closing part 231 is connected to the output side of the main control part 201, and the opening / closing of the prize winning opening / closing part 231 is controlled. The special prize opening / closing unit 231 has a function of opening the special prize opening 109 for a certain period of time when a big hit is made, and is configured using a solenoid or the like. This jackpot is programmed in advance to occur with a predetermined probability (for example, 1/300, etc.) based on the generated random number (random number for jackpot determination).

  The effect control unit 202 receives control signals including various control commands from the main control unit 201, and executes program data stored in the ROM 242 based on these commands to perform effect control during the game. The effect control unit 202 includes a CPU 241 that executes effect processing, a RAM 243 that functions as a data work area during the calculation processing of the CPU 241, a VRAM 244 that writes image data to be displayed on the symbol display unit 104, and various types from the main control unit 201. An interface (I / F) 245 for receiving data and transmitting various data to the lamp control unit 251 and the voice control unit 252 is provided. The effect control unit 202 realizes its function by, for example, a so-called effect board. In addition, the above-described symbol display unit (LCD) 104, lamp control unit 251, and voice control unit 252 are connected to the output side of the effect control unit 202 via the I / F 245.

  The winning ball control unit 203 receives control signals including various control commands from the main control unit 201, and executes program data stored in the ROM 282 based on these commands to perform winning ball control. The prize ball control unit 203 includes a CPU 281 that executes prize ball control processing, a RAM 283 that functions as a data work area when the CPU 281 performs arithmetic processing, and various data reception and emission units 292 from the main control unit 201. An interface (I / F) 284 that transmits and receives various data is provided. The prize ball control unit 203 realizes its function by, for example, a so-called prize ball substrate.

  The winning ball control unit 203 performs control for paying out the number of winning balls at the time of winning a prize to the connected paying unit 291. In addition, an operation of launching a game ball with respect to the launch unit 292 is detected, and the launch of the game ball is controlled. The payout unit 291 includes a motor for paying out a predetermined number from the game ball storage unit. The winning ball control unit 203 controls the paying unit 291 to pay out the number of winning balls corresponding to the game balls won in each winning port (start winning port 105, normal winning port 107, large winning port 109). Do it.

  The launcher 292 launches a game ball for a game, and includes a sensor that detects a game operation by the player, a solenoid that launches the game ball, and the like. When the prize ball control unit 203 detects a game operation by the sensor of the launch unit 292, the prize ball control unit 203 intermittently fires a game ball by driving a solenoid or the like in response to the detected game operation, thereby playing the game area 103 of the game board 101. A game ball is sent out.

  The main control unit 201, the effect control unit 202, and the prize ball control unit 203 configured as described above are provided on different printed circuit boards (main control board, effect board, and prize ball board). For example, the prize ball control unit 203 can be provided on the same printed circuit board as the main control unit 201.

(Functional configuration of main control board and peripheral board)
FIG. 3 is a block diagram showing a functional configuration of a main control board (main control unit) and peripheral boards (effect control unit, prize ball control unit). First, a functional configuration of the main control board 310 having a function as the main control unit 201 will be described. As shown in FIG. 3, the main control board 310 is a functional unit that transmits a control command for operating the peripheral board 330, and includes a control command storage unit 311, a data storage unit 312, a correction data generation unit 313, and a determination unit. 314, an authentication data generation unit 315, a dummy data generation unit 316, an addition unit 317, and a transmission unit 318.

  The control command storage unit 311 stores control command data (control command data) transmitted to the peripheral board 330. The data storage unit 312 stores program data such as values unique to the main control board 310, predetermined instruction codes, and fixed data. The value unique to the main control board 310 is a value by which each main control board 310 can be identified when there are a plurality of main control boards 310, for example.

  For example, the main control board 310 selects a control command to be transmitted from the control command storage unit 311 to the peripheral board 330 according to predetermined program data stored in the data storage unit 312 and transmits the control command to the peripheral board 330. To do. As the data storage unit 312, for example, a part of the ROM 212 (see FIG. 2) of the main control unit 201 can be used. Note that the control command storage unit 311 and the data storage unit 312 may not be provided separately, but may be integrated. For example, control command data, program data, and values unique to the main control board 310 may be stored in the data storage unit 312.

  The correction data generation unit 313 generates correction data for correcting an expected value used for collation of data transmitted from the main control board 310. The expected value is, for example, a value that is held in advance (such as during manufacturing) on the peripheral board 330 and is a value that is used when collating data transmitted from the main control board 310 on the peripheral board 330. Further, the expected value is not a fixed value, but may be a value generated by calculation from a basic value, for example. Also, the peripheral board 330 may hold one expected value for one main control board 310, or may hold a plurality of expected values for every binary operation used for generating authentication data. Also good. When there are a plurality of main control boards 310, the expected values are different for each main control board 310. Therefore, for example, when the main control board 310 is changed to another main control board 310, even if the other main control board 310 is a valid main control board 310, the expected value of the peripheral board 330 is not corrected. The peripheral board 330 may not be verified, or the legitimate main control board 310 may be determined to be an illegal control board. In order to prevent such a verification failure, the main control board 310 transmits correction data for correcting the expected value held in the peripheral board 330 to the peripheral board 330.

  The timing at which the correction data generation unit 313 generates the correction data is, for example, when the main control board 310 is changed to another main control board 310. In this case, the correction data generation unit 313 uses the expected value corresponding to the main control board 310 before the change held in the peripheral board 330 for the verification of the data transmitted from the other main control board 310 after the change. Correction data for correcting the value is generated.

  Also, the timing at which the correction data generation unit 313 generates the correction data is switched, for example, when the main control board 310 generates authentication data when the peripheral board 330 has only one expected value. This is the case. In this case, the correction data generation unit 313 corresponds to the expected value corresponding to the main control board 310 before the main control board 310 switches the calculation method, and corresponds to the main control board 310 after the main control board 310 switches the calculation method. Correction data for correcting the expected value to be generated is generated.

  As a method of generating correction data by the correction data generation unit 313, correction data may be generated using a unique value or program data stored in the data storage unit 312. Specifically, for example, when the main control board 310 is changed to another main control board 310, the correction data generation unit 313 includes a unique value and data set in the other main control board 310 after the change. A difference from the unique value set in the main control board 310 before the change stored in the storage unit 312 is generated as correction data. Furthermore, the correction data generation unit 313 may generate correction data using the control command transmitted this time together with the unique value. Further, the correction data generation unit 313 may generate correction data using program data stored in the data storage unit 312. Further, the correction data generation unit 313 may generate correction data using the control command transmitted this time together with the program data.

  The determination unit 314 determines the number of data stored in the data storage unit 312 (hereinafter referred to as “division number”). For example, the determination unit 314 sets a value generated by a random number generation circuit or a random number generation program as a division number, or sets a value generated in another process of the main control board 310 as a division number.

  The authentication data generation unit 315 generates authentication data for authenticating the main control board 310. The authentication data generation unit 315 selects a predetermined binary operation from two or more types of binary operations that satisfy the combining rule, and divides the data in the data storage unit 312 into the number of divisions determined by the determination unit 314. Then, a predetermined binary operation is performed on each of the divided data to generate authentication data for the number of divisions. Specifically, the authentication data generation unit 315 divides the program data stored in the data storage unit 312 and the value unique to the main control board 310 into the number of divisions determined by the determination unit 314 and the number of divisions. Generate authentication data. The binary operation satisfying the combining rule is, for example, addition or exclusive OR operation. In this case, the authentication data generation unit 315 selects either addition or exclusive OR operation, performs the selected operation on each of the divided data, and generates authentication data for the number of divisions.

  The authentication data generation unit 315 may generate authentication data using program data stored in the data storage unit 312, for example. Further, the authentication data generation unit 315 may generate the authentication data using the control command transmitted this time together with the program data. Further, the authentication data generation unit 315 may generate authentication data using a control command in a control signal described later. The authentication data is used by an authenticator (peripheral board 330) to verify that the main control board 310 is a legitimate main control board 310 by performing verification using an expected value held in the peripheral board 330. Information.

  Here, the authentication data generation unit 315 uses a binary operation used to generate the next authentication data from all the binary operations held by the main control board 310 based on the number of divisions determined by the determination unit 314. Select. Specifically, for example, when the division number is an odd number, the calculation is changed to a calculation different from the calculation used this time, and when the division number is an even number, the same calculation as this time is used.

  Further, the authentication data generation unit 315 may hold only one binary operation that satisfies the combining law. In this case, for example, the authentication data generation unit 315 generates authentication data for the number of divisions so that the amount of data for dividing the data in the data storage unit 312 is different each time authentication data for the number of divisions is generated. Also good.

  The dummy data generation unit 316 generates dummy data of correction data or authentication data. The dummy data is for the certifier (peripheral board 330) to tentatively authenticate the main control board 310 as the regular main control board 310 without performing verification using the expected value held in the peripheral board 330. Information. Further, the dummy data is collated using the expected value held in the peripheral board 330, and the main control board 310 is temporarily authenticated as the regular main control board 310 regardless of whether the collation results match or do not match. It is information for. Further, the dummy data may be information for performing processing similar to the processing for correcting the expected value held in the peripheral substrate 330. Furthermore, the dummy data may be authentication data used for authentication of a different type from the above-described authentication using the correction data and authentication data.

  The adding unit 317 generates the control signal by adding the correction data generated by the correction data generating unit 313 to the control command transmitted to the peripheral board 330. The adding unit 317 generates a control signal by adding the authentication data generated by the authentication data generating unit 315 to the control command transmitted to the peripheral board 330. The adding unit 317 adds the dummy data generated by the dummy data generating unit 316 to a control command other than the control command to which correction data or authentication data is added.

  The adding unit 317 may randomly add dummy data to control commands other than the control command to which correction data and authentication data are added. In addition, the adding unit 317 controls the control command so that correction data, authentication data, or dummy data is transmitted in a desired order to the control command in which the order of transmission from the main control board 310 to the peripheral board 330 is determined. Correction data, authentication data, or dummy data may be added according to the transmission order. Here, the control command for adding the correction data, the authentication data, and the dummy data may be a similar type of control command or a different type of control command.

  Specifically, for example, when the control command transmitted to the peripheral board 330 is a jackpot command, the adding unit 317 adds correction data or authentication data to the jackpot command and does not add correction data or authentication data. Dummy data may be added to the jackpot command. For example, when the control command for adding authentication data for the number of divisions is a jackpot command, the adding unit 317 adds correction data to the jackpot reach command or jackpot start command transmitted before the jackpot command. May be. Then, the adding unit 317 may add dummy data to control commands other than the jackpot command, jackpot reach command, or jackpot start command.

  Further, the adding unit 317 adds correction data to a predetermined control command before adding the authentication data for the number of divisions generated by the authentication data generating unit 315 to another control command. Specifically, the adding unit 317 can add the correction data to the control command before adding the authentication data added at the end of the authentication data for the number of divisions to the control command. More specifically, for example, when the number of divisions is 3, the adding unit 317 can add correction data to the control command before adding the third authentication data to be added to the control command.

  Further, the adding unit 317 adds dummy data before adding the next authentication data after adding one authentication data out of the authentication data for the number of divisions for establishing authentication for the main control board 310. It may be added. Specifically, when the number of divisions is set to 3 and three pieces of authentication data are generated, the adding unit 317 adds, for example, the first added authentication data to the control command, and then adds the second. Dummy data can be added to the control command before the authentication data is added.

  Further, the adding unit 317 adds authentication data corresponding to the number of divisions for each control command transmitted to the peripheral board 330. The order of adding authentication data for the number of divisions is arbitrary. The adding unit 317 may add the authentication data to the control command in the order in which the authentication data is generated, or may add the authentication data to the control command in an order different from the order in which the authentication data is generated.

  The adding unit 317 may add correction data or dummy data to a plurality of control commands during a period from when the power is turned on until the power is turned off. Further, the adding unit 317 may add the authentication data to all the control commands after adding the correction data to the control command, or may add the authentication data to any of the control commands.

  The transmission unit 318 includes a control command to which correction data is added by the adding unit 317 (hereinafter referred to as “control command with correction data”) and a control command to which authentication data is added (hereinafter referred to as “control command with authentication data”). Alternatively, a control command to which dummy data is added (hereinafter referred to as “control command with dummy data”) is transmitted to the peripheral board 330.

  Further, the transmission unit 318 transmits the control command with correction data to the peripheral board 330 before the transmission of the control command with authentication data for the number of divisions is completed. For example, when the command to be transmitted this time is a jackpot command, the transmission unit 318 may transmit the control command with authentication data or the control command with correction data for the number of divisions to the peripheral board 330. In addition, the transmission unit 318 may transmit one dummy data or a plurality of dummy data in one correction process or authentication process.

  Further, when the command to be transmitted this time is not a jackpot command, the transmission unit 318 may transmit a control command to which correction data or authentication data is not added or a control command with dummy data to the peripheral board 330. Note that the transmission unit 318 may transmit the control command with dummy data to the peripheral board 330 when the correction data or the authentication data is not added even if the command transmitted this time is a jackpot command.

  As described above, the adding unit 317 and the transmission unit 318 can transmit the correction data to the peripheral board 330 before the authentication process of the main control board 310 is performed in the peripheral board 330. For this reason, for example, when the main control board 310 is changed to another main control board 310, it is possible to prevent the authentication process from being performed before the expected value is corrected.

  Further, when the authentication data generation unit 315 generates authentication data using a binary operation selected from all the binary operations held by the main control board 310, the peripheral board 330 is connected to the main control board 310. The expected value can be corrected each time the calculation method is switched. Accordingly, it is possible to prevent the legitimate main control board 310 from being authenticated as an invalid main control board 310 in the authentication process on the peripheral board 330.

  Further, the addition unit 317 and the transmission unit 318 add the correction data to the control command and send the control command with correction data to the peripheral board 330 before the transmission of the control commands with authentication data for the number of divisions to the peripheral board 330 is completed. Send. By transmitting the correction data in this way, for example, the correction data can be transmitted between one authentication data and the next authentication data. As a result, the third party cannot identify whether correction data or authentication data is added to the control command, so that the third party can know when the correction data is transmitted. Can be prevented.

  Further, the adding unit 317 and the transmitting unit 318 transmit authentication data-attached control commands for the number of divisions to the peripheral board 330. Since the number of divisions is a value that only the main control board 310 knows, the third party cannot know the number of authentication data transmitted to the peripheral board 330. As a result, it is possible to prevent a third party from knowing a value calculated by combining authentication data for the number of divisions (a value for establishing authentication for the main control board 310). Therefore, since it is possible to prevent the correction data and the value for establishing authentication with respect to the main control board 310 from being stolen, the strength of authentication can be improved.

  Further, the addition unit 317 and the transmission unit 318 are either before or after the control command with correction data and the control command with authentication data are transmitted to the peripheral board 330, or while the control command with authentication data is being transmitted. By adding dummy data, a control command with dummy data can be transmitted to the peripheral board 330. By doing so, it is possible to prevent a third party from knowing when correction data and authentication data are transmitted from the main control board 310 to the peripheral board 330, and to prevent the correction data and authentication data from being stolen. Can be prevented.

  Further, by adding correction data authentication data or dummy data to the same type of control command by the addition unit 317 and the transmission unit 318, correction processing, authentication processing, or dummy data is only performed when the same type of control command is transmitted. Can be done. For this reason, the processing load on the main control board 310 and the peripheral board 330 due to the correction process, the authentication process, or the dummy authentication process is smaller than when the correction process, the authentication process, or the dummy authentication process is performed when all the control commands are transmitted. Can be reduced. For example, when correction data, authentication data, or dummy data is added to the jackpot command transmitted from the main control board 310 to the peripheral board 330, the jackpot command is transmitted for each round of jackpot, so that it is in a jackpot state for a certain period. The correction process and the authentication process can be performed. Furthermore, the dummy authentication process can be performed at a timing other than the timing at which the correction process or the authentication process is performed. For this reason, the time interval between the correction process and the authentication process is shortened, and further, it is possible to prevent a third party from knowing the timing for performing the correction process or the authentication process. As a result, the strength of the authentication process can be improved.

  In addition, by adding correction data, authentication data, or dummy data to different types of control commands by the addition unit 317 and the transmission unit 318, the main control board 310 transmits correction data, Correction data, authentication data, or dummy data can be added so that the authentication data or dummy data is transmitted in a desired order. In this case, for example, the main control board 310 adds correction data, authentication data, or dummy data to a control command in which the order of transmission from the main control board 310 to the peripheral board 330 is determined. Thereby, the main control board 310 can transmit the correction data, the authentication data, or the dummy data at an arbitrary timing without increasing the processing load on the main control board 310. Further, the main control board 310 can transmit the correction data before the authentication data transmitted last in the authentication data for the number of divisions is transmitted, for example. Further, the main control unit can transmit dummy data while transmitting authentication data for the number of divisions, for example.

  Specifically, for example, when the main control board 310 adds authentication data to the jackpot command and adds correction data or dummy data to the jackpot reach command or jackpot start command transmitted before the jackpot command, Correction processing or dummy authentication processing can be performed before the authentication processing is performed. Therefore, the peripheral board 330 performs the authentication process, the correction process, or the dummy authentication process at an arbitrary timing by adding correction data, authentication data, or dummy data to different types of control commands in consideration of the transmission order of the control commands. Can be done.

  In addition, by adding authentication data or dummy data to different types of control commands by the adding unit 317 and the transmitting unit 318, the peripheral board 330 transmits correction data, authentication data, or dummy data depending on the type of control command. Can be identified. Accordingly, the peripheral board 330 can identify the correction data, the authentication data, or the dummy data and perform the correction process, the authentication process, or the dummy authentication process without increasing the processing load on the peripheral board 330.

  Since the correction data of the expected value is transmitted from the main control board 310 to the peripheral board 330, when the main control board 310 is changed, the peripheral board 330 is changed or the expected value held in the peripheral board 330 is changed. Even if the setting is not changed, the expected value corresponding to the changed main control board 310 can be easily corrected. Further, the transmission unit 318 transmits only the correction value without transmitting the expected value as it is. Therefore, for example, even if data transmitted by a third party is stolen, the expected value is not decoded, so that the strength of the authentication process can be improved.

  In addition, the adding unit 317 adds correction data, authentication data to the control signal only when adding correction data, authentication data, or dummy data to a predetermined type of control command, for example, when a jackpot command is transmitted to the main control board 310. Or add dummy data. For this reason, for example, a conventional main control board that transmits only control signals that do not add correction data, authentication data, and dummy data is used to transmit control signals that include correction data, authentication data, and dummy data. When changing to the main control board 310 according to the embodiment, it is possible to save the trouble of adding correction data authentication data or dummy data addition processing to all control command transmission processing. In this way, since it is only necessary to add an additional process to the transmission process of a single control command, the difficulty of setting for adding the process is easy, and the time required for the setting can be shortened.

  Next, a functional configuration of the peripheral board 330 having functions as peripheral portions such as the effect control unit 202 and the prize ball control unit 203 will be described. As shown in FIG. 3, the peripheral board 330 such as the effect control unit 202 and the prize ball control unit 203 includes a reception unit 331, a correction unit 332, a calculation value storage unit 333, an authentication unit 334, and a notification signal output unit 335. The

  The receiving unit 331 receives a control signal including the control command with correction data, the control command with authentication data, or the control command with dummy data transmitted by the main control board 310. The receiving unit 331 determines whether the received control signal is a control signal including any one of the control command with correction data, the control command with authentication data, or the control command with dummy data in a predetermined order. May be.

  The calculated value storage unit 333 extracts authentication data from the control command with authentication data received by the receiving unit 331, and performs a binary operation on the authentication data to obtain an inspection value. Then, the calculated value storage unit 333 combines the acquired inspection value and the inspection value already stored in the calculated value storage unit 333, and stores the combined inspection value. At this time, the calculated value storage unit 333 is the authentication data first extracted from the authentication data extracted from the control command with authentication data out of the authentication data corresponding to the number of divisions necessary to establish authentication for the main control board 310. In the case of data, the inspection value is stored without performing the combining process on the inspection value acquired from the authentication data. The calculation method selected by the calculation value storage unit 333 is set to match the binary calculation used by the main control board 310 to generate the authentication data. A method of combining the inspection values acquired from the authentication data and generating a value for establishing authentication for the main control board 310 will be described later.

  In addition, the calculation value storage unit 333 may extract dummy data from the control command with dummy data received by the reception unit 331 and perform calculation on the dummy data to obtain a temporary inspection value. As the calculation method at this time, the same calculation method as the binary operation performed on the authentication data may be used, or a different calculation method may be used. The calculation value storage unit 333 may use the temporary inspection value acquired by performing the calculation on the dummy data for another (different type) authentication process. The temporary inspection value obtained by performing an operation on the dummy data may be information for performing a dummy authentication process. In this case, even if the control command with dummy data is received by the receiving unit 331, the calculated value storage unit 333 can perform the same processing as when the control command with authentication data is received by the receiving unit 331. .

  Further, the calculated value storage unit 333 deletes the inspection value stored in the calculated value storage unit 333 when the authentication for the main control board 310 is established. That is, the calculated value storage unit 333 performs a combining process on the inspection value extracted from the authentication data until the authentication for the main control board 310 is established, and stores the combined inspection value. Further, when the calculation value storage unit 333 stores the temporary inspection value obtained by performing the calculation on the dummy data in the calculation value storage unit 333, the temporary inspection value is authenticated with respect to the main control board 310. It may be deleted when it is established, or may be deleted when another (different type) authentication is established.

  Moreover, the calculation value memory | storage part 333 may memorize | store a test value for every two-term calculation, when performing two or more types of binary calculation with respect to the extracted authentication data. In this case, the calculation value storage unit 333 can generate a value that establishes authentication for the main control board 310 without the peripheral board 330 knowing the binary calculation selected by the main control board 310. For example, even if the authentication for the main control board 310 has not been established once after the power is turned on, the peripheral board 330 can generate a value for establishing the authentication for the main control board 310. The control board 310 can be authenticated.

  When the correction unit with correction data is received by the reception unit 331, the correction unit 332 corrects the expected value held on the peripheral board 330 using the control command with correction data. When the received correction data is encrypted, the correction unit 332 corrects the expected value using a value obtained by restoring the correction data. Further, the correction unit 332 may correct all of the plurality of expected values when the peripheral substrate 330 holds a plurality of expected values for every binary operation held by the main control board 310. In this case, the correction unit 332 may receive a plurality of correction data corresponding to each of a plurality of expected values. Further, when the received correction data is correction data for one expected value among a plurality of expected values, the correcting unit 332 authenticates at least one expected value among the plurality of expected values with respect to the main control board 310. You may correct | amend so that it may become a value which corresponds with the value to be materialized.

  Further, when the correction unit 332 can identify an expected value to be corrected among a plurality of expected values held by the peripheral board 330, the correction unit 332 may correct only the expected value used for the verification of the main control board 310. Good. The case where the expected value to be corrected can be identified is, for example, that the peripheral substrate 330 knows the number of authentication data (the number of connections) when authentication with respect to the main control substrate 310 is established, whereby the main control substrate 310 This is a case where the binary operation used for the next authentication process can be known from all the binary operations held by.

  The expected value correction timing is, for example, when the number of divisions is determined in the main control board 310. In this case, the main control board 310 generates correction data according to the expected value to be corrected, and transmits this correction data to the peripheral board 330. The correction unit 332 corrects the expected value using the correction data transmitted from the main control board 310. Accordingly, the correction unit 332 can perform the correction process before the authentication process is performed after the peripheral substrate 330 switches the binary operation.

  For example, the correction unit 332 determines whether or not correction data is added to the control command. When the correction data is added to the control command, the correction unit 332 corrects the expected value of the peripheral board 330 using the correction data. The correction unit 332 determines whether or not the control command is a predetermined control command when correction data is added to the predetermined type of control command, and when the control command is the predetermined control command. The expected value of the peripheral substrate 330 may be corrected using the correction data. In addition, when the control unit with dummy data is received by the receiving unit 331, the correcting unit 332 does not correct the expected value held by the peripheral board 330, but maintains the expected value while maintaining the dummy data. It is also possible to perform processing similar to the correction processing.

  When the authentication unit 334 receives the control command with authentication data by the reception unit 331, the authentication unit 334 determines whether the value calculated using the control command with authentication data matches the expected value corrected by the correction unit 332. Based on this, the main control board 310 is authenticated. For example, the authentication unit 334 determines whether or not authentication data is added to the control command. If the authentication data is added to the control command transmitted from the main control board 310, the authentication unit 334 uses the control command with authentication data. The main control board 310 is authenticated based on whether or not the calculated value matches the expected value.

  Specifically, the authentication unit 334 authenticates the main control board 310 based on whether or not the inspection value stored in the calculation value storage unit 333 matches the expected value corrected by the correction unit 332. . The expected value is a value calculated by performing a binary operation on predetermined data in the data storage unit 312. The inspection value stored in the operation value storage unit 333 is a value obtained by combining the values calculated by performing binary operation on the authentication data generated by dividing predetermined data in the data storage unit 312. is there. Since the binary operation satisfies the combining law, the inspection value stored in the operation value storage unit 333 matches the expected value. As a result, the authentication unit 334 authenticates the validity of the main control board 310.

  Further, when the receiving unit 331 receives the control command with dummy data, the authentication unit 334 temporarily authenticates the main control board 310 (dummy authentication process). Specifically, when the receiving unit 331 receives the control command with dummy data, the authenticating unit 334 does not need to match the temporary inspection value stored in the calculated value storage unit 333 and the expected value. The control board 310 is authenticated. Further, the authentication unit 334 may authenticate the main control board 310 by omitting the process of whether or not the temporary inspection value stored in the calculation value storage unit 333 matches the expected value. By doing in this way, even when the receiving unit 331 receives the dummy data, the peripheral board 330 has the same amount of heat as generated during the processing time or processing as compared with the case where the normal authentication data is received. For this reason, it is possible to prevent a third party from knowing the timing at which regular authentication data is received in the peripheral board 330. Thereby, the strength of authentication can be further increased.

  In addition, the authentication unit 334 determines whether all the binary operations held in the main control board 310 are based on the number of authentication data subjected to the binary operation selected when the authentication for the main control board 310 is established. Select a binary operation to be used for the next authentication. The number of authentication data to be subjected to the binary operation selected when the authentication for the main control board 310 is established matches the number of divisions. For this reason, the authentication data generation unit 315 of the main control board 310 and the authentication unit 334 select the binary operation with the same rule, thereby continuing the authentication process while changing the binary operation used for generating the authentication data. be able to.

  Here, since the number of divisions is a value known only by the main control board 310, a third party cannot know the switching timing of the binary operation used for generating the authentication data. The peripheral board 330 switches the calculation method used for generating the authentication data based on the number of authentication data when the authentication for the main control board 310 is established. As a result, even if authentication data for the number of divisions is stolen and reused by a third party, the peripheral substrate 330 is used when the authentication data for the stolen number of divisions is generated after the calculation method is switched. Using the calculation method different from the above calculation method, the authentication data corresponding to the stolen number of divisions is calculated. As a result, the peripheral board 330 is stolen because it does not calculate a value that matches the expected value even if it receives authentication data for the number of divisions stolen by a third party after the binary operation is switched. It is possible to determine that the authentication data for the number of divisions is invalid. Therefore, an unauthorized control board is inserted between the main control board 310 and the peripheral board 330, and authentication data for the number of divisions stolen by a third party is transmitted from the unauthorized control board to the peripheral board 330. Even so, it can be detected that an unauthorized control board has been inserted. Therefore, unauthorized processing by an unauthorized control board can be prevented.

  Further, the authentication unit 334 stores any one of the inspection values generated for every binary operation stored in the operation value storage unit 333 and held in the main control board 310 and the expectation corrected by the correction unit 332. The main control board 310 may be authenticated based on whether or not the values match. Accordingly, the peripheral board 330 can perform authentication processing of the main control board 310 by combining authentication data for the number of divisions without knowing the number of divisions determined by the determination unit. For example, even if the number of divisions and the calculation method are not known, the peripheral board 330 can generate a value for establishing authentication for the main control board 310 and can authenticate the main control board 310. In addition, it is possible to limit the number of persons who can know the number of authentication data for generating a value for establishing authentication for the main control board 310, and the strength of authentication can be improved.

  Further, when correction data, authentication data, or dummy data is added to a predetermined type of control command, the authentication unit 334 determines, for example, whether the control command is a jackpot command and transmits it from the main control board 310. When the control command that has been issued is a jackpot command, the main control board 310 may be authenticated based on whether or not the value calculated using the control command with authentication data matches the expected value.

  Notification signal output unit 335 outputs a notification signal when main control board 310 is not authenticated by authentication unit 334. When the peripheral board 330 is the effect control unit 202, the notification signal output unit 335 outputs, for example, to the symbol display unit 104, the lamp control unit 251, the voice control unit 252 (see FIG. 2), and the like. The notification signal output unit 335 may output a notification signal to a center control device that manages pachinko gaming machines.

  Based on the notification signal output by the notification signal output unit 335, the symbol display unit 104, the lamp control unit 251, and the audio control unit 252 notify that there is a possibility that the main control board 310 has been cheated. Execute. This effect is, for example, causing a character that does not normally appear in the symbol display unit 104 to appear, or causing a character that normally appears to appear in a manner different from normal. Further, the luminance of the symbol display unit 104 may be changed, the color may be changed, or the lamp control unit 251 may be controlled to display a predetermined lamp 261. In any case, it is only necessary for employees to be aware of the condition when passing in front of the pachinko machine. Further, this effect may be an effect that the customer does not notice the state or an effect that the customer can easily notice. If the production is easily noticed by the customer, fraud can be efficiently suppressed.

  In addition, information related to the gaming state of the pachinko gaming machine, such as “Big hit” or “Probability changing” may be included in the notification signal. Based on the information on the gaming state, it may be determined whether or not an illegal act is performed by a center control device that manages the pachinko gaming machine. For example, there may be cases where winnings are concentrated during jackpots or probability fluctuations, even if the winnings are concentrated. Therefore, during the jackpot or the probability fluctuation, it is better to determine whether there is a possibility of fraudulent behavior under conditions different from other states. Moreover, you may make it output the information regarding a gaming state as another signal, without including in a notification signal. In this case, the employee determines whether there is a risk of fraud based on both the notification signal and the information regarding the gaming state.

  In FIG. 3, the expected value may be transmitted to the peripheral board 330 from another component. The other components are, for example, other peripheral units, a dedicated processing unit for generating expected values (hereinafter referred to as “expected value calculating unit”), and the like. The main control unit and the expected value calculation unit may transmit an expected value stored in advance to the peripheral board 330 or may generate an expected value for each matching process. Also, a coefficient necessary for calculating an expected value may be transmitted from an external device to the peripheral board 330 or the expected value calculation unit via an external connection I / F (not shown). As described above, when the expected value is not stored in advance in the peripheral board 330 and acquired from another component unit, the correction unit 332 acquires the correction value from the correction data received by the receiving unit 331, and the authentication unit 334 may determine whether the value calculated using the acquired expected value and the correction value matches the value calculated using the control command with authentication data received by the receiving unit 331. Good.

  Further, the peripheral board 330 may not hold the expected value (final expected value) itself after correction as a fixed value. In this case, for example, if correction processing using correction data is not performed from the time of manufacture, authentication is established when dummy data is received, and authentication is not established when authentication data is received. By doing in this way, the person who can know the final expected value can be limited, and the risk of leakage of information related to the expected value can be reduced.

  The adding unit 317 may add the correction value in a distributed manner. For example, in the case of a 16-bit correction value, the upper 8 bits and the lower 8 bits may be added in two portions. Note that the number of bits to be divided is arbitrary, and the bit positions may be random. That is, a 16-bit correction value may be added in three steps, for example, 2 bits, 5 bits, and 9 bits, regardless of the bit position. In this case, correction values may be sequentially added to the number of control commands in which correction values are dispersed from a predetermined control command. The receiving unit 331 may determine that the control command of the number of times the correction value is dispersed from the predetermined control command is the control command with correction data. The number of correction value dispersions may be set in advance on the main control board 310 and the peripheral board 330.

  Further, the correction data generation unit 313 and the authentication data generation unit 315 may perform a plurality of encryption processes on the correction data and the authentication data. Further, the correction data generation unit 313 and the authentication data generation unit 315 may perform encryption processing by selecting one of two or more types of encryption methods. In this case, in the peripheral board 330, the error check value is obtained by decoding by two or more kinds of decoding methods, and when any of the obtained error check values matches the expected value by the authentication unit 334, The main control board 310 may be authenticated.

  Further, the authentication data generation unit 315 may change the authentication data encryption method based on the number of divisions. Specifically, for example, when the division number is an odd number, the encryption method is changed to an encryption method different from the encryption method used this time, and when the division number is an even number, the encryption method is the same as the encryption method used this time. In this case, if the encryption method in the authentication data generation unit 315 is changed based on the number of divisions, the authentication unit 334 performs authentication performed by the authentication unit 334 when authentication for the main control board 310 is established. The decoding method may be changed based on the number of data.

(Basic operation of pachinko machines)
An example of the basic operation of the pachinko gaming machine having the above configuration will be described. The main control unit 201 outputs the winning status of the game ball for each winning port to the winning ball control unit 203 as a control command. The winning ball control unit 203 pays out the number of winning balls corresponding to the winning situation in accordance with the control command output from the main control unit 201.

  The main control unit 201 outputs a corresponding control command to the effect control unit 202 every time a game ball wins the start winning opening 105, and the effect control unit 202 displays the symbols on the symbol display unit 104 in a variable manner. Repeat to stop. When the occurrence of the big hit has been determined, the corresponding control command is output to the effect control unit 202, and the effect control unit 202 stops with a predetermined pattern aligned. At the same time, control for opening the special winning opening 109 is performed. The effect control unit 202 displays various effects on the symbol display unit 104 in addition to the symbol variation display during the jackpot occurrence period, during the reach until the jackpot occurrence, or at the time of reach notice. . In addition, a specific drive is performed for various types of accessories, and effects such as changing the display state of the lamp 261 are performed.

  When a big hit occurs, the big winning opening 109 is opened a plurality of times. One release is one round, for example, 15 rounds are repeatedly executed. The period of one round is set, for example, when 10 game balls are won or for a predetermined period (for example, 30 seconds). At this time, the winning ball control unit 203 pays out with, for example, 15 winning balls per winning game ball to the big winning opening 109. After the jackpot is over, the jackpot state is canceled and the normal gaming state is restored.

(Details of processing by each control unit)
Next, details of various processes performed by each control unit will be described. First, the control process of the effect control unit 202 by the main control unit 201 will be described. 4 and 5 are flowcharts showing the procedure of the control process of the effect control unit by the main control unit. 4 to 9, the correction data, the authentication data, and the accompanying data are not considered in order to clarify the control processing procedure of the effect control unit 202. That is, in the description of FIGS. 4 to 9, “transmit a command” means “transmit a control signal including data (control command data) indicating the command”, for example, correction data or authentication. The presence or absence of data and accompanying data (see FIG. 10) is not considered.

  4 and 5, the main control unit 201 first waits until the pachinko gaming machine is turned on (step S401: No loop). When the power of the pachinko gaming machine is turned on (step S401: Yes), the main control unit 201 transmits a power-on command to peripheral parts such as the effect control unit 202 and the prize ball control unit 203 (step S402). ). When the power-on command is transmitted, the effect control unit 202 controls the lamp control unit 251, the sound control unit 252, and the symbol display unit 104, and the control command for the effect at the time of power-on (specifically, the lamp Control commands to instruct the lighting of the LED, the output of sound, the display of the demonstration screen, etc.).

  Next, the main control unit 201 refers to the unlotted winning number data stored in the ROM 212 or the RAM 213 and determines whether or not the unlotted winning number is 0 (step S403). The number of undrawn winnings is the number obtained by subtracting the number of times that the lottery corresponding to the winning ball has been performed (the number of already drawn lots) from the number of winning balls detected at the start winning opening 105 (number of winnings). When the number of undrawn winning prizes is 0 (step S403: Yes), the main control unit 201 measures the time elapsed since the demonstration was started (step S404).

  When a predetermined time elapses after the demonstration is started (step S405: Yes), the main control unit 201 transmits a customer waiting demonstration command to the effect control unit 202 (step S406), and proceeds to step S407. If the predetermined time has not elapsed since the demonstration was started (step S405: No), the process proceeds to step S407 as it is. When the customer waiting demonstration command is transmitted in step S406, the effect control unit 202 transmits a control signal for the customer waiting demonstration to the lamp control unit 251, the voice control unit 252, and the symbol display unit 104. In step S403, when the number of undrawn winning prizes is not zero (step S403: No), the process proceeds to step S410.

  Next, the main control unit 201 determines whether or not a winning ball to the starting winning port 105 is detected by the starting winning port detection unit 221 (step S407). When a winning ball to the start winning opening 105 is detected (step S407: Yes), the main control unit 201 clears the time measured since the demonstration was started (step S408), and the number of unselected lottery winnings 1 is added to (step S409). Subsequently, the main control unit 201 acquires a jackpot determination random number (step S410), subtracts 1 from the number of undrawn winning prizes (step S411), and proceeds to step S412 in FIG. If no winning ball to the start winning opening 105 is detected in step S407 (step S407: No), the process returns to step S404 and the subsequent processing is continued.

  Next, the main control unit 201 determines whether or not the jackpot determination random number acquired in step S410 is a predetermined jackpot random number (step S412). When the jackpot determination random number is a jackpot random number (step S412: Yes), the main control unit 201 transmits a jackpot reach command (symbol variation command) to the effect control unit 202 (step S413). The main control unit 201 waits until the symbol variation time has elapsed (step S414: No loop), and when the symbol variation time has elapsed (step S414: Yes), transmits a symbol stop command to the effect control unit 202 ( Step S415).

  Next, the main control unit 201 transmits a jackpot start command to the effect control unit 202 (step S416), and then sequentially transmits commands corresponding to the rounds during the jackpot (jackpot command) (step S417). Then, when transmission of the jackpot command for all rounds is completed, the main control unit 201 transmits a jackpot end command (step S418), and proceeds to step S422.

  On the other hand, if the jackpot determination random number is not a jackpot random number in step S412, the main control unit 201 transmits a shift reach command (design variation command) to the effect control unit 202 (step S419). . The main control unit 201 waits until the symbol variation time has elapsed (step S420: No loop), and when the symbol variation time has elapsed (step S420: Yes), transmits a symbol stop command to the effect control unit 202 ( Step S421).

  The main control unit 201 returns to step S403 in FIG. 4 and repeats the subsequent processing until the pachinko gaming machine is turned off (step S422: No). Then, when the power of the pachinko gaming machine is turned off (step S422: Yes), the main control unit 201 transmits an end process command to the effect control unit 202 (step S423), and ends the process according to this flowchart. .

  FIG. 6 is a time chart showing the transmission timing of a jackpot related command (a jackpot reach command, a jackpot start command, a jackpot command, a jackpot end command). The jackpot reach command is transmitted more frequently and randomly than the actual jackpot occurs. The jackpot start command is transmitted only once when shifting to the jackpot state when a jackpot is actually generated. The jackpot command is continuously transmitted for each round after shifting to the jackpot state. The jackpot end command is transmitted only once when all rounds of the jackpot state are completed and the normal state is entered.

  Next, processing by the effect control unit 202 will be described. In the following, processing of the effect control unit 202 at the time of symbol variation (when a jackpot reach command (see step S413 in FIG. 5) or a loss reach command (see step S419 in FIG. 5) is received) and a jackpot time will be described. .

  FIG. 7 is a flowchart showing the procedure of the symbol variation process by the effect control unit. In the flowchart of FIG. 7, the effect control unit 202 first waits until a jackpot reach command (see step S413 in FIG. 5) or a miss reach command (see step S419 in FIG. 5), which is a symbol variation command. (Step S701: No loop). When the symbol variation command is received (step S701: Yes), the effect control unit 202 acquires a random effect selection random number (step S702), and selects a variation effect type based on the acquired random number (step S703). ). Then, the effect control unit 202 transmits an effect start command for each variable effect to the lamp control unit 251 and the sound control unit 252 (step S704).

  The effect control unit 202 determines whether or not the effect time of the variable effect has elapsed (step S705) and whether or not a symbol stop command (see steps S415 and S421 in FIG. 5) has been received from the main control unit 201. (Step S706). When the production time has elapsed (step S705: Yes), or when the symbol stop command has been received (step S706: Yes), the production control unit 202 sends a production stop command to the lamp control unit 251 and the audio control unit 252. Is transmitted (step S707). If the production time has not elapsed (step S705: No) and the symbol stop command has not been received (step S706: No), the process returns to step S705, and the subsequent processing is repeated.

  Next, the processing for the big hit of the effect control unit 202 will be described. FIG. 8 is a flowchart showing the procedure of the big hit processing by the effect control unit. In the flowchart of FIG. 8, the effect control unit 202 first waits until a jackpot start command (see step S416 in FIG. 5) is received from the main control unit 201 (step S801: No loop). When the jackpot start command is received (step S801: Yes), the effect control unit 202 transmits a jackpot start processing command to the lamp control unit 251 and the sound control unit 252 (step S802).

  Next, the effect control unit 202 waits until receiving a round jackpot command (see step S417 in FIG. 5) from the main control unit 201 (step S803: No loop). When the jackpot command is received (step S803: Yes), the effect control unit 202 transmits a round processing command corresponding to the received round jackpot command to the lamp control unit 251 and the sound control unit 252 (step S804). ).

  Subsequently, the effect control unit 202 waits until a jackpot end command (see step S418 in FIG. 5) is received from the main control unit 201 (step S805: No loop). When the jackpot end command is received (step S805: Yes), the effect control unit 202 transmits a jackpot end processing command to the lamp control unit 251 and the audio control unit 252 (step S806), and ends the processing according to this flowchart. To do.

  Subsequently, a lamp control process by the lamp control unit 251 will be described. Here, processing when a symbol variation command is received from the effect control unit 202 (during symbol variation) will be described. FIG. 9 is a flowchart showing the procedure of the lamp control process when the symbol is changed by the lamp control unit. In the flowchart of FIG. 9, the lamp control unit 251 first waits until an effect start command is received from the effect control unit 202 (step S901: No loop).

  When an effect start command is received from the effect control unit 202 (step S901: Yes), the lamp control unit 251 reads data prepared for each command (step S902) and executes a selection routine for each command (step S903). ), Ramp data is set (step S904). Then, the lamp control unit 251 outputs lamp data to the lamp 261 (step S905). Based on the lamp data output from the lamp control unit 251, the lamp 261 is turned on or off.

  Until the lamp control unit 251 receives an effect stop command from the effect control unit 202 (step S906: No), the lamp control unit 251 returns to step S905 and continues outputting the lamp data. When the production stop command is received (step S906: Yes), the lamp control unit 251 stops the output of the lamp data (step S907) and ends the processing according to this flowchart.

  Note that although the processing of the lamp control unit 251 is shown in FIG. 9, the sound control by the sound control unit 252 is almost the same as the processing of FIG. In the sound control process by the sound control unit 252, “ramp data” in steps S <b> 904, S <b> 905, and S <b> 907 in the process of FIG.

  As described above, peripheral units such as the effect control unit 202 and the prize ball control unit 203 perform various processes based on the control commands output by the main control unit 201. On the other hand, when the output source of the control command is not the regular main control unit 201, for example, when an unauthorized control board is connected between the main control unit 201 and the peripheral unit (see FIG. 17), The peripheral portion performs an illegal operation by an illegal control command output from an unauthorized control board.

  In order to prevent this illegal operation, in the electronic device according to the present embodiment, for example, in the pachinko gaming machine, when the control command output from the main control unit 201 is a predetermined command, the main control unit 201 and the peripheral unit Authentication processing is performed with Specifically, the predetermined command is a jackpot command transmitted while the jackpot state continues. This authentication process detects fraud such as the main control unit 201 being replaced with an unauthorized control board or an unauthorized control board being attached between the main control unit 201 and the peripheral part. Fraud can be prevented.

  On the other hand, in the peripheral part, when the authentication process for the main control unit 201 is performed, the data output from the main control unit 201 is collated with the expected value held in the peripheral part, and calculated using this data. The main control unit 201 is authenticated when the obtained value matches the expected value. At this time, for example, when the specifications of the pachinko gaming machine are changed or the number of winning balls or the probability is changed, if the main control unit 201 is changed to another main control unit 201, the main part before the change is displayed in the peripheral part. Since the expected value corresponding to the control unit 201 is held, the other main control unit 201 after the change cannot be authenticated. For this reason, the other main control unit 201 after the change is authenticated as an unauthorized control board although it is a legitimate control board, and the authentication process is erroneous.

  In order to prevent this authentication processing error, in the electronic device according to the present embodiment, for example, in a pachinko gaming machine, when the control command output from the main control unit 201 is a predetermined command, The correction data for correcting the expected value is transmitted to the section. Then, in the peripheral portion, the expected value is corrected using this correction data. Specifically, the predetermined command is a jackpot command transmitted while the jackpot state continues. Even if the main control unit 201 is changed to another main control unit 201 by this authentication process, the peripheral unit is not changed and the expected value is not changed. The expected value can be corrected. Therefore, an error in the authentication process can be prevented, and even if the main control unit 201 is changed, for example, the other main control unit 201 after the change can be authenticated as a regular control board. Further, since only the correction value is transmitted and the expected value itself is not transmitted, the expected value is not easily stolen by a third party, and fraud to the pachinko gaming machine can be prevented.

(Control signal data format)
Next, the data format of the control signal output from the main control unit 201 to the peripheral unit will be described. FIG. 10 is an explanatory diagram schematically showing a data format of a control signal output from the main control unit. As shown in FIG. 10, the normal control signal 1010 output from the main control unit 201 includes control command data 1001 and accompanying data 1002. The control command data 1001 is data unique to each command such as a jackpot reach command, a jackpot start command, and a round command. The accompanying data 1002 is data accompanying the control command data 1001, and is data necessary for processing based on the control command data 1001, such as the number of winning game balls.

  On the other hand, when the control command data 1001 in the control signal is a specific type of command, the main control unit 201 includes authentication data 1003, correction data 1004, or dummy data 1005 in addition to the control command data 1001 and accompanying data 1002. However, the control signal with authentication data 1020, the control signal with correction data 1030, or the control signal with dummy data 1040 is output to the peripheral portion.

  By including the authentication data 1003, the correction data 1004, or the dummy data 1005 in the control signal, compared with the case of transmitting the authentication data alone, the correction data alone, or the dummy data alone, between the main control unit 201 and the peripheral part. Communication load can be reduced. Further, by including authentication data 1003, correction data 1004 or dummy data 1005 in the control signal, authentication data 1003 from the communication data is compared with the case where authentication data 1003, correction data 1004 or dummy data 1005 is transmitted alone. Alternatively, the possibility that the correction data 1004 is extracted and analyzed can be reduced. Further, the control signal with correction data 1030, the control signal with dummy data 1040, and the control signals with authentication data 1020 corresponding to the number of divisions are randomly transmitted in an arbitrary order. Compared with performing the authentication process, it is possible to reduce the processing load on the main control unit 201 and the peripheral part due to the correction process or the authentication process.

  The authentication data 1003 is data for authenticating that the control command data 1001 and the accompanying data 1002 are output from the regular main control unit 201 by collating with the expected value held by the peripheral part. It is. Also, the authentication data 1003 is calculated using a binary operation that satisfies the combining law. For example, the authentication data 1003 is a value generated by dividing the program data stored in the ROM 212 of the main control unit 201 into the number of divisions. The authentication data 1003 includes, for example, errors such as computation using a hash function, parity check, cyclic redundancy check (CRC), and checksum for all or part of the program data stored in the ROM 212. It may be a value generated by encrypting a value obtained by performing the detection calculation (hereinafter referred to as “program code authentication value”) by a predetermined encryption method and dividing it into the number of divisions. A more specific method for generating the authentication data 1003 will be described later.

  As described above, the authentication data 1003 is generated by dividing the program data stored in the ROM 212 of the main control unit 201 into the number of divisions and performing a binary operation that satisfies the combining law on the divided data. For this reason, the peripheral unit performs the same binary operation as the main control unit 201 on the authentication data 1003 for the number of divisions, and collates the combination result of the values calculated by the binary operation with the expected value. By performing the authentication, it can be determined whether or not the output source of the control signal is the regular main control unit 201. Further, it is possible to detect unauthorized rewriting of the program code stored in the ROM 212 of the main control unit 201 or unauthorized replacement of the ROM 212 of the main control unit 201.

  Note that the main control unit 201 generates different authentication data 1003 for each control signal. Specifically, for example, the range of the program code in the ROM 212 used for generating the authentication data 1003 is different, or the error detection calculation for generating the authentication data 1003 is different. The data used for generating the authentication data 1003 is not limited to the program code, and may be arbitrary data stored in the ROM 212.

  The correction data 1004 is data for correcting an expected value used for collation of data transmitted from the main control unit 201 in the peripheral part. The correction data 1004 is a value generated based on a value unique to the main control unit 201, for example. Specifically, when there are a plurality of main control units 201, the correction data 1004 is a value that can identify each main control unit 201. For example, the main control unit 201 is changed to another main control unit 201. In this case, the expected value corresponding to the main control unit 201 before the change held in the peripheral part is a value for correcting the expected value according to the other main control unit 201 after the change. More specifically, when the main control unit 201 is changed to another main control unit 201, the correction data 1004 is changed with a unique value set in the main control unit 201 before being changed. This is a difference from a unique value set in the other main control unit 201 later. Further, the correction data 1004 may be a value generated based on the program data stored in the ROM 212 of the main control unit 201, for example, similarly to the authentication data 1003.

  Further, the authentication data 1003 and the correction data 1004 may include data related to the control command data 1001 and the accompanying data 1002 transmitted together with the authentication data 1003 and the correction data 1004. The data related to the control command data 1001 and the accompanying data 1002 can be obtained by performing an operation using the error detection method as described above on the control command data 1001 and the accompanying data 1002 itself, or the control command data 1001 and the accompanying data 1002. Value.

  In general, an unauthorized control board attempts to cause an unauthorized operation to be performed by transmitting a control command different from that of the regular main control unit 201. If the authentication data 1003 and the correction data 1004 are generated using the control command data 1001 and the accompanying data 1002 transmitted together with the authentication data 1003 and the correction data 1004, the authentication data 1003 and the correction data 1004 are reused by an unauthorized control board. Even in this case, the authentication data 1003 or the correction data 1004 and the control command data 1001 cannot be matched, and fraud can be detected.

  When the authentication data 1003 and the correction data 1004 include data related to the control command data 1001 and the accompanying data 1002, the main control unit 201 encrypts the data related to the control command data 1001 and the accompanying data 1002 together with, for example, a program code authentication value. Thus, the authentication data 1003 and the correction data 1004 may be generated.

  Here, since the normal control signal 1010 does not include the authentication data 1003 and the correction data 1004, the data size is smaller than that of the control signal with authentication data 1020 and the control signal with correction data 1030. For this reason, the control signal to which the authentication data 1003 and the correction data 1004 are added is easily overlooked, and these data are easily stolen.

  In order to prevent such a problem, dummy data 1005 having the same size as that of the correction data 1004 and the authentication data 1003 is added to the normal control signal 1010 that does not include the authentication data 1003 and the correction data 1004, and the control signal with dummy data is added. It may be 1040.

  The dummy data 1005 is dummy data of the correction data 1004 or the authentication data 1003, and is invalid data for correction processing and authentication processing in the peripheral portion. That is, the dummy data 1005 is temporarily authenticated that the control command data 1001 and the accompanying data 1002 are output from the regular main control unit 201 without collating with the expected value held in the peripheral part. It is data to do. The dummy data 1005 is collated with the expected value held in the peripheral portion, and the control command data 1001 and the accompanying data 1002 are output from the regular main control unit 201 regardless of whether the collation result is the same or not. This is data for temporarily authenticating that the data is correct. Further, the dummy data 1005 may be data for performing processing similar to the processing for correcting the expected value held in the peripheral portion.

  The dummy data 1005 may be generated by a value similar to the authentication data 1003, for example. Further, the dummy data 1005 may be authentication data used for another (different type) authentication process. The other authentication process is, for example, an authentication process that does not require an expected value correction process. Further, the dummy data 1005 may be generated by a value similar to the correction data 1004, for example. The dummy data 1005 may be authentication data used for another authentication process different from the authentication process performed between the main control unit 201 and the peripheral part, for example.

  Note that the arrangement of the control command data 1001, the accompanying data 1002, the authentication data 1003, the correction data 1004, or the dummy data 1005 is not limited to the order shown in FIG. 10, and for example, the authentication data 1003, the correction data 1004, or the dummy data Data 1005 may be used as the head of a control signal, or authentication data 1003, correction data 1004, or dummy data 1005 may be inserted between control command data 1001 and accompanying data 1002. Further, the authentication data 1003, the correction data 1004, or the dummy data 1005 may be output separately from the control command data 1001 and the accompanying data 1002. For example, after transmitting a control signal including a jackpot command, dummy data 1005 is added when the (n-1) th control signal is transmitted, correction data 1004 is added when the nth control signal is transmitted, and the (n + 1) th control signal is transmitted. Authentication data 1003 may be added at the time of transmission.

  The dummy data 1005 may be added to all of the normal control signals 1010 that do not include the authentication data 1003 and the correction data 1004, or the authentication data among the control signals that include predetermined command data (big hit command). You may add to the normal control signal 1010 which does not contain 1003 and the correction data 1004. By doing in this way, the data size of the normal control signal 1010 can be made comparable with the control signal with authentication data 1020 and the control signal with correction data 1030. For this reason, it is possible to prevent a third party from seeing through the control signal to which the authentication data 1003 or the correction data 1004 is added due to a difference in data size.

  The timing for outputting the control signal with authentication data 1020, the control signal with correction data 1030, or the control signal with dummy data 1040 is arbitrary. For example, the authentication data 1003, the correction data 1004, or the dummy data 1005 may be added so that the control signal with authentication data 1020 or the control signal with correction data 1030 can be transmitted every predetermined time. Alternatively, the control signal with authentication data 1020 or the control signal with dummy data 1040 may be output whenever the control signal with correction data 1030 is not output. Further, for example, when the control command data 1001 in the control signal is a specific type of command, the authentication data 1003, the correction data 1004, or the dummy data 1005 may be added. Further, the control signal with authentication data 1020, the control signal with correction data 1030, and the dummy data 1005 for the number of divisions may be transmitted at random.

(Method for generating authentication data (inspection value))
FIG. 11 is an explanatory diagram schematically showing a method of generating authentication data (inspection value) in the main control unit. The authentication data 1003 is generated using data stored in the ROM 212 of the main control unit 201 or the like. More specifically, after dividing a predetermined area of the ROM 212 by an arbitrary number of divisions, a binary operation (semigroup operation) that satisfies the combining law is performed on the data stored in each of the divided areas, and the inspection value is obtained. Is calculated. Examples of the semi-group operation include addition and exclusive OR operation. Then, a value obtained by performing a predetermined operation (for example, encryption processing) on the inspection value is set as authentication data. Whether or not to inspect the inspection value is arbitrary, but it is desirable to encrypt it from the viewpoint of fraud prevention. In addition, when a predetermined calculation is performed on the inspection value, a control command to which the inspection value is added may be used. In general, an unauthorized control unit tries to cause an unauthorized operation to be performed by transmitting a control command different from that of a regular main control unit. If the authentication data 1003 is generated using the control command to be transmitted this time, even if the authentication data is reused by an unauthorized control unit, the authentication data cannot be matched with the control command, and fraud is detected. Can do.

  The type of data used for calculating the inspection value is arbitrary, but for example, program data (instruction code or fixed data) stored in the ROM 212 of the main control unit 201 can be used. By using the program data stored in the ROM 212 of the main control unit 201, it is possible to detect unauthorized rewriting of the program code or unauthorized replacement of the ROM 212 of the main control unit 201.

  For example, 12 data (0x01 to 0x09, 0x0A to 0x0C) are stored in the program data storage unit 1100 shown in FIG. When the division number is 3, the program data storage unit 1100 can be divided into, for example, a first block 1100a including four data, a second block 1100b including three data, and a third block 1100c including five data. The main control unit 201 calculates a test value by performing a semi-group operation on the data stored in each block. The number of data in the block described above is an example. The number of data in each block may be a fixed value or may be determined randomly.

  For example, if the method of using addition as a semi-group operation is method A, four data 0x01, 0x02, 0x03, and 0x04 stored in the first block 1100a are added to obtain a first inspection value 0x0A. Similarly, the three data 0x05, 0x06, 0x07 stored in the second block 1100b are added to obtain the second inspection value 0x12 as the five data 0x08, 0x09, 0x0A, 0x0B, 0x0C stored in the third block 1100c. Are added to obtain the third inspection value 0x32.

  For example, if the method using the exclusive OR operation as the semi-group operation is method B, the exclusive OR operation is performed on the four pieces of data 0x01, 0x02, 0x03, and 0x04 stored in the first block 1100a. An inspection value of 0x04 is obtained. Similarly, exclusive OR operation is performed on the three pieces of data 0x05, 0x06, and 0x07 stored in the second block 1100b, and the second check value 0x04 is stored in the five pieces of data 0x08, 0x09, and 0x0A stored in the third block 1100c. , 0x0B, 0x0C are subjected to exclusive OR operation to obtain third check values 0x0C, respectively.

  Then, the obtained inspection value is encrypted to obtain authentication data. At the time of this encryption processing, the encryption processing may be performed including the inspection value and data related to the control command data 1001 and the accompanying data 1002 that are transmitted at the same time. The data related to the control command data 1001 and the accompanying data 1002 includes the control command data 1001 and the accompanying data 1002 itself, operations on the control command data 1001 and the accompanying data 1002 using a hash function, a parity check, and a cyclic redundancy check (Cyclic Redundancy Check). : CRC), a value obtained by performing an operation such as a checksum.

  In general, an unauthorized control board attempts to cause an unauthorized operation to be performed by transmitting a control command different from that of the regular main control unit 201. For this reason, if the authentication data 1003 is generated using the control command data 1001 and the accompanying data 1002, even if the authentication data 1003 is reused by an unauthorized control board, the authentication data 1003 matches the control command. Unable to detect fraud.

  On the other hand, the peripheral part as the authenticator holds the value obtained by performing the semi-group operation on the entire data stored in the program data storage part 1100 as an expected value. For example, the expected value in the case of method A is 0x4E, which is the sum of 0x01 to 0x0C. In addition, the expected value in the case of method B is 0x0C, which is an exclusive OR of 0x01 to 0x0C. The peripheral part may hold the same number of expected values as the number of inspection value generation methods by the main control part 201. Further, in the peripheral portion, only one expected value is held, and correction data 1004 is transmitted from the main control portion 201 to the peripheral portion every time the inspection value generation method by the main control portion 201 is switched. The value may be corrected.

  The peripheral part extracts the inspection value from the received control signal with authentication data 1020 and collates the value obtained by performing the semigroup operation on the inspection value with the expected value. Since the test values are generated using a half-group operation, if the same half-group operation is performed on all the test values generated from the divided program data, the expectation that the half-group operation was performed on the entire program data Should match the value. When the value obtained by performing the half-group operation on the inspection value matches the expected value, the peripheral unit authenticates the main control unit 201.

  Note that the semi-group calculation process in the peripheral portion corresponds to the process of combining the inspection values generated from the divided program data, and is therefore referred to as “joining process”. In addition, the number of inspection values used for the combining process when authentication is established is referred to as “number of connections”. The number of connections in the peripheral part and the number of divisions in the main control unit 201 are the same.

  Here, the main control unit 201 switches the inspection value generation method using, for example, the number of divisions. Further, the peripheral part switches the expected value of the result of combining inspection values using, for example, the number of connections. For example, when the number of divisions and the number of connections are odd, the test value generation method and the expected value are switched, and when the number of divisions and the number of connections are an even number, the previously used test value generation method and the expected value are continuously used. . When the peripheral part holds only one expected value, the peripheral part may correct the expected value at the switching timing of the test value generation method. The number of divisions is a value that only the main control unit 201 knows, and the peripheral part can know the value as the number of connections only when authentication is established. Therefore, the third party cannot know the number of divisions and the number of connections, and cannot know the switching timing of the test value generation method. Further, the peripheral unit switches the calculation method used for generating the authentication data based on the number of authentication data when the authentication with respect to the main control unit 201 is established. As a result, even if the authentication data for the number of divisions is stolen and reused by a third party, the authentication data for the number of the stolen divisions was generated after the test value generation method was switched in the peripheral area. An operation is performed on the authentication data corresponding to the stolen number of divisions using a performance test value generation method different from the current test value generation method. As a result, the peripheral part does not calculate a value that matches the expected value even if authentication data for the number of divisions stolen by a third party is received after the binary operation is switched. Several minutes of authentication data can be detected as invalid data. For this reason, it is possible to prevent the inspection value from being illegally generated by a third party.

(Control signal transmission / reception processing)
Next, a control signal transmission / reception process performed between the main control unit 201 and the peripheral unit will be described with reference to FIGS. 12 and 13. Hereinafter, the transmission / reception process of the control signal between the main control unit 201 and the effect control unit 202 will be described, but the transmission / reception process of the control signal between the main control unit 201 and the prize ball control unit 203 is performed in the same procedure. It is. In the following description, it is assumed that authentication data 1003 or dummy data 1005 is always transmitted when a control signal is transmitted. However, the present invention is not limited to this, and authentication data 1003 is transmitted only at a predetermined timing, for example, when a predetermined control command is transmitted. Correction data 1004 or dummy data 1005 may be added.

  FIG. 12 is a flowchart illustrating a procedure of control signal transmission processing by the main control unit. In the flowchart of FIG. 12, the main control unit 201 first waits until the power of the main control unit 201 is turned on (step S1201: No loop). When the main control unit 201 is turned on (step S1201: Yes), the main control unit 201 determines the number of program data divisions (step S1202). The method for determining the number of divisions is arbitrary.

  Next, the main control unit 201 divides the program data by the determined number of divisions, performs a semi-group operation on each of them to calculate inspection values, performs encryption processing on the inspection values, and performs authentication data 1003. Is generated (step S1203). By this process, the inspection value and authentication data 1003 for the number of divisions are generated. The inspection value generation method (such as the type of calculation used for generation) is determined when the main control unit 201 is shipped from the factory, when the number of divisions is first determined after power-on, or when the previous authentication data 1003 is transmitted. Alternatively, the inspection value generation method used when the power was turned off last time may be used.

  Next, it waits until the transmission timing of the control command comes (step S1204: No loop). When it is the control command transmission timing (step S1204: YES), the main control unit 201 sets the control command data 1001 and the accompanying data 1002 (step S1205).

  Next, the main control unit 201 determines whether it is the transmission timing of the correction data 1004 or the authentication data 1003 (step S1206). In step S1206, when it is the transmission timing of the correction data 1004 or the authentication data 1003 (step S1206: Yes), the main control unit 201 determines whether it is the transmission timing of the correction data 1004 (step S1207). If it is not the transmission timing of the correction data 1004 in step S1207 (step S1207: No), the main control unit 201 controls the control signal (authentication data 1001 generated in steps S1203 and S1205, accompanying data 1002, and authentication data 1003 (authentication). The control signal with data 1020) is transmitted to the effect control unit 202 (step S1208). The transmission order of the authentication data 1003 for the number of divisions is arbitrary. When the authentication data 1003 for the number of divisions generated in step S1203 has not been transmitted (step S1209: No), the main control unit 201 returns to step S1204 and waits until the transmission timing of the next control command. Repeat the process.

  When the authentication data 1003 for the number of divisions has been transmitted (step S1209: Yes), it is determined whether the number of divisions determined in step S1202 is a predetermined value (step S1210). The predetermined value is, for example, an odd number (or even number). When the number of divisions is a predetermined value (step S1210: Yes), the main control unit 201 switches the inspection value generation method (step S1211). On the other hand, when the number of divisions is not a predetermined value (step S1210: No), it is determined whether or not the main control unit 201 is turned off without switching the inspection value generation method (step S1212). In step S1212, when the main control unit 201 determines that the main control unit 201 is not turned off (step S1212: No), the process returns to step S1202, and the subsequent processing is repeated.

  In step S1207, when it is the transmission timing of the correction data 1004 (step S1207: Yes), the main control unit 201 generates correction data 1004 (step S1213). The main control unit 201 transmits a control signal (control signal with correction data 1030) including the control command data 1001, the accompanying data 1002, and the correction data 1004 generated in steps S1205 and S1213 to the effect control unit 202 (step). S1214). At this time, the main control unit 201 transmits the control signal with correction data 1030 to the effect control unit 202 before the transmission of the control signals with authentication data 1020 for the number of divisions to the effect control unit 202 is completed.

  Next, the main control unit 201 proceeds to step S1209, and determines whether or not the authentication data 1003 for the number of divisions has been transmitted. At this time, the main control unit 201 should hold the authentication data 1003 that has not been transmitted yet. For this reason, the main control unit 201 returns to step S1204 without determining whether or not the transmission of the authentication data 1003 for the number of divisions has been completed in step S1209, and performs a process of transmitting the authentication data 1003 that has not been transmitted yet. May be.

  On the other hand, if it is not the transmission timing of the correction data 1004 or the authentication data 1003 in step S1206 (step S1206: No), the main control unit 201 determines whether it is the transmission timing of the dummy data 1005 (step S1215). When it is the transmission timing of the dummy data 1005 in step S1215 (step S1215: Yes), the main control unit 201 generates dummy data 1005 (step S1216). The main control unit 201 transmits a control signal (control signal with dummy data 1040) including the control command data 1001, the accompanying data 1002, and the dummy data 1005 generated in step S1205 and step S1216 to the effect control unit 202 (step S1217). ).

  When the transmission timing of the dummy data 1005 is not reached in step S1215 (step S1215: No), the main control unit 201 controls the control signal (normal control signal 1010) including the control command data 1001 and the accompanying data 1002 set in step S1205. ) Is transmitted to the effect control unit 202 (step S1218). Then, the main control unit 201 proceeds to step S1209, determines whether the authentication data 1003 for the number of divisions has been transmitted, and performs the subsequent processing. If the power is turned off in step S1212 (step S1212: Yes), the processing according to this flowchart ends.

  In the flowchart of FIG. 12, the control command data 1001 and the accompanying data 1002 are set in step S1205 after the control command transmission timing is reached in step S1204: Yes. However, the present invention is not limited to this. For example, the control command data 1001 and the accompanying data 1002 may be set before transmitting the control signal with correction data 1030 in step S1214. Similarly, in steps S1208, S1217, and S1218, control command data 1001 and associated data 1002 may be set before transmitting control signal with authentication data 1020, control signal with dummy data 1040, or normal control signal 1010, respectively. Good.

  In the flowchart of FIG. 12, while performing the processing of step S1204 to step S1209 and transmitting the control data with authentication data 1020 for the number of divisions, the control signal with authentication data 1020, the control signal with correction data 1030, The configuration may be such that the control signal with dummy data 1040 and the normal control signal 1010 are randomly transmitted in an arbitrary order. Further, when the expected value already corrected is held in the peripheral portion, only the control signal with authentication data 1020 for the number of divisions may be transmitted without transmitting the control signal with correction data 1030.

  In the flowchart of FIG. 12, the dummy data 1005 or the normal control signal 1010 is transmitted when it is not the transmission timing of the correction data 1004 or the authentication data 1003 in step S1206: No. However, the present invention is not limited to this. . For example, when the control command transmitted this time is a jackpot command, the correction data 1004 or the authentication data 1003 is transmitted, and when the control command transmitted this time is a command other than the jackpot command, dummy data 1005 or a normal control signal 1010 is transmitted. May be configured to transmit.

  Thus, the main control unit 201 adds the correction data 1004, the authentication data 1003, or the dummy data 1005 to the control command data 1001 when transmitting a control command to the peripheral unit. As a result, the correction data 1004, the authentication data 1003, or the dummy data 1005 can be randomly transmitted at an arbitrary timing. Since the number of divisions is a value that only the main control unit 201 knows, the third party cannot know the number of authentication data 1003 transmitted to the peripheral unit. The main control unit 201 transmits the correction data 1004 or the dummy data 1005 of the authentication data 1003 when transmitting a control command to the peripheral unit. Thereby, the possibility that the correction data 1004 or the authentication data 1003 is extracted can be reduced.

  The main control unit 201 may add the correction data 1004, the authentication data 1003, or the dummy data 1005 to the control command data 1001 only when a jackpot command is transmitted to the peripheral part. In this case, since the occurrence frequency of the jackpot command is lower than that of other commands, the possibility that the correction data 1004 or the authentication data 1003 is extracted from the control signal can be reduced. Further, since the jackpot command is continuously transmitted for each round after shifting to the jackpot state, the correction data 1004, the authentication data 1003, or the dummy data 1005 can be continuously transmitted during one jackpot state. . Therefore, once the big hit state is reached, the correction data 1004, the dummy data 1005, and the authentication data 1003 for the number of divisions can be transmitted continuously. Therefore, it is possible to perform the authentication process without leaving an interval after correcting the expected value, and to prevent the third party from knowing the timing for performing the correction process or the authentication process. As a result, the possibility that an unauthorized substrate is inserted between the correction process and the authentication process is reduced, and the strength of the authentication can be improved.

  The main control unit 201 adds correction data 1004 to the control command data 1001 when transmitting a jackpot start command to the peripheral portion, and authentication data to the control command data 1001 when transmitting the jackpot command to the peripheral portion. When 1003 is added and a control command other than the jackpot start command and the jackpot start command is transmitted to the peripheral portion, dummy data 1005 may be added to the control command data 1001. The jackpot start command is a command for starting a jackpot state, and has a lower transmission frequency than other commands. Therefore, the possibility that the correction data 1004 is extracted from the control signal can be reduced. The jackpot command is continuously transmitted for each round after the jackpot start command is transmitted and the jackpot state is entered. Therefore, once the big hit state is reached, the correction data 1003 for the number of divisions can be continuously transmitted after the correction processing is performed in the peripheral portion. Further, the dummy data 1005 can be transmitted at a timing other than the correction process or the authentication process. Therefore, the authentication process can be performed without any interval after the expected value is corrected. Furthermore, it is possible to prevent a third party from knowing the timing of transmitting the correction data 1004 or the authentication data 1003. As a result, the possibility that an unauthorized substrate is inserted between the correction process and the authentication process is reduced, and the strength of the authentication can be improved.

  In this case, the peripheral part can identify correction data, authentication data, or dummy data depending on the type of control command. Accordingly, the peripheral part can identify the correction data, the authentication data, or the dummy data and perform the authentication process or the correction process without increasing the processing load on the peripheral part.

  The main control unit 201 may add the correction data 1004, the authentication data 1003, or the dummy data 1005 to the control command data 1001 only when a jackpot reach command is transmitted to the peripheral part. In this case, the jackpot reach command is transmitted more frequently and randomly than the jackpot actually occurs before the jackpot state is reached. For this reason, for example, when a jackpot reach command is continuously transmitted in small numbers, any of the correction process, the authentication process, and the dummy authentication process can be performed before the jackpot state is reached.

  Further, the main control unit 201 may add the correction data 1004 to the control command data 1001 only when transmitting a power-on command to the peripheral unit. The power-on command is transmitted when the pachinko gaming machine is initialized, such as when the pachinko gaming machine is turned on or reset. The initialization process is classified into a process category different from the game (game progress) related process which is the main process of the pachinko gaming machine. If the correction process is incorporated during the initialization process, the steps (man-hours) required for program design and testing can be reduced as compared with the case where the correction process is incorporated during the game-related process. That is, by incorporating the correction process during the initialization process, it is possible to obtain development merit and quality control merit.

  The main control unit 201 may add the correction data 1004 to the control command data 1001 only when transmitting a customer waiting demo command to the peripheral part. When the main control unit 201 transmits an arbitrary control command to the peripheral part before the customer waiting demo is started by the customer waiting demo command and is stopped by the customer waiting demo stop command, the control command data The authentication data 1003 or the dummy data 1005 may be added to 1001. The customer waiting demo command and the customer waiting demo stop command are commands for starting or stopping the customer waiting demo. The customer waiting demo is displayed when the game (game progress) related process which is the main process of the pachinko gaming machine is not performed. Thereby, the processing load due to the correction process, the authentication process, or the dummy authentication process does not affect the game-related process. For this reason, even if the main control unit 201 and the peripheral part do not have a high processing capacity, or even a pachinko gaming machine with a large processing load of game-related processing, a correction processing function and an authentication processing function should be added. Can do. Moreover, since both the correction process and the authentication process can be performed in this order during the non-game state, fraud can be detected before the game state is entered. For this reason, the gaming state can be performed in a safe state without fraud. Further, since the authentication process and the dummy authentication process can be performed during the non-game state, it is possible to prevent a third party from knowing the timing of the authentication process. As a result, the strength of the authentication process can be improved.

  The main control unit 201 may add the correction data 1004, the authentication data 1003, or the dummy data 1005 to the control command data 1001 only when transmitting a deviation command to the peripheral part. In this case, since the outbreak command has the highest occurrence frequency as the lottery result at the time of the jackpot lottery, the number of times of performing the correction process, the authentication process, or the dummy authentication process is increased, and the strength of the authentication can be increased. Further, since the occurrence frequency of the loss command is high, if the authentication data 1003 or the dummy data 1005 is added after the correction data 1004 is added, the correction data 1004, the authentication data 1003, or the dummy data 1005 is randomly added to the loss command. Can be added.

  Next, control signal reception processing by the effect control unit 202 will be described. FIG. 13 is a flowchart showing a procedure of control signal reception processing by the effect control unit 202. In the flowchart of FIG. 13, the effect control unit 202 first waits until a control signal is received from the main control unit 201 (step S1301: No loop). When the control signal is received from the main control unit 201 (step S1301: Yes), the effect control unit 202 determines whether or not the received control signal includes data relating to correction such as the correction data 1004 (step S1302). . The determination as to whether or not the control signal includes data related to correction is performed, for example, whether or not the control signal includes authentication data 1003 or whether or not the data amount of the control signal is greater than that of the normal control signal. It is done by judging. The determination as to whether or not the data related to the correction is dummy data 1005 is, for example, whether or not the control signal has a data amount larger than a normal control signal and is the nth control signal after the peripheral power is turned on. This is performed by determining whether or not a flag indicating that the correction data 1004 is included is set in the control signal. Even if the control signal received in step S1301 includes the dummy data 1005, the effect control unit 202 determines that the control signal includes data related to correction in step S1302, and proceeds to step S1303. Good.

  In step S1302, when the control signal includes data related to correction (step S1302: Yes), the effect control unit 202 extracts the correction data 1004 from the control signal, and uses the correction data 1004 to produce the effect control unit 202. The expected value held in is corrected (step S1303). If it is determined in step S1303 that the dummy data 1005 is data related to correction, the effect control unit 202 performs processing similar to the correction processing while maintaining the expected value without correcting the expected value. Also good.

  In step S1302, the effect control unit 202 determines whether the control command data 1001 included in the control signal is data of a predetermined control command, not whether the received control signal includes the correction data 1004. It may be judged. In this case, when the control command data 1001 included in the control signal is data of a predetermined control command, the effect control unit 202 extracts the correction data 1004 from the control signal, and proceeds to step S1303. In step S1302, for example, when the control command for adding the correction data 1004 is a jackpot command, the effect control unit 202 sets the data for the nth jackpot command after the power is turned on or the jackpot state is entered. It may be determined whether or not. In this case, the effect control unit 202 may extract the correction data 1004 from the control signal and proceed to step S1303 when the data is the n-th jackpot command data.

  Next, processing based on the control command data 1001 and accompanying data 1002 included in the control signal is performed (step S1304), the process returns to step S1301, waits until the next control signal is received, and the subsequent processing is repeated. Do it.

  On the other hand, in step S1302, when the correction data 1004 is not included in the control signal (step S1302: No), the effect control unit 202 includes authentication-related data such as authentication data 1003 in the control signal received in step S1301. It is determined whether or not it is (step S1305). The determination as to whether or not the data related to authentication is included in the control signal is made, for example, by determining whether or not the data amount of the control signal is larger than that of the normal control signal. The determination as to whether the data related to authentication is dummy data 1005 is made by, for example, determining whether a flag indicating that dummy data 1005 is included is set in the control signal. If dummy data 1005 is included in the control signal received in step S1301, presentation control unit 202 may determine that the control signal includes data related to authentication in step S1305, and may proceed to step S1306. .

  In step S1305, the effect control unit 202 determines whether the control command data 1001 included in the control signal is data of a predetermined control command, not whether the received control signal includes data related to authentication. It may be judged. In this case, when the control command data 1001 included in the control signal is data of a predetermined control command, the effect control unit 202 determines that the data related to authentication is included in the control signal, and proceeds to step S1306. In step S1305, when the control command for adding correction data 1004 is a jackpot command, for example, the rendering control unit 202 performs the nth time after the power is turned on (or reset) or the jackpot state is reached. It may be determined whether the data is a jackpot command data other than. In this case, the effect control unit 202 includes data related to authentication in the control signal when the power is turned on (or reset) or the data of the jackpot command other than the nth after the jackpot state is entered. You may decide that

  When the data related to authentication is included in the control signal (step S1305: Yes), the effect control unit 202 extracts the authentication data 1003 from the control signal, and further performs a decoding process to obtain the inspection value (step S1306). ). The effect control unit 202 stores the acquired inspection value in the inspection value memory (step S1307), and performs a semi-group operation (joining process) on all inspection values in the inspection value memory (step S1308). . Note that the type of half-group operation performed in step S1308 is determined when the previous authentication data 1003 is received. If there is one inspection value in the inspection value memory, the process proceeds to step S1309 without performing the combining process.

  Next, the corrected expected value is acquired (step S1309). Then, it is determined whether the calculation result (combination result) of the inspection values stored in the inspection value memory matches the expected value (step S1310). At this time, the effect control unit 202 may determine whether the calculation result of the inspection value and the expected value have a predetermined relationship, not whether the calculation result of the inspection value matches the expected value. Good. The predetermined relationship is, for example, a relationship in which a value obtained by performing a predetermined calculation on the inspection value calculation result matches an expected value.

  When the calculation result of the inspection value matches the expected value (step S1310: Yes), the effect control unit 202 authenticates the validity of the main control unit 201 that has transmitted the control signal, and proceeds to step S1311. 202 determines whether or not the number of inspection values (the number of combinations) subjected to the combination process when authentication is established is a predetermined value (step S1311). The predetermined value is, for example, an odd number (or even number). When the data related to authentication is dummy data 1005, in step S1310, the effect control unit 202 temporarily authenticates the main control unit 201 that transmitted the control signal even if the calculation result in step S1308 does not match the expected value. (Dummy authentication process), the process proceeds to step S1311. Further, the effect control unit 202 may skip the process of temporarily authenticating the main control unit 201 and proceed to step S1311. In this case, in steps S1306 to S1309, the effect control unit 202 may perform a process of extracting the dummy data 1005 from the control signal and temporarily combining them, or may omit it.

  In step S1311, when the number of combinations is a predetermined value (step S1311: Yes), the effect control unit 202 switches the inspection value combination method used for authentication (step S1312), and erases the data in the inspection value memory. (Step S1313). In step S1304, processing based on the control command data 1001 and accompanying data 1002 included in the control signal is performed. If the number of combinations is not a predetermined value (step S1311: No), the process proceeds to step S1313, and the data in the inspection value memory is erased without switching the inspection value combining method. In step S1304, processing based on the control command data 1001 and accompanying data 1002 included in the control signal is performed.

  On the other hand, if the calculation result of the inspection value does not match the expected value in step S1310 (step S1310: No), the effect control unit 202 receives the predetermined number or more of inspection values (step S1314: No) until step S1310 receives the inspection value. Returning to S1301, the combining process is repeated. When the inspection value of a predetermined number or more is received (step S1314: Yes), the effect control unit 202 discards the control command data 1001 and the accompanying data 1002 without authenticating the validity of the main control unit 201 that transmitted the control signal. At the same time, a notification signal is output from the notification signal output unit 335 (see FIG. 3) (step S1315), and the processing according to this flowchart ends. The predetermined number is an arbitrary number. For example, the predetermined number can be the number of data that can be stored in the program data storage unit 1100 (maximum number of divisions). When the authentication is not established, in step S1315, either the data discard or the notification may be performed.

  In step S1305, when the control signal does not include data related to authentication (step S1305: No), that is, when the dummy authentication process is not performed or when the control signal is the normal control signal 1010, the effect control unit 202 Without collating with the expected value, the process proceeds to step S1304 as it is, and processing based on the control command data 1001 and the accompanying data 1002 is performed.

  In the flowchart of FIG. 13, when the effect control unit 202 does not hold the expected value in advance and the expected value is transmitted from another component, the expected value is not corrected in step S1303 and the correction data 1004 is stored. Extracted and stored in the data storage unit 312 or the like. Then, after obtaining the expected value from another component in step S1309, the expected value is corrected using the stored correction data 1004, and the process proceeds to step S1310, where the corrected expected value matches the authentication data 1003. It may be determined whether or not.

(Example of control signal flow between control units)
Next, the flow of control signals between the main control unit 201 and the peripheral unit will be described with reference to the sequence diagrams of FIGS. 14 and 15. Here, the peripheral portion is, for example, the effect control unit 202 or the prize ball control unit 203 (FIG. 2). 14 and 15 are sequence diagrams illustrating an example of the flow of control signals between the control units. 14 and 15, the part surrounded by the dotted line A is a step of the process of temporarily authenticating the main control unit 201 (dummy authentication process), and the part surrounded by the dotted line B is the correction process for one time. The portion surrounded by the dotted line C is a step of authentication processing for one time. In the sequence diagrams of FIGS. 14 and 15, the correction process (the part surrounded by the dotted line B) and the authentication process (the part surrounded by the dotted line C) are processed separately. The correction process may be performed while the process is being performed.

  As shown in FIG. 14, when the control command data 1001 is a predetermined control command, the main control unit 201 sets the control command data 1001 and the accompanying data 1002 (step S1401). Further, the main control unit 201 generates dummy data 1005 (step S1402). Here, the dummy data 1005 may be an error-detectable numerical value generated from a predetermined program code or the like recorded in a recording unit or the like included in the main control unit 201. The error check value is preferably an operation result value of an actual error check value and a salt value.

  Next, the main control unit 201 transmits a control signal with dummy data 1040 including control command data 1001, accompanying data 1002, and dummy data 1005 to the peripheral part (step S1403). In step S1403, the control command data 1001 in which the accompanying data 1002 is set and the dummy data 1005 may be separately transmitted to the peripheral part. In this case, the transmission order may be out of order.

  The peripheral part receives the control signal with dummy data transmitted in step S1403 (step S1404). Then, the main control unit 201 is authenticated without performing comparison with the expected value, and processing based on the control command data 1001 and the accompanying data 1002 is performed (step S1405). After receiving the control signal with dummy data in step S <b> 1404, the peripheral portion may perform processing similar to the correction processing using the dummy data.

  The series of processes using the dummy data 1005 described above may be performed in a correction process or an authentication process described below. In this case, a series of processes using the dummy data 1005 may be performed once or a plurality of times.

  Next, when the control command data 1001 is a predetermined control command, the main control unit 201 generates a correction value (step S1411). The correction value is a value for correcting the expected value for collation of the main control unit 201, and is a value that is the basis of the correction data 1004. The correction value is preferably a calculation result value of an actual correction value and a salt value. Note that the generation of the correction value in step S1411 may be performed before the correction data 1004 is generated in step S1413 described later.

  If the control command data 1001 is a predetermined control command, the main control unit 201 sets the control command data 1001 and the accompanying data 1002 (step S1412). Further, the main control unit 201 generates correction data 1004 using the correction value generated in step S1411 (step S1413). In step S1413, correction data 1004 is generated using, for example, an encryption arithmetic expression. Note that the encryption processing by the encryption operation may be performed twice or more.

  Next, the main control unit 201 transmits a control signal with correction data 1030 including control command data 1001, accompanying data 1002, and correction data 1004 to the peripheral part (step S1414). In step S1414, control command data 1001 in which accompanying data 1002 is set in a predetermined command and correction data 1004 may be separately transmitted to the peripheral portion. In this case, the transmission order may be out of order.

  The peripheral part receives the control signal with correction data 1030 transmitted in step S1414 (step S1415). Next, the peripheral part restores the correction data 1004 (step S1416). In step S1416, the correction data 1004 is restored by the decryption arithmetic expression corresponding to the encryption arithmetic expression used in step S1413, and the correction value is acquired.

  Next, an expected value correction process is performed using the correction value acquired in step S1416 (step S1417). For example, when the expected value is not held in advance in the peripheral part, in step S1417, the peripheral part acquires the expected value from another control part, and performs the expected value correction process on the acquired expected value. Then, the peripheral part performs processing based on the control command data 1001 and the accompanying data 1002 (step S1418).

  Specifically, in step S1417, the expected value (old expected value) held in advance becomes the expected value (new expected value) corrected by the correction process. Then, the peripheral unit holds the corrected expected value (new expected value) as an expected value for collation of the main control unit 201.

  Next, as shown in FIG. 15, the main control unit 201 determines the number of divisions used for the current authentication process by an arbitrary method. For example, when the number of divisions at this time = 3 (step S1421), the main control unit 201 divides the data stored in the program data storage unit 1100 into three blocks, and uses the data included in each block, The inspection value is calculated by the method A which is the default generation method (step S1422). The main control unit 201 encrypts the inspection value to generate authentication data 1003 (step S1423), and transmits a control signal with authentication data 1020 including control command data 1001, accompanying data 1002, and authentication data 1003 to the peripheral unit ( Step S1424). In step S1424, the main control unit 201 sets control command data 1001 and accompanying data 1002 for each of the authentication data 1003 for the number of divisions.

  After that, the main control unit 201 switches the inspection value generation method because the current division number is an odd number (step S1425). Specifically, the inspection value generation method is switched from method A to method B.

  The peripheral unit receives the control signal with authentication data 1020 transmitted in step S1424 (step S1426). Then, authentication data 1003 is extracted from the control signal with authentication data (step S1427), and decryption is performed to obtain an inspection value (step S1428). The peripheral part performs a combining process on the acquired inspection value by method A (step S1429), and collates the inspection value combination result with the expected value (new expected value) corrected in step S1417. If it coincides with the expected value, the peripheral unit establishes authentication with the main control unit 201 (step S1430). In this case, when the combining process is performed using three inspection values, it should match the expected value (number of connections = 3).

  Thereafter, since the number of connections this time is an odd number in the peripheral portion, the method for generating the test value used at the time of authentication is switched (step S1431). Specifically, the inspection value generation method is switched from a value corresponding to method A to a value corresponding to method B. Next, the peripheral part performs processing based on the control command data 1001 and the accompanying data 1002 (step S1432). If authentication is not established in step S1430, control command data 1001 and accompanying data 1002 are discarded (see step S1315 in FIG. 13). This is the flow of a series of authentication processes.

  In the series of authentication processes described above, since the method for generating the inspection value is switched, the main control unit 201 again checks the result of the combination of the inspection value and the expected value in the second authentication process before the peripheral value is checked. The control signal with correction data 1030 is transmitted to the unit to correct the expected value. Further, in the series of authentication processes described above, immediately after the test value generation method is switched, the control signal with correction data 1030 may be transmitted to the peripheral portion to correct the expected value.

  Next, the description proceeds to the second authentication process, and the main control unit 201 again determines the division number by an arbitrary method. For example, assuming that the current number of divisions = 4 (step S1441), the main control unit 201 divides the data stored in the program data storage unit 1100 into four blocks, and uses the data included in each block, The inspection value is calculated by method B, which is the generation method after switching (step S1442). The main control unit 201 encrypts the inspection value to generate authentication data 1003 (step S1443), and transmits a control signal with authentication data 1020 including control command data 1001, accompanying data 1002, and authentication data 1003 to the peripheral unit ( Step S1444). In step S <b> 1444, the main control unit 201 sets control command data 1001 and accompanying data 1002 for each authentication data 1003 corresponding to the number of divisions.

  After that, the main control unit 201 continues the generation method without switching the inspection value generation method because the current division number is an even number (step S1445). Specifically, the inspection value generation method remains the method B.

  The peripheral unit receives the control signal with authentication data 1020 transmitted from the main control unit 201 (step S1446), and extracts the authentication data 1003 (step S1447). Then, decryption is performed to obtain a check value (step S1448), and the obtained check value is combined with method B (step S1449). When the combined result of the inspection values matches the corrected expected value (new expected value), the peripheral unit establishes authentication with the main control unit 201 (step S1450). In this case, when the joining process is performed using four inspection values, it should match the expected value (number of joins = 4). Since the number of connections this time is an even number in the peripheral part, the generation method is continued as the method B without switching the method of generating the test value used for authentication (step S1451).

  If authentication is established in step S1450, the peripheral unit performs processing based on the control command data 1001 and accompanying data 1002 (step S1452). If authentication is not established in step S1450, control command data 1001 and accompanying data 1002 are discarded (see step S1313 in FIG. 13).

  In the sequence diagrams of FIGS. 14 and 15, as an example, a normal control signal 1010 is transmitted when a command other than the jackpot command is received, and a control signal with correction data 1030 or a control signal with authentication data 1020 is received when the command is a jackpot command. May be sent. Specifically, for example, a normal control signal 1010 to which correction data 1004 or authentication data 1003 is not added or a dummy signal other than a jackpot command until transmission of the control data with authentication data 1020 for the number of divisions is completed. Data 1005 may be transmitted. Further, the normal control signal 1010 or the dummy data 1005 may be transmitted a plurality of times or may not be performed until the transmission of the control data with authentication data 1020 for the number of divisions.

  Further, in the sequence diagrams of FIGS. 14 and 15, provisional authentication processing using the dummy data 1005 may be performed a plurality of times before the correction processing, or may not be performed. Prior to the authentication process, at least one correction process may be performed. That is, the control signal with dummy data 1040 or the normal control signal 1010 is transmitted before the control signal with correction data 1030 is transmitted, and the control signal with dummy data is transmitted after the control signal with correction data 1030 is transmitted. In addition to 1040 or the normal control signal 1010, a control signal with correction data 1030 may be further transmitted.

  Further, in the sequence diagrams of FIGS. 14 and 15, the peripheral portion may not hold the corrected expected value (final expected value) itself as a fixed value after performing the expected value correction in step S1417. In this case, for example, if the correction process (B) using the correction data 1004 is not performed from the time of manufacture, authentication is established in the process (A) for temporarily authenticating the main control unit 201, and authentication is performed in the authentication process (C). You may design so that it may not be materialized. By doing in this way, the person who can know the final expected value can be limited, and the risk of leakage of information related to the expected value can be reduced.

  Further, in the specific examples in the sequence diagrams of FIGS. 14 and 15, the exclusive OR is used for the encryption arithmetic expression and the decryption arithmetic expression, but other arithmetic expressions such as four rules and the cryptographic arithmetic may be used. Good. That is, the authentication method or the arithmetic expression determined in advance may be used in the main control unit 201 and the peripheral unit.

  Further, the authentication process using the authentication data may not be performed every time the authentication data is received, but may be performed when the authentication data corresponding to the number of divisions is received a plurality of times. In this case, for example, when the first authentication data is received together with the first control command data and the first associated data, the peripheral unit performs the first control command data and the first associated data without performing the authentication process. Perform processing based on data. When the peripheral unit receives the second authentication data together with the second control command data and the second associated data, the peripheral unit performs the process based on the second control command data and the second associated data before performing the process based on the second control command data and the second associated data. The authentication process using the authentication data of 1 is performed. At this time, the peripheral part may perform the authentication process using both the first authentication data and the second authentication data. In this way, if authentication processing is performed at the time when a plurality of authentication data is received, it is possible to prevent erroneous authentication processing when extra data is added to the control signal due to an error. it can.

  In the above description, the correction data 1004, the authentication data 1003, and the dummy data 1005 may be transmitted when the jackpot command is transmitted, or the correction data 1004 and the authentication data 1003 are transmitted when another control command is transmitted. The dummy data 1005 may be transmitted. Specifically, for example, the authentication data 1003 is transmitted when any one or more of a power-on command, a jackpot reach command, a jackpot start command, a jackpot end command, a customer waiting demo command, a miss command, etc. are transmitted. It is good also as transmitting. In this way, it is possible to further prevent the third party from seeing the timing at which the correction data 1004 and the authentication data 1003 are transmitted, and to further prevent the correction data 1004 and the authentication data 1003 from being stolen.

  As described above, in the electronic device according to the present embodiment, when a predetermined control command is transmitted, expected value correction is performed using correction data for correcting expected values used for verification of the main control unit in the peripheral part. Perform processing. The correction data is generated by a value unique to the main control unit or program data stored in the main control unit. For example, when the main control unit is changed, the correction data is generated by a difference between a value unique to the main control unit before the change and a value unique to the main control unit after the change. As a result, the final expected value used for verification of the main control unit (expected expected value after correction) itself is not transmitted from the main control unit to the peripheral part, so that the final expected value used for verification is stolen by a third party. Can be prevented.

  In addition, the main control unit transmits the correction data at an arbitrary timing before transmitting the authentication data transmitted last among the authentication data for the number of divisions. Therefore, since the correction data and the authentication data for the number of divisions can be transmitted at random, the timing at which the correction data is transmitted, that is, the point where the correction process is performed can be prevented from being overlooked by a third party. Therefore, it is possible to further reduce risks such as leakage of information regarding expected values.

  The authentication data is generated by dividing the data stored in the main control unit. Since the division number is a value that only the main control unit knows, the third party cannot know the division number. For this reason, even if one authentication data is known to a third party, for example, it is possible to prevent a third party from knowing a value calculated by combining the authentication data for the number of divisions. Therefore, it is possible to further reduce risks such as leakage of information related to authentication.

  Further, the authentication data generation method (inspection value generation method and encryption method) at the next authentication is changed based on the number of divisions. In addition, the peripheral unit switches the calculation method used for generating the authentication data based on the number of authentication data when the authentication for the main control unit is established. For this reason, even if the authentication data for the number of divisions is stolen and reused by a third party, the peripheral portion is the same as when the authentication data for the stolen number of divisions is generated after the calculation method is switched. Using a calculation method different from the calculation method, the authentication data corresponding to the stolen number of divisions is calculated. As a result, after the binary operation is switched, the peripheral portion does not calculate a value that matches the expected value even when receiving authentication data for the number of divisions stolen by a third party. It is possible to determine that the authentication data for the number of divisions is invalid.

  The authentication data is generated by program data stored in the regular main control unit. When the value calculated using the authentication data matches the expected value corrected using the correction data, the main control unit can be authenticated as a regular main control unit. For this reason, it can be detected that the authorized main controller is replaced with an unauthorized substrate, or that an unauthorized substrate is attached between the authorized main controller and the peripheral portion. Further, when the main control unit is changed to another regular main control unit, it is possible to prevent the changed main control unit from being erroneously authenticated as an unauthorized substrate. Furthermore, if correction data and authentication data including control command data and accompanying data to be transmitted this time are generated, the reuse of correction data and authentication data by an illegal control board is prevented, and unauthorized use of electronic devices is prevented. Can be prevented.

  In addition, by not holding the fixed value, which is the final expected value (expected value after correction) itself used for collation of the main control unit, in the peripheral part, it is possible to limit the persons who can know the final expected value used for collation. In this case, specifically, for example, if the expected value correction process is not performed from the time of manufacture, the authentication is established in the process of temporarily authenticating the main control unit, and the authentication is not established in the authentication process. May be. As a result, it is possible to reduce risks such as leakage of information regarding expected values.

  In addition, the main control unit can add dummy data when transmitting a predetermined control command other than the timing of performing the correction process and the authentication process. The dummy data is data that is not used in the correction process or the authentication process. For example, the peripheral part can perform the dummy authentication process even before the correction process is performed. Therefore, the timing at which correction data and authentication data are transmitted, that is, the point where correction processing and authentication processing are performed, is prevented from being seen by a third party, and risks such as leakage of information on expected values and information on authentication are further reduced. can do.

  In addition, the peripheral portion can perform dummy authentication processing with the same processing time or the amount of heat generated during processing as when normal authentication data is received. As a result, it is possible to prevent a third party from knowing the timing at which regular authentication data is received in the peripheral portion, and the strength of authentication can be further increased.

  Further, the peripheral portion can perform the same processing as the correction processing because the processing time or the amount of heat generated during the processing is about the same as when the regular correction data is received. Thereby, it is possible to prevent a third party from knowing the timing at which the correct correction data is received in the peripheral portion.

  Moreover, in the electronic device (for example, pachinko gaming machine) according to the present embodiment, when the main control unit 201 transmits a jackpot command to the peripheral unit, an expected value for checking the main control unit 201 in the peripheral unit Correction processing is performed, and further authentication processing for authenticating the validity of the main control unit 201 is performed. Therefore, by changing only the timing design during the jackpot state, it is possible to cause the existing pachinko gaming machine to execute the correction process and the authentication process. In addition, compared to the case where correction processing and authentication processing are performed at the time of transmission of all control commands, authentication processing and correction processing are only performed during the period when the jackpot command is transmitted (period in which the jackpot state is in effect). The processing load on the control unit 201 and the peripheral unit can be reduced.

  Further, in the pachinko gaming machine according to the present embodiment, when the control command for adding the authentication data or the correction data is a jackpot command, the jackpot command is transmitted for each round of jackpot, so the jackpot state is constant. During the period, correction processing and authentication processing are performed. In this way, since the interval between the correction process and the authentication process is small, the accuracy of the authentication process can be improved, and fraud to the main control unit and the peripheral part can be detected more reliably.

  The control method for the main control unit and the peripheral units described in the present embodiment can be realized by executing a program prepared in advance on a computer such as a personal computer or a workstation. This program is stored in a computer-readable storage medium such as a hard disk, flexible disk, CD-ROM, MO, and DVD, and is executed by being read from the storage medium by the computer. The program may be a transmission medium that can be distributed via a network such as the Internet.

  As described above, the present invention is useful for an electronic device in which fraud to the control unit is concerned and a control board mounted on the electronic device, and in particular, a pachinko gaming machine, a slot gaming machine, and other various gaming machines. Suitable for

310 main control board 311 control command storage unit 312 data storage unit 313 correction data generation unit 314 determination unit 315 authentication data generation unit 316 dummy data generation unit 317 addition unit 318 transmission unit 330 peripheral board 331 reception unit 332 correction unit 333 calculation value storage Section 334 Authentication section 335 Notification signal output section

Claims (31)

An electronic apparatus comprising: a main control unit that transmits a control command; and a peripheral unit that performs predetermined processing based on the control command transmitted by the main control unit,
The main control unit
Data storage means for storing predetermined data;
Determining means for determining the number of divisions of the data stored in the data storage means (hereinafter referred to as “division number”);
Authentication data generation means for dividing the data in the data storage means into the number of divisions, and performing a binary operation satisfying a combining rule on each of the divided data to generate authentication data for the number of divisions When,
Correction data generation means for generating correction data for correction processing for correcting an expected value used for collation of the authentication data held in the peripheral portion and transmitted from the main control unit;
Dummy data generating means for generating dummy data of the authentication data or the correction data;
When the control command to be transmitted to the peripheral part is a predetermined control command, the authentication data for the number of divisions generated by the authentication data generation unit is added to the control command, and the authentication for the number of divisions is performed. If the control command transmitted to the peripheral part is a predetermined control command before adding the data, the correction data generated by the correction data generating means is added to the control command, and the correction data or Adding means for adding the dummy data generated by the dummy data generating means to a control command other than the control command to which the authentication data is added;
The control command to which the correction data is added (hereinafter referred to as “control command with correction data”), the control command to which the authentication data is added (hereinafter referred to as “control command with authentication data”), or the dummy data Transmitting means for transmitting the added control command (hereinafter referred to as “control command with dummy data”) to the peripheral part,
The peripheral portion is
Receiving means for receiving the control command with correction data, the control command with authentication data or the control command with dummy data transmitted by the main control unit;
When receiving the control command with correction data by the receiving means, correction means for correcting the expected value held in the peripheral portion using the control command with correction data,
A binary operation is performed on the authentication data for the number of divisions, and based on whether or not the value calculated by the binary operation matches the expected value corrected by the correction unit, Authenticating means for authenticating the main control unit,
The authentication device authenticates the main control unit when receiving the control command with dummy data by the receiving device.   The authentication means performs two or more types of binary operations that satisfy a combining law on the authentication data for the number of divisions, and any one of two or more values calculated by the binary operations is the expected value. The electronic apparatus according to claim 1, wherein the main control unit is authenticated based on whether the value matches the value. The authentication data generation means selects a binary operation to be used for generation of the authentication data next time from two or more binary operations satisfying a combining law based on the division number,
The authentication means determines whether the authentication is performed next time from the two or more binary operations based on the number of the authentication data subjected to the selected binary operation when the authentication to the main control unit is established. The electronic apparatus according to claim 1, wherein a binary operation to be used is selected. The authentication data generation means encrypts the authentication data by a predetermined encryption method,
The electronic device according to claim 1, wherein the authentication unit performs the authentication by decrypting the authentication data with a decryption method corresponding to the predetermined encryption method. The authentication data generation means changes the authentication data encryption method based on the number of divisions,
The authentication means changes a method of decrypting the authentication data based on the number of the authentication data subjected to the binary operation when the authentication with respect to the main control unit is established. Item 5. The electronic device according to Item 4.   The electronic apparatus according to claim 1, wherein the two or more binary operations are addition and exclusive OR operations.   When the authentication means receives the control command with dummy data by the receiving means, the authentication means omits the process of whether the value calculated using the dummy data matches the expected value, and The electronic device according to claim 1, wherein the control unit is authenticated.   The authentication unit authenticates the main control unit regardless of whether or not the value calculated using the control command with dummy data received by the receiving unit matches the expected value. The electronic device according to any one of claims 1 to 6.   The adding means adds the dummy data generated by the dummy data generating means to a control command between the start of adding the authentication data for the number of divisions and the end of adding the authentication data. Item 9. The electronic device according to any one of Items 1 to 8.   The electronic device according to claim 1, wherein the adding unit adds the correction data, the authentication data, or the dummy data to a similar type of control command.   The electronic device according to claim 1, wherein the adding unit adds the correction data, the authentication data, or the dummy data to different types of control commands.   When the main control unit is changed to another main control unit, the correction data generation unit uses the expected value held in the peripheral unit to collate data transmitted from the other main control unit. The electronic apparatus according to claim 1, wherein correction data for correcting the expected value to be used is generated.   The electronic device according to claim 1, wherein the correction data generation unit generates the correction data using a unique value stored in the data storage unit.   When the main control unit is changed to another main control unit, the correction data generating unit stores a unique value stored in the data storage unit and set in the main control unit before being changed. The electronic device according to claim 13, wherein a difference between the value and a unique value set in the other main control unit after being changed is generated as the correction data.   15. The electronic apparatus according to claim 13, wherein the correction data generation unit generates the correction data using the control command that adds the correction data together with the unique value.   The electronic device according to claim 1, wherein the correction data generation unit generates the correction data using program data stored in the data storage unit.   The electronic device according to claim 16, wherein the correction data generation unit generates the correction data using the control command that adds the correction data together with the program data.   The electronic device according to claim 1, wherein the authentication data generation unit generates the authentication data using program data stored in the data storage unit.   The electronic device according to claim 18, wherein the authentication data generation unit generates the authentication data using the control command that adds the authentication data together with the program data.   When the control command transmitted from the main control unit is the control command with correction data, the correction unit corrects the expected value held in the peripheral portion using the control command with correction data. The electronic device according to claim 1, wherein:   The correction means corrects the expected value held in the peripheral portion using the control command with correction data when the control command transmitted from the main control unit is the predetermined control command. The electronic device according to claim 1, wherein:   The correction means, when receiving the control command with dummy data by the receiving means, does not correct the value of the expected value held in the peripheral portion, and sends the control command with dummy data by the receiving means. The electronic apparatus according to claim 1, wherein the value of the expected value before reception is maintained. The peripheral portion is
The electronic apparatus according to claim 1, further comprising an output unit that outputs a notification signal when the main control unit is not authenticated by the authentication unit. An electronic device according to any one of claims 1 to 23,
A main control unit transmits the control command with authentication data, and a peripheral unit performs an authentication process based on the control command with authentication data transmitted by the main control unit. A main control board that is mounted on an electronic device and transmits a control command to perform a predetermined process on a peripheral board,
Data storage means for storing predetermined data;
Determining means for determining the number of divisions of the data stored in the data storage means (hereinafter referred to as “division number”);
Authentication data generation means for dividing the data in the data storage means into the number of divisions, and performing a binary operation satisfying a combining rule on each of the divided data to generate authentication data for the number of divisions When,
Correction data generation means for generating correction data for correction processing for correcting an expected value used for collation of the authentication data held by the peripheral board and transmitted from the main control board;
Dummy data generating means for generating dummy data of the authentication data or the correction data;
When the control command to be transmitted to the peripheral board is a predetermined control command, the authentication data for the number of divisions generated by the authentication data generation unit is added to the control command, and the authentication for the number of divisions is performed. When the control command to be transmitted to the peripheral portion is a predetermined control command before finishing transmitting data, the correction data generated by the correction data generating means is added to the control command, and the correction data or Adding means for adding the dummy data generated by the dummy data generating means to a control command other than the control command to which the authentication data is added;
The control command to which the correction data is added (hereinafter referred to as “control command with correction data”), the control command to which the authentication data is added (hereinafter referred to as “control command with authentication data”), or the dummy data Transmitting means for transmitting the added control command (hereinafter referred to as “control command with dummy data”) to the peripheral board;
A main control board comprising:   The authentication data generation means selects a binary operation used for the next generation of the authentication data from two or more types of binary operations satisfying a combining law based on the number of divisions. The main control board according to 25. A peripheral board that is mounted on an electronic device and performs processing according to a control command transmitted from the main control board,
The control command (hereinafter referred to as “control command with correction data”) to which correction data for correcting an expected value used for collation of data transmitted by the main control board and transmitted by the main control board is added. The control command to which authentication data for authenticating the main control board is added (hereinafter referred to as “control command with authentication data”) or the control command to which dummy data of the authentication data or the correction data is added (hereinafter referred to as “control command with authentication data”). Receiving means for receiving "control command with dummy data"),
When receiving the control command with correction data by the receiving means, correction means for correcting the expected value held on the peripheral board using the control command with correction data;
A binary operation is performed on the authentication data for the number of divisions, and based on whether or not the value calculated by the binary operation matches the expected value corrected by the correction unit, Authenticating means for authenticating the main control board,
When the authentication means receives the control command with dummy data by the receiving means, the authentication means authenticates the main control board,
The authentication means performs two or more types of binary operations that satisfy a combining law on the authentication data for the number of divisions, and any one of two or more values calculated by the binary operations is the expected value. A peripheral board, wherein the main control board is authenticated based on whether or not the value matches. An authentication method in an electronic device comprising: a main control unit that transmits a control command; and a peripheral unit that performs predetermined processing based on the control command transmitted by the main control unit,
In the main control unit,
A determining step for determining the number of pieces of predetermined data stored in the data storage means (hereinafter referred to as “number of divisions”);
An authentication data generation step of dividing the data in the data storage step into the number of divisions, performing a binary operation satisfying a coupling rule for each of the divided data, and generating authentication data for the number of divisions When,
A correction data generating step for generating correction data for correction processing for correcting an expected value that is held in the peripheral portion and used for collation of the authentication data transmitted from the main control unit;
A dummy data generation step of generating dummy data of the authentication data or the correction data;
When the control command transmitted to the peripheral part is a predetermined control command, the authentication data for the number of divisions generated by the authentication data generation step is added to the control command, and the authentication for the number of divisions is performed. When the control command to be transmitted to the peripheral portion is a predetermined control command before adding the data, the correction data generated by the correction data generation step is added to the control command, and the correction data or An adding step of adding the dummy data generated by the dummy data generating step to a control command other than the control command to which the authentication data is added;
The control command to which the correction data is added (hereinafter referred to as “control command with correction data”), the control command to which the authentication data is added (hereinafter referred to as “control command with authentication data”), or the dummy data Transmitting the added control command (hereinafter referred to as “control command with dummy data”) to the peripheral part,
In the periphery,
Receiving the control command with correction data, the control command with authentication data, or the control command with dummy data transmitted by the main control unit;
When the control command with correction data is received by the receiving step, a correction step of correcting the expected value held in the peripheral portion using the control command with correction data;
A binary operation is performed on the authentication data for the number of divisions, and based on whether the value calculated by the binary operation matches the expected value corrected by the correction step, An authentication step of authenticating the main control unit,
The authentication method is characterized in that when the control command with dummy data is received in the receiving step, the main control unit is authenticated.   In the authentication step, two or more types of binary operations satisfying a coupling law are performed on the authentication data for the number of divisions, and any one of two or more values calculated by the binary operation is the expectation 29. The authentication method according to claim 28, wherein the main control unit is authenticated based on whether or not the value matches. In the authentication data generation step, based on the number of divisions, a binary operation used for generation of the authentication data next time is selected from two or more binary operations that satisfy a combining law,
In the authentication step, the next authentication is performed from the two or more types of binary operations based on the number of the authentication data subjected to the selected binary operation when the authentication with respect to the main control unit is established. 29. The authentication method according to claim 28, wherein a binary operation to be used for the selection is selected.   An authentication program causing a computer to execute the authentication method according to any one of claims 28 to 30.

Images