JP4398678B2 - Gaming machine control board with mutual authentication function - Google Patents

Description

[0001]
BACKGROUND OF THE INVENTION
  The present invention relates to a fraud monitoring device using a gaming machine control chip mounted on a control board of a gaming machine such as a pachinko machine.
[0002]
[Prior art]
  A conventional chip is a gaming device that monitors gaming machines installed in a gaming hall, and is provided in a plurality of gaming halls, a first monitoring means that monitors the gaming machines, and provided outside the gaming hall, A second monitoring means for monitoring a specific one of the plurality of first monitoring means, and the specific first monitoring means monitored by the second monitoring means is the other A gaming apparatus characterized by monitoring at least a part of the first monitoring means has been invented (Japanese Patent Laid-Open No. 10-314430).
[0003]
[Problems to be solved by the invention]
  With such a conventional chip, it is possible to monitor whether or not each gaming machine is legitimate. However, if the communication system is a general one, the communication procedure is detected by a third party and an illegal game is played. Even a machine may be insufficiently monitored. Furthermore, there are a number of control means installed in the gaming machine, such as a program control chip, a payout board chip, a voice control chip, etc., but even if one of these is replaced with an illegal chip, it cannot be checked sufficiently The inconvenience mentioned is also expected.
  Therefore, the present invention has been made in view of the drawbacks of the prior art, and by monitoring illegal actions against a control chip mounted on one gaming machine via another control chip, a safer chip can be obtained. The purpose is to provide.
  Conventionally, since the abnormality cannot be detected even if the sub-chip on the gaming machine control board is replaced, the CPU is loaded into the I / O chip or the like instead of the main CPU, and the illegal CPU is used while the gaming machine is operating. There was an act of cheating.
Therefore, the present invention detects that the chip has been replaced by mutually monitoring the main CPU, I / O chip or sub CPU on the control board, and thereafter, each main CPU, I / O chip or sub CPU. The purpose is to eliminate cheating on the chip by stopping the operation.
[0004]
[Means for Solving the Problems]
  That is, the present invention relates to a gaming machine control board in which a main CPU, a sub CPU and / or an I / O chip are mounted on a main board or a sub board.
  The main CPU and sub CPU are constituted by a gaming machine control CPU, an identification circuit, a chip individual ID number storage circuit, another chip-specific ID number storage circuit, a monitoring timer and reset circuit, and / or a random number generation circuit,
  The I / O chip comprises an identification circuit, a unique ID number storage circuit of another chip, an individual ID number storage circuit, a monitoring timer, a reset circuit, and / or a random number generation circuit.
  The main CPU and each sub CPU and / or I / O chip are star-connected through a communication line,
  The main CPU and sub CPU and / or I / O chip mutually store individual ID numbers of other chips, and the main CPU and sub CPU and / or I / O chip mutually confirm individual ID numbers. Configured to authenticate whether or not the mutual chip is legitimate
  When the connection request is made from the main CPU based on the device identification code of a predetermined sub CPU or I / O chip at the time of the mutual authentication, and the connection is returned from the sub CPU or I / O chip, the individual ID of the main CPU The sub CPU or I / O chip authenticates whether the main CPU is genuine or not based on the transmitted individual ID number of the main CPU, and then the individual ID of the sub CPU or I / O chip. The main CPU is configured to authenticate the individual ID number of the sub CPU or I / O chip by transmitting the numberThis object is achieved by a gaming machine control board having an authentication function.
[0005]
  According to the second aspect of the present invention, when the main CPU confirms the individual ID number of the sub CPU or I / O chip, the individual ID number stored in the ID number storage circuit of the main CPU and the sub CPU or I / O chip are used. Reset main CPU when sent individual ID number does not matchStop the device through the circuitIt is comprised so that it may do.
[0006]
  According to a third aspect of the present invention, a predetermined sub CPU or I / O chip is connected from the main CPU during the mutual authentication.deviceBased on a random number value generated by a random number generation circuit in the main CPU when a connection request is made based on the identification code and a returnable identification code is returned from the sub CPU or I / O chip.According to the created encryption keyThe encrypted individual ID number of the main CPU and the random number value are transmitted to the sub CPU or I / O chip, and the sub CPU or I / O chip side is based on the transmitted random number value.According to the created encryption keyBased on the random number value generated by the sub CPU or the random number generation circuit of the I / O chip after authenticating whether the individual ID number of the main CPU received after decrypting the encrypted individual ID number is authentic.According to the created encryption keyIndividual ID number of encrypted sub CPU or I / O chip andThisBased on the random value sent by the main CPU by sending the random valueAccording to the created encryption keyThis is a gaming machine control board having a star-connected mutual authentication function configured to authenticate whether or not the sub CPU or I / O chip is authentic after decrypting the encrypted individual ID number.
[0007]
  According to a fourth aspect of the present invention, a predetermined sub CPU or I / O chip is connected from the main CPU during the mutual authentication.deviceA connection request is made based on the identification code, and a random number value R1 generated by a random number generation circuit in the main CPU is encrypted according to a predetermined protocol when a connectable return identification code is returned from the sub CPU or I / O chip. The sub CPU or the I / O chip side stores the transmitted random number value R1 and encrypts and transmits the random number value R2 generated by the random number generation circuit according to a predetermined protocol, and the main CPU transmits the random number value R2. Was created based on the random number values R1 and R2.Encryption key k3Based onEncryptedThe individual ID number of the main CPU is transmitted to the sub CPU or I / O chip, and the received sub CPU or I / O chip is created based on the stored random number values R1 and R2.Encryption key k3The encrypted individual ID number is decrypted in accordance with the above, and the individual ID number stored in the other chip individual ID number storage circuit is collated in advance, and stored in the individual ID number storage circuit if they match. Your own ID numberEncryption key k3The encrypted data is transmitted to the main CPU in accordance with the received encrypted individual ID number.Encryption key k3The ID is decrypted based on the ID and collated with the individual ID number stored in the other chip individual number storage circuit. If the ID numbers match, the mutual authentication is terminated and the process proceeds to collation with the next sub CPU or I / O chip. It is a gaming machine control board having a mutual authentication function connected in a star configuration.
[0008]
  In the invention of claim 5, the random number values R1, R2 generated from the random number generation circuit are always random number values.etcStored in the storage circuit,It is configured to use the stored fixed random values R1, R2,Between main CPU and sub CPU or I / O chip that perform mutual authenticationEncryption key k3Is a game machine control board having a mutual authentication function connected in a star configuration so as to be always constant.
  The invention of claim 6Of the main CPUStored in the individual ID number storage circuitMaineThe individual ID numbers (MID) are all the same fixed value, and the random values R1 and R2 generated from the random number generation circuit have a star-connected mutual authentication function configured to use a new one for each authentication. A gaming machine control board.
[0009]
  ClaimThe invention of 7In the gaming machine control board in which the main CPU, sub CPU and I / O chip are mounted on the main board or sub board,
  The main CPU and sub CPU are constituted by a gaming machine control CPU, an identification circuit, a chip individual ID number storage circuit, another chip-specific ID number storage circuit, a monitoring timer and reset circuit, and / or a random number generation circuit,
  The I / O chip comprises an identification circuit, a unique ID number storage circuit of another chip, an individual ID number storage circuit, a monitoring timer, a reset circuit, and / or a random number generation circuit.
  The main CPU and each sub CPU and I / O chip are ring-connected via a communication line, and the main CPU, sub CPU and I / O chip store the individual ID numbers of other chips adjacent to each other. Consists of
  The main CPU, I / O chip and sub CPU authenticate the individual ID number of the adjacent main CPU, I / O chip or sub CPU,
  The main CPU, I / O chip or sub CPU to be authenticated is adjacent to the main CPU, I / O chip connected in a ring by collating the individual ID numbers of the adjacent main CPU, I / O chip or sub CPU. Or it is configured to sequentially check the individual ID numbers of the sub CPUs,
  At the time of the authentication, a connection request is sent from the main CPU, I / O chip or sub CPU to the adjacent main CPU, I / O chip or sub CPU, and connection is possible from the adjacent main CPU, I / O chip or sub CPU. Is sent from the main CPU, I / O chip or sub CPU, and the CPU, I / O chip or sub CPU side of the adjacent device sends the main CPU based on the transmitted individual ID number. , Authenticate whether the I / O chip or sub CPU is genuine, and then the main CPU, I / O chip or sub CPU of the adjacent device transmits the individual ID number, thereby causing the main CPU, I / O This object is achieved by a gaming machine control board having an authentication function configured such that a chip or sub CPU authenticates an individual ID number of an adjacent device. That.
[0010]
  According to the eighth aspect of the present invention, when the sub CPU, I / O chip or main CPU that has collated the individual ID number does not match the individual ID number of the CPU or I / O chip to be collated, the main CPU Reset I / O chip or sub CPUStop the device through the circuitConfigured toRing connectedA gaming machine control board having an authentication function.
[0011]
  According to a ninth aspect of the present invention, at the time of the authentication, a connection request is issued from the main CPU, I / O chip or sub CPU to the adjacent main CPU, I / O chip or sub CPU, and the adjacent main CPU, I / O The main CPU, I / O chip, or sub CPU individually encrypted based on the random number value generated by the random number generation circuit of the main CPU, I / O chip, or sub CPU when the connection is returned from the chip or sub CPU ID number andThisAfter transmitting the random number value, the adjacent main CPU, I / O chip or sub CPU side decrypts the encrypted individual ID number based on the transmitted random number value, and then the main CPU, I / O chip or sub CPU Individual ID of the main CPU, I / O chip or sub CPU which is authenticated based on the random number value generated by the main CPU, I / O chip or sub CPU random number generation circuit By transmitting the number and the random value, the main CPU, I / O chip or sub CPU decrypts the encrypted individual ID number based on the transmitted random number value and then the main CPU, I / O chip or sub of the adjacent device Configured to authenticate whether the CPU's individual ID number is legitimateRing connectedThis is a gaming machine control board.
  The invention of claim 10The table inspection device 80 is connected to the main CPU, sub CPU or I / O chip via the external communication means 40, and the individual ID number written in the individual ID storage circuit of the connected chip for each table is read offline. Star connection configured to allowRing connectedThis is a gaming machine control board.
[0012]
DETAILED DESCRIPTION OF THE INVENTION
  In the following, the invention will be described in detail according to the illustrated embodiment.
  FIG. 1 is an overall operation schematic diagram of an embodiment according to the present invention, in which 100 is a host computer and 200 is a storage means for indicating the database file. The host computer 100 is connected to the hall computers 400 in the halls A, B, C,._{A, B, C, ..., N}Connected with. Reference numeral 500 denotes a communication means of the host computer 100.
[0013]
  Next, FIG. 2 shows a hall computer 400 in each hall A, B, C,._{A, B, i, ..., N}And the gaming machine 600 installed in the hall₁, 600₂, 600₃, ..., 600_mThe hall computer 400i is connected to the main CPU 10 via the external communication means 40 of the gaming machine, and the table inspection apparatus 80 is also connected via the external communication means 40. Are connected to the main CPU 10. Further, the main CPU 10, the sub CPU 61, the I / O chips 201, 202, 203,... 20n and each I / O chip 63 of the sub board are connected by a separate communication line.
[0014]
  FIG. 3 is a block diagram of a gaming machine control board of the type in which the main CPU 10 and the external communication means 40 are connected for mutual monitoring, and FIG.₁FIG. 6 is a block diagram of a gaming machine control board of a type in which the sub CPU 61 and the external communication means 40 are connected.
[0015]
  In FIG. 3, reference numeral 1 denotes a main board, and the main board is connected to the main CPU 10 and the I / O chip 20 connected via the bus line 2.₁~ 20_nThe I / O chip 20₁~ 20_nCorresponding to the dispensing board 60₁, Audio circuit board 60i, winning sensor 5, display 6 and the like, interface circuit 30₁~ 30_nAnd an external communication means 40 connected to the monitoring device 50. 60₁, 60_iIs a sub-board for controlling various devices (payout device 3, speaker 4) of the gaming machine. Note that the winning sensor 5 and the display 6 are provided on the payout board 60.₁And sound board 60_iThe same sub-board may be used.
[0016]
  Each sub-board 60₁, 60_i3 includes a sub CPU 61, an interface circuit 62 with the main CPU 10, an I / O chip 63, a payout device 3 and an interface circuit 64 with the speaker circuit 4, and the sub CPU 61, the payout device 3 and the speaker. The interface circuit 64 with the circuit 4 and the I / O chip 63 are connected via a bus line 65, and the sub CPU 61 and the I / O chip 63 are connected to the main CPU 10 of the main board 1 via a communication line. The I / O chip 63 is connected to the interface circuit 30 of the main board 1 via the interface circuit 62. _i Connected with. In this embodiment, the I / O chip 20₁, 20₂, ... 20_nIs connected to the main CPU 10 via a communication line. As a result, the main CPU 10 and the I / O chip 20₁, 20₂, ... 20_nThe plurality of sub CPUs 61 and the plurality of I / O chips 63 are star-connected around the main CPU 10.
  The above embodiment is configured to perform mutual authentication among the main CPU 10, the sub CPU 61, and the I / O chip. However, the present invention is not limited to this, and implementation as shown in FIGS. The invention also applies in the case of examples. FIG. 20 shows the main CPU 10 and the I / O chip 20 connected via the bus line 2.₁The I / O chip 20₁Interface circuit 30 connected to ₁ In addition, the main circuit board 1 includes the main CPU 10 and the external communication unit 40 connected to the monitoring device 50, and the interface circuit 30 of the main circuit board 1. ₁ It is connected to the payout device 3 via. In such a case, simply the main CPU 10 and the I / O chip 20₁Is an embodiment that performs mutual authentication. FIG. 21 is a block diagram showing an embodiment in which the main CPU 10 and the sub CPU 61 are used for mutual authentication in the embodiment of FIG. 20 and 21 also correspond to the star connection in the present invention.
[0017]
  Next, what is shown in FIG. 5 is a block diagram showing the configuration of the main CPU 10. The main CPU 10 includes a gaming machine control CPU 10a, a boot RAM 10b, a boot ROM 10c, a user RAM 10d and a user ROM 10e connected to the CPU 10a by a bus. Watchdog timer circuit 10f for monitoring runaway and normal operation of the system, illegal address execution prohibition circuit 10g for prohibiting access to areas other than a predetermined address area, timer circuit 10h used by the user program, user program A security check circuit 10i for checking whether the tampering is tampered with, a clock circuit 10j for supplying a clock to the gaming machine control CPU 10a, and a reset signal to the gaming machine control CPU 10a And a reset circuit 10k, a random number generation circuit 10m for generating a random number for the mutual authentication,
  Generated from the random number value R1 transmitted from the main CPU 10, the random number value R2 transmitted from the other chip (the mutual authentication partner such as the sub CPU 61 or the I / O chip 63), and the random number values R 1 and R 2.Encryption key k3A random number value storage circuit 10n for storing
  An individual ID number storage circuit 10p for storing an individual ID number of the main CPU 10, and an I / O chip 20 of the main board connected for communication₁, 20₂, ... 20_nThe other chip ID number storage circuit 10q for storing the individual ID numbers of the sub CPU 61 and the I / O chip 63 of the sub board.
  In the case of a slave station, when communicating with a star station, it communicates with the master station chip.When connected with a ring, it communicates with the upstream chip. At the time of ring connection, it has a lower communication port that communicates to the lower chip, and encrypts or decrypts the transmission / reception data based on a predetermined encryption algorithm, and transmits the encrypted data to the master station (upper) or slave (lower) chip. Control that transmits and receives control data, performs mutual authentication processing, stores the mutual authentication determination result, and stops the main CPU 10 by resetting the gaming machine control CPU 10a via the reset circuit 10k according to the mutual authentication determination result An identification circuit 10r for performing
  The external communication means 40 communicates with an external device (a monitoring device 50 such as a hall computer connected via the external communication means 40 or an inspection device 80 directly connected to the substrate), and is stored in the identification circuit 10r. An external communication circuit 10s for outputting the mutual authentication result,
  When the identification circuit 10r that performs mutual authentication monitors the response of the other party at the time of link establishment and there is no response, it is regarded as an error, and when operating as a master station (master) after link establishment, when performing mutual authentication at a predetermined interval Predetermined time t ₀ Each time the mutual authentication is activated and the response from other chips is monitored by a timer and there is no response, it is regarded as an error. When operating as a slave (slave), the response from the master station (master) is monitored by the timer and there is no response A monitoring timer 10t for an error, and
  Mutual authentication information on whether to perform mutual monitoring between chips, mutual monitoring by star connection, or mutual authentication by ring connection, and whether there is connection other than own device, own device is master station (master) Or a monitoring information storage circuit 10u that stores the device identification code to be monitored.
  The random number generation circuit 10m, the random number value storage circuit 10n, the individual ID number storage circuit 10p, the other chip ID number storage circuit 10q, the identification circuit 10r, the monitoring timer 10t, and the monitoring information storage circuit 10u are mutually authenticated. The circuits are connected to each other around the identification circuit 10r. Further, the monitoring information storage circuit 10u is also connected from the gaming machine control CPU 10a, and stores the monitoring information stored in the user management area in the user ROM 10d when the power is turned on and when the system is reset.
[0018]
  FIG. 6 shows a sub board (dispensing board 6) in FIGS.0 ₁, Voice board 60 _i) Or a block diagram of the I / O chip 63 (20) in the main board 1, and a reset circuit 63a (20a) for performing a system reset,
The random number generation circuit 63m (20m), the random number R1 transmitted from the other chip (the mutual authentication partner such as the main CPU 10, the sub CPU 61, and another I / O chip), the random value R2 transmitted from the I / O chip and the random number Generated from the numbers R1 and R2Encryption key k3A random value storage circuit 63n (20n) for storing
  Individual ID number storage circuit 63p (20p) for storing its own individual ID number, other chip ID for storing individual ID numbers of other chips (mutual authentication counterparts such as main CPU 10, sub CPU 61 and other I / O chips) Number storage circuit 63q (20q),
In the case of a slave station, when communicating with a star station, it communicates with the master station chip.When connected with a ring, it communicates with the upstream chip. At the time of ring connection, it has a lower communication port that communicates to the lower chip, and encrypts or decrypts the transmission / reception data based on a predetermined encryption algorithm, and transmits the encrypted data to the master station (upper) or slave (lower) chip. Send and receive control dataDoAt the same time, mutual authentication processing is performed, the mutual authentication determination result is stored, and the input / output control circuit 63x (20x) and the input / output circuit 63y (20y) are reset via the reset circuit 63k according to the mutual authentication determination result. An identification circuit 63r (20r) for controlling,
  The external communication means 40 communicates with an external device (a monitoring device 50 such as a hall computer connected via the external communication means 40 or an inspection device 80 directly connected to the substrate), and an identification circuit 63r (20r) External communication circuit 63s (20s) that outputs the mutual authentication result stored in
  When the identification circuit 63r (20r) that performs mutual authentication monitors the response of the other party at the time of link establishment and does not receive a response, it is regarded as an error, and when operating as a master station (master) after link establishment, mutual identification is performed at predetermined intervals. When performing authentication, mutual authentication is activated every predetermined time t0 and the response from other chips is monitored by a timer. If there is no response, it is regarded as an error. When operating as a slave (slave), a response from the master station (master) is used. Monitoring timer 63t (20t) for monitoring the timer and making an error if there is no response, and
  The mutual authentication information set by the monitoring information setting circuit 63v (20v) by the external setting, whether mutual monitoring between chips, mutual monitoring by star connection, or mutual authentication by ring connection, A monitoring information storage circuit that stores its own device information as to whether there is a connection other than the device, whether its own device is set as a master station (master) or a slave station (slave), and the device identification code to be monitored as monitoring information 63u (20u), an address decoding circuit 63w (20w), an input / output control circuit 63x (20x), and an input / output circuit 63y (20y). The address decoding circuit 63w (20w) is connected to an address bus and is connected to an input / output circuit. 63y (20y) is connected to the data bus.
[0019]
  FIG. 7 is a block diagram showing the configuration in the sub CPU 61. The sub CPU 61 is a gaming machine control CPU 61a, a boot RAM 61b, a boot ROM 61c, a user RAM 61d and a user ROM 61e connected to the CPU 61a, and runaway and normal operation of the system. A watchdog timer circuit 61f for monitoring the operation, an illegal address execution prohibition circuit 61g for prohibiting the program from accessing an area other than a predetermined address area, a timer circuit 61h, and checking whether the user program has been tampered with. Security check circuit 61i, a clock circuit 61j for supplying a clock to the gaming machine control CPU 61a, a reset circuit 61k for transmitting a reset signal to the gaming machine control CPU 61a, and a random number of the sub CPU 61 Random number generation circuit 61m to be generated, random number value R2 transmitted by sub CPU 61, random number value R1 transmitted from another chip (main CPU 10, other sub CPU 61 or I / O chip 63 (20), etc.) and random number value R1 And generated from R2Encryption key k3A random number storage circuit 61n for storing the individual ID number storage circuit 61p for storing the individual ID number of the sub CPU 61,
  Other chip ID number storage circuit 61q for storing individual ID numbers of other chips (main CPU 10 or other sub CPU 61 or I / O chip 63 (20), etc.) connected for communication
  In the case of a slave station, when communicating with a star station, it communicates with the master station chip.When connected with a ring, it communicates with the upstream chip. At the time of ring connection, it has a lower communication port that communicates to the lower chip, and encrypts or decrypts the transmission / reception data based on a predetermined encryption algorithm, and transmits the encrypted data to the master station (upper) or slave (lower) chip. Control that transmits / receives control data, performs mutual authentication processing, stores the mutual authentication determination result, and stops the sub CPU 61 by resetting the gaming machine control CPU 61a via the reset circuit 61k based on the mutual authentication determination result The identification circuit 61r that performs the external device (such as a hall computer connected via the external communication unit 40) When the external communication circuit 61s that communicates with the visual device 50 or the inspection device 80) directly connected to the substrate and the identification circuit 61r that performs mutual authentication perform mutual authentication at a predetermined interval after the link is established, mutual authentication is activated every predetermined time t0. And a monitoring timer 61t that sends a signal to be regarded as an error when no transmission is made from the main CPU 10 or the I / O chip 63 (20) within a predetermined time ts;
  Mutual monitoring information required for mutual authentication between chips, whether mutual monitoring is performed by star connection or ring connection, and whether there is a connection other than its own device, It consists of its own device information, which is set as a master controller) or a slave station (slave), and a monitoring information storage circuit 61u which stores a device identification code to be monitored.
  The random number generation circuit 61m, the random number value storage circuit 61n, the individual ID number storage circuit 61p, the other chip ID number storage circuit 61q, the identification circuit 61r, the monitoring timer 61t, and the monitoring information storage circuit 61u are mutually authenticated. The circuits are connected to each other around the identification circuit 61r.
  Further, the monitoring information storage circuit 61u is also connected from the gaming machine control CPU 61a, and stores the monitoring information stored in the user management area in the user ROM 10d when the power is turned on and when the system is reset.
  The block diagram shown in FIG. 4 shows another embodiment in which the external communication means 40 is provided on the sub-board 60 instead of the main CPU 10, and the external communication means 40 is connected to the sub CPU 61. The star-connected main station (master controller) is not the main CPU 10 but the sub CPU 61 and is connected to the monitoring device 50. Similarly, the I / O chip 63 (20) may be the main station (master controller).
[0020]
  FIG. 19 shows a memory configuration of the user ROM 10e (or 61e) of the main CPU 10 and the sub CPU 61. The user ROM stores model information that stores a usergram for controlling a game, a model name, a manufacturer name, and the like.
  Setting information storing information to be set by the boot program such as an address indicating the RAM size and program execution range, and
  Monitoring information stored in the monitoring information storage circuit in the chip by boot processing at power-on or system reset, and stored in the information necessary for mutual monitoring between chips, and user program security at power-on and system reset Consists of security code for checking.
Monitoring information is the content of the mutual monitoring process,
00: Do not perform mutual monitoring,
01h: Mutual monitoring information in which the master station (master controller) selects and stores slave stations (slave devices) in sequence (star connection) and 02h: monitors adjacent upper and lower devices (ring connection);
As information that defines the operation of the device,
00h: No other device connected,
01h: Set as master station (master controller)
02h: own device information to be selected and stored as a slave (slave device)
A self-device identification code indicating the address of the self-device,
  Monitoring device identification code 1 used at the time of star connection or higher-level device identification code used at the time of ring connection as address information of the device to be monitored
Monitoring device identification code 2 used when connecting the star or lower device identification code used when connecting the ring
  Hereinafter, the monitoring device identification code 3 used at the time of star connection and
Other monitoring device identification codes used when connecting to the star
Stopper code (FF) for the boot program to recognize the end of setting
Consists of.
  Note that the data below the monitoring device identification code 3 is not set when used in ring connection.
[0021]
  In this embodiment, as shown in FIGS. 8 (a) and 8 (b), the individual ID number is stored in each chip at the time of manufacture in all chips in the mutual monitoring link for controlling the gaming machine (FIG. 8 (a)). In addition, the individual ID number is stored only in the main CPU, sub CPU or I / O chip that is the main station in the mutual monitoring link that controls the gaming machine, and is stored in the other sub CPU and / or I / O chip. If the ID number of the slave station is determined from the relationship between the main CPU or sub CPU or I / O chip of the master station and each device identification code of the slave station when the link is established with each chip without storing the individual ID number (FIG. 8B).
[0022]
  In the configuration described above, the chip according to the present embodiment performs monitoring and authentication between the chips by the following authentication procedures (1) to (6).
(1) When individual ID numbers are written in all chips, and random numbers generated from a random number generation circuit are not used for communication.
(2) When individual ID numbers are written in all chips and a random number value generated from a random number generation circuit is used for communication. (Random values are not exchanged during authentication)
(3) When individual ID numbers are written in all the chips and a random value generated from a random number generation circuit is used for communication. (Exchange random numbers at the time of authentication)
(4) When the individual ID number is stored only in the main CPU and the random number generated from the random number generation circuit is not used for communication.
(5) When the individual ID number is stored only in the main CPU and a random number value generated from a random number generation circuit is used for communication. (Random values are not exchanged during authentication)
(6) When the individual ID number is stored only in the main CPU and a random number value generated from a random number generation circuit is used for communication. (Exchange random numbers at the time of authentication)
[0023]
  Hereinafter, the link establishment procedure and the mutual authentication procedure between the main CPU, the sub CPU or the I / O chip in each of the procedures (1) to (6) will be described with reference to FIGS.
  In this embodiment, the main CPU 10 and another I / O chip 20₁, 20₂, 20₃, ... 20_nAnd a physical connection relationship with the sub CPU 61 or the I / O chip 63 of the sub board (the individual ID number (MID) of the main CPU and the individual ID number (SID) of another sub CPU or I / O chip are stored mutually) Link establishment procedure for establishing the connection) and an authentication procedure for mutual authentication of the stored individual ID numbers performed after the link establishment.
[0024]
(1) When individual ID numbers are written in all chips, and random numbers generated from a random number generation circuit are not used for communication. (FIG. 10).
a. Link establishment procedure
  First, a predetermined device identification code (D) stored in the monitoring information storage circuit 10u from the main CPU 10 of the main station when the power is turned on._nA connection request signal is transmitted to the sub CPU 61 or the I / O chips 63 and 20 of the slave station having the above. A connectable signal is returned from the sub CPU 61 or the I / O chip 63 (20) of the slave station that has received this.
  Next, an individual ID number (MID) of the main CPU 10 is transmitted from the main CPU 10 of the master station, and the sub CPU 61 or the I / O chip 63 (20) of the slave station is the main of the main CPU 10 of the master station.IndividualAfter obtaining the ID number (MID) and storing this (MID) in the individual ID number storage circuits 63q, 61q (20q), the individual ID number storage circuit 61p or 63p (in the sub CPU 61 or the I / O chip 63 (20)) 20p), the individual ID number (SID) of the sub CPU 61 or the I / O chip 63 (20) stored in the main station 10 is transmitted to the main CPU 10 of the master station, and the main CPU 10 of the master station sends the individual ID number (SID) of the slave station. Device identification code (D_n) And stored in the other chip ID number storage circuit 10q, and the connection with the sub CPU 61 or the I / O chip 63 (20) is disconnected. Then, the procedure proceeds to a procedure for establishing a link with the next sub CPU 61 or the I / O chip 63 (20).
  The device identification code (D) stored in the monitoring information storage circuit 10u of the main CPU 10 of the main station_n), The process proceeds to a procedure for establishing a link with the sub CPU 61 or the I / O chip 63 (20) of the next slave station.
[0025]
  In this way, the main CPU 10 serving as a master station sequentially accesses all sub CPUs 61 or I / O chips 63 (20) serving as slave stations having device identification codes (Dn) in order to establish links,
  It distributes its own individual ID number (MID) to the sub CPU 61 or I / O chip 63 (20) of each slave station, and all the individual IDs from the accessed sub CPU 61 or I / O chip 63 (20). A number (SID) is obtained and the device identification code (D_n) Corresponding to the other chip individual ID number storage circuit 10q.
  The sub CPU 61 or the I / O chip 63 (20) of the slave station stores the distributed individual ID number (MID) of the main CPU 10 of the master station in the other chip ID number storage circuit 61q or 63q (20q). In this way, the link establishment procedure between the master station and the slave station is completed.
  As a result, the main CPU 10 or sub CPU 61 or I / O chip 63 (20) serving as the master station and the main CPU 10 or sub CPU 61 or I / O chip 63 (20) serving as the slave station have individual ID numbers (MID, SID). They will hold each other.
[0026]
b. Mutual authentication procedure
  A device identification code (D) stored in the monitoring information storage circuit 10u from the main CPU 10 of the main station at a predetermined time interval after the link is established._nThe connection request signal is transmitted to the sub CPU 61 or the I / O chip 63 (20) of a predetermined slave station having
  A connectable signal is returned from the sub CPU 61 or the I / O chip 63 (20) of the slave station that has received this.
  Next, the main CPU 10 of the main stationIndividualThe ID number (MID) is transmitted, and the sub CPU 61 or the I / O chip 63 (20) of the slave station transmits the (MID) of the main CPU 10 of the master station stored in the other chip individual ID number storage circuit 61q (63q). MainIndividualThe identification circuit 61r (63r) determines whether or not the ID number (MID) matches. If the ID numbers (MID) do not match, the reset circuit 61k (63k) is driven and the system is reset to reset the sub CPU 61 or I of the slave station. The function of the / O chip 63 (20) is stopped.
  If they match, the individual ID number (SID) of the sub CPU 61 or the I / O chip 63 (20) of the slave station stored in the individual ID number storage circuit 61p (63p)._n) To the main CPU 10 of the main station. The main CPU 10 of the master station that has received the SID of the sub CPU 61 or the I / O chip 63 (20) of the slave station stored in the other chip individual ID number storage circuit 10p._nThe identification circuit 10r determines whether or not the received SID matches, and if not, the system is reset and the function of the main CPU 10 of the main station is stopped. If they match, the connection with the sub CPU 61 or the I / O chip 63 (20) of the slave station is cut and the mutual authentication is completed.
  The device identification code (D) stored in the monitoring information storage circuit 10u of the main CPU 10 of the main station_n), The process proceeds to the mutual authentication procedure with the sub CPU 61 or the I / O chip 63 (20) of the next slave station.
[0027]
  As described above, the main CPU 10 of the master station performs mutual authentication with the sub CPU 61 or the I / O chip 63 (20) of the slave station. In this embodiment, the mutual authentication is performed by the timer circuit 10t of the main CPU 10 of the master station. The response time from the sub CPU 61 or the I / O chip 63 of the slave station is monitored at a predetermined interval. If there is no response from the sub CPU 61 or the I / O chip 63 (20) of the slave station, the identification circuit 10r Resets via the reset circuit 10k and stops the function of the main CPU 10 of the main station.
  If the sub-CPU 61 or the I / O chip 63 (20) of the slave station does not receive a connection request for mutual authentication from the main CPU 10 of the master station at a predetermined interval, the identification circuit 61r or 63r (20r) is replaced with a reset circuit. Reset is performed via 61k or 63k (20k) to stop the function of the sub CPU 61 or the I / O chip 63 (20) of the slave station.
[0028]
(2) When individual ID numbers are written in all chips and a random number value generated from a random number generation circuit is used for communication. (Random values are not exchanged during authentication) (FIG. 11).
a. Link establishment procedure
  First, when the power is turned on, the device identification code (D_nA connection request signal is transmitted to the slave sub CPU 61 or the I / O chip 63 (20). A connectable signal is returned from the sub CPU 61 or the I / O chip 63 (20) of the slave station that has received this.
  Next, the main CPU 10 of the main station first stores the random number value R1 (hereinafter fixed) generated from the random number generation circuit 10m in the random number value storage circuit 10n, and the identification circuit 10r uses the encryption key k1 to execute a predetermined algorithm. The random number value R1 is encrypted based on the above, and the encrypted random number value R1 is transmitted to the sub CPU 61 or the I / O chip 63 (20) of the slave station.
  The sub CPU 61 or the I / O chip 63 (20) of the slave station uses the identification circuit 61r or 63r (20r) to transmit the random number value R1 encrypted and transmitted with the encryption key k1.Encryption key k1The received random number value R1 is obtained by decrypting and stored in the random number value storage circuit 61n or 63n (20n).
  Next, the random number value R2 (hereinafter fixed) generated from the random number generation circuit 61m or 63m (20m) is stored in the random value storage circuit 61n or 63n (20n), and the identification circuit 61r or 63r (20r) stores the encryption key k2. The random value R2 is encrypted based on a predetermined algorithm, and the encrypted R2 is transmitted to the main CPU 10 of the main station.
  The main CPU 10 of the master station that has received R2 encrypted by the encryption key k2 is first decrypted by the encryption key K2 in the identification circuit 10r, and the random value R2 of the sub CPU 61 or the I / O chip 63 (20) of the slave station. Is stored in the random number value storage circuit 10n. As a result, the random number value storage circuit 10n, 61n or 63n (20n) of the main CPU 10 of the master station and the sub CPU 61 of the slave station or the I / O chip 63 (20) has random number values R1 extracted from the respective random number generation circuits. , R2 are stored.
[0029]
  Next, the main CPU 10 of the main station based on the random number values R1 and R2 stored in the random number value storage circuit 10n.Encryption key k3(Later fixed)Encryption key k3After the identification circuit 10r encrypts the individual ID number (MID) stored in the individual ID number storage circuit 10p of the main CPU of the main station based on the information, the sub-CPU 61 or the I / O chip 63 (20) of the slave station Send to.
  The sub CPU 61 or the I / O chip 63 (20) of the slave station uses the received encrypted individual ID number (MID) based on the already obtained random number values R1 and R2.Encryption key k3After creatingEncryption key k3To obtain an individual ID number (MID). The individual ID number (MID) is stored in the individual ID number storage circuit 61q or 63q (20q) of another chip.
  The sub CPU 61 or the I / O chip 63 (20) of the slave stationEncryption key k3And the individual ID number (SID) stored in the individual ID number storage circuit 61p or 63p (20p) is encrypted and transmitted to the main CPU 10 of the main station.
  The main CPU 10 of the main station that has received the encrypted individual ID number (SID) has already acquired it.Encryption key k3And the individual ID number (SID) of the slave sub CPU 61 or the I / O chip 63 (20) is obtained. This is stored in the other chip ID number storage circuit 10q in a form corresponding to the device identification code (Dn) of the slave station, and the connection with the sub CPU 61 or the I / O chip 63 (20) of the slave station is disconnected.
  Then, according to the device identification code (Dn) stored in the monitoring information storage circuit 10u of the main CPU 10 of the master station, the process proceeds to a procedure for establishing a link with the sub CPU 61 or the I / O chip 63 (20) of the next slave station.
[0030]
  In this way, the main CPU 10 serving as a master station sequentially accesses all sub CPUs 61 or I / O chips 63 (20) serving as slave stations having device identification codes (Dn) in order to establish links,
  The random number value R1 is distributed to the sub CPU 61 or the I / O chip 63 (20) of each slave station, and all the individual random value R2 from the accessed sub CPU 61 or the I / O chip 63 (20) is accessed. Between the main CPU 10 of the master station and each sub CPU 61 or I / O chip 63 (20) of each slave station.Encryption key k3And the device identification code (D_n) Corresponding to the sub-CPU 61 or the I / O chip 63 (20) of each slave station, and distributes its own individual ID number (MID) to the sub-station of the accessed slave station. All the individual ID numbers (SIDs) are obtained from the CPU 61 or the I / O chip 63 (20), and the obtained device identification code (D_n) Corresponding to the other chip individual ID number storage circuit 10q.
  Further, the sub CPU 61 or the I / O chip 63 (20) of the slave station has the individual random number values R1 and R2 shared with the main CPU 10 of the master station.Encryption key k3Is stored in the random number value storage circuit 61n or 63n (20n), and the distributed individual ID number (MID) of the main CPU 10 is stored in the other chip ID number storage circuit 61q or 63q (20q). In this way, the link establishment procedure between the master station and the slave station is completed.
  As a result, the main CPU 10, sub CPU 61 or I / O chip 63 (20) serving as the master station and the main CPU 10, sub CPU 61 or I / O chip 63 (20) serving as the slave station share the random number values R 1 and R 2.Encryption key k3In addition, the individual ID numbers (MID, SID) are mutually held.
[0031]
b. Mutual authentication procedure
  A device identification code (D) stored in the monitoring information storage circuit 10u from the main CPU 10 of the main station at a predetermined time interval after the link is established._nA connection request signal is transmitted to the slave sub CPU 61 or the I / O chip 63 (20). A connectable signal is returned from the sub CPU 61 or the I / O chip 63 (20) of the slave station that has received this.
[0032]
  Next, the main CPU 10 of the main station obtains the new random number value R3 generated by the random number generation circuit 10m and obtains it by the above-described link establishment procedure.Encryption key k3Based on the above, the identification circuit 10r mixes the individual ID number (MID) stored in the individual ID number storage circuit and the random number value R3 and encrypts the encrypted data to the slave sub CPU 61 or the I / O chip 63 (20). Send to.
  The sub CPU 61 or the I / O chip 63 (20) of the slave station has already acquired the encrypted data by mixing the received individual ID number (MID) and the random value R3 in the link establishment procedure.Encryption key k3To obtain the MID and the random value R3. Further, the identification circuit 61r or 63r (20r) collates whether or not the acquired individual ID number (MID) of the main CPU 10 of the main station matches the MID already stored in the other chip individual ID number storage circuit. It authenticates whether the main CPU 10 of the station is authorized. If they do not match, the system is reset via the reset circuit 63k to stop the function of the slave sub CPU 61 or the I / O chip 63 (20). The process proceeds to a procedure for transmitting the individual ID number (SID) of the sub CPU 61 of the slave station or the I / O chip 63 (20).
  In this embodiment, the random number generation circuit 61m or 63m (20m) generates a new random number value R4, and the individual ID number (SID) stored in the individual ID number storage circuit 63p is mixed with the random number value R4 for encryption. I already got the data I didEncryption key k3Is transmitted to the main CPU 10 of the main station.
  The main CPU 10 of the main station receives the encrypted data obtained by mixing the received SID and the random value R4.Encryption key k3To obtain an individual ID number (SID) and a random value R4. The acquired individual ID number (SID) and a predetermined device identification code (D) stored in the other chip ID number storage circuit 10q_n) Is verified whether or not the SID that matches is matched. If they do not match, the system is reset via the reset circuit 10k to stop the function of the main CPU 10 of the master station, and if they match, the sub CPU 61 or the I / O chip 63 (20) of the slave station is determined to be regular. Then, the sub-CPU 61 or the I / O chip 63 (20) of the slave station is disconnected and the mutual authentication is completed.
[0033]
  The device identification code (D) stored in the monitoring information storage circuit 10u of the main CPU 10 of the main station_n), The process proceeds to the mutual authentication procedure with the sub CPU 61 or the I / O chip 63 (20) of the next slave station.
  In the above embodiment, MID and random value R3 and SID and random value R4 are mixed and encrypted.Encryption key k3Even if is the same every time, the MID and SID transmission / reception data at the time of mutual authentication will be different each time, making analysis difficult.
[0034]
  As described above, the main CPU 10 of the master station performs mutual authentication with the sub CPU 61 or the I / O chip 63 (20) of the slave station. In this embodiment, mutual authentication is performed by the timer circuit 10t of the main CPU 10 of the master station. The response time from the sub CPU 61 or the I / O chip 63 of the slave station is monitored at intervals, and if there is no response from the sub CPU 61 or the I / O chip 63 (20) of the slave station, the identification circuit 10r Reset is performed via the reset circuit 10k to stop the function of the main CPU 10 of the main station.
  If the sub-CPU 61 or the I / O chip 63 (20) of the slave station does not receive a mutual authentication connection request from the main CPU 10 of the master station at a predetermined interval, the identification circuit 61r or 63r (20r) is reset. Reset is performed via the circuit 61k or 63k (20k) to stop the function of the sub CPU 61 or the I / O chip 63 (20) of the slave station.
[0035]
(3) When the individual ID number is written in the chip and the random number value generated from the random number generation circuit is used for communication. (The random number value is exchanged at the time of authentication) (FIG. 12).
a. Link establishment procedure
  First, when the power is turned on, the device identification code (D_n) Is transmitted to the slave sub CPU 61 or the I / O chip 63 (20). A connectable signal is returned from the sub CPU 61 or the I / O chip 63 (20) of the slave station that has received this.
  Next, the main CPU 10 of the main station first stores the random number value R1 generated from the random number generation circuit 10m in the random number value storage circuit 10n, and the identification circuit 10r uses the encryption key k1 to determine the random number value based on a predetermined algorithm. R1 is encrypted, and the encrypted random value R1 is transmitted to the slave sub CPU 61 or the I / O chip 63 (20).
  The sub CPU 61 or the I / O chip 63 (20) of the slave station decrypts the random number value R1 encrypted and transmitted with the encryption key k1 with the encryption key k1 by the identification circuit 61r or 63r (20r) and transmits the random number value. R1 is acquired and stored in the random value storage circuit 61n or 63n (20n).
  Next, the random number value R2 generated from the random number generation circuit 61m or 63m (20m) is stored in the random number value storage circuit 61n or 63n (20n), and the identification circuit 61r or 63r (20r) uses the encryption key k2. The random number value R2 is encrypted based on the above algorithm, and the encrypted R2 is transmitted to the main CPU 10 of the main station. The main CPU 10 of the master station that has received R2 encrypted with the encryption key k2 first decrypts it with the encryption key K2 in the identification circuit 10r, and obtains the random value R2 of the sub CPU 61 or I / O chip 63 (20) of the slave station. It is acquired and stored in the random number value storage circuit 10n. As a result, the random number value storage circuit 10n, 61n or 63n (20n) of the main CPU 10 of the master station and the sub CPU 61 of the slave station or the I / O chip 63 (20) has random number values R1 extracted from the respective random number generation circuits. , R2 are stored.
[0036]
  Next, the main CPU 10 of the main station based on R1 and R2 stored in the random number value storage circuit 10n.Encryption key k3GenerateEncryption key k3Based on the above, the identification circuit 10r encrypts the individual ID number (MID) stored in the individual ID number storage circuit 10p of the main CPU 10 of the master station, and then sends it to the sub CPU 61 or the I / O chip 63 (20) of the slave station. Send to.
  The sub CPU 61 or the I / O chip 63 (20) of the slave station uses the received encrypted individual ID number (MID) based on the already obtained random number values R1 and R2.Encryption key k3After creatingEncryption key k3Based on the above, decryption is performed to obtain MID. This MID is stored in the individual ID number storage circuit 10q of another chip.
  The sub CPU 61 or the I / O chip 63 (20) of the slave stationEncryption key k3And the individual ID number (SID) stored in the individual ID number storage circuit 61p or 63p (20p) is encrypted and transmitted to the main CPU 10 of the main station.
  The main CPU 10 of the main station that has received the encrypted individual ID number (SID) has already acquired it.Encryption key k3And the individual ID number (SID) of the slave sub CPU 61 or the I / O chip 63 (20) is obtained. The individual ID number (SID) of the slave station is replaced with the device identification code (D_n) To the other chip ID number storage circuit 10q, and disconnect from the sub CPU 61 or the I / O chip 63 (20) of the slave station.
  The device identification code (D) stored in the monitoring information storage circuit 10u of the main CPU 10 of the main station_nAccordingly, the procedure proceeds to a procedure for establishing a link with the sub CPU 61 or the I / O chip 63 (20) of the next slave station.
[0037]
  In this way, the main CPU 10 serving as the main station sequentially receives the device identification code (D_n) To access all the sub-CPUs 61 or I / O chips 63 (20) as slave stations to establish a link,
  The random number value R1 is distributed to the sub CPU 61 or the I / O chip 63 (20) of each slave station, and all the individual random value R2 from the accessed sub CPU 61 or the I / O chip 63 (20) is accessed. Between the main CPU 10 of the master station and each sub CPU 61 or I / O chip 63 (20) of each slave station.Encryption key k3And the device identification code (D_n) Corresponding to the sub-CPU 61 or the I / O chip 63 (20) of each slave station, and distributes its own individual ID number (MID) to the sub-station of the accessed slave station. All the individual ID numbers (SIDs) are obtained from the CPU 61 or the I / O chip 63 (20), and the obtained device identification code (D_n) Corresponding to the other chip individual ID number storage circuit 10q.
  Further, the sub CPU 61 or the I / O chip 63 (20) of the slave station has the individual random number values R1 and R2 shared with the main CPU 10 of the master station.Encryption key k3Is stored in the random number value storage circuit 61n or 63n (20n), and the distributed individual ID number (MID) of the main CPU 10 is stored in the other chip ID number storage circuit 61q or 63q (20q). In this way, the link establishment procedure between the master station and the slave station is completed.
  As a result, the main CPU 10 or sub CPU 61 or I / O chip 63 (20) serving as the master station and the main CPU 10 or sub CPU 61 or I / O chip 63 (20) serving as the slave station share the random numbers R1 and R2.Encryption key k3In addition, the individual ID numbers (MID, SID) are mutually held.
[0038]
b. Mutual authentication procedure
  A device identification code (D) stored in the monitoring information storage circuit 10u from the main CPU 10 of the main station at a predetermined time interval after the link is established._nA connection request signal is transmitted to the slave sub CPU 61 or the I / O chip 63 (20). A connectable signal is returned from the sub CPU 61 or the I / O chip 63 (20) of the slave station that has received this.
  Next, the main CPU 10 of the main station first stores the random number value R1 generated from the random number generation circuit 10m in the random number value storage circuit 10n, and the identification circuit 10r uses the encryption key k1 to determine the random number value based on a predetermined algorithm. R1 is encrypted, and the encrypted random value R1 is transmitted to the slave sub CPU 61 or the I / O chip 63 (20).
  The sub CPU 61 or the I / O chip 63 (20) of the slave station decrypts the random number value R1 encrypted and transmitted with the encryption key k1 with the encryption key k1 by the identification circuit 61r or 63r (20r) and transmits the random number value. R1 is acquired and stored in the random value storage circuit 61n or 63n (20n).
  Next, the random number value R2 generated from the random number generation circuit 61m or 63m (20m) is stored in the random number value storage circuit 61n or 63n (20n), and the identification circuit 61r or 63r (20r) uses the encryption key k2 to obtain a predetermined value. The random number value R2 is encrypted based on the algorithm, and the encrypted R2 is transmitted to the main CPU 10 of the main station.
  The main CPU 10 of the master station that has received R2 encrypted with the encryption key k2 first decrypts it with the encryption key k2 in the identification circuit 10r, and obtains the random value R2 of the sub CPU 61 of the slave station or the I / O chip 63 (20). It is acquired and stored in the random number value storage circuit 10n. As a result, the random number value storage circuit 10n, 61n or 63n (20n) of the main CPU 10 of the master station and the sub CPU 61 of the slave station or the I / O chip 63 (20) has random number values R1 extracted from the respective random number generation circuits. , R2 are stored.
[0039]
  Next, the main CPU 10 of the main station obtains a new random number value R3 generated by the random number generation circuit 10m and then generates it based on R1 and R2 stored in the random number value storage circuit 10n.Encryption key k3The identification circuit 10r mixes the individual ID number (MID) stored in the individual ID number storage circuit with the random number value R3 and encrypts the encrypted data to the sub CPU 61 or the I / O chip 63 (20) of the slave station. Send to.
  The sub CPU 61 or the I / O chip 63 (20) of the slave station mixes the received individual ID number (MID) and the random number value R3 to the random number value storage circuit 61n or 63n (20n). Generated based on stored R1, R2Encryption key k3To obtain the MID and the random value R3.
  Further, the identification circuit 61r or 63r (20r) collates whether or not the acquired individual ID number (MID) of the main CPU 10 of the main station matches the MID already stored in the other chip individual ID number storage circuit. It authenticates whether the main CPU 10 of the station is authorized.
  If they do not match, the system is reset via the reset circuit 63k to stop the function of the slave sub CPU 61 or the I / O chip 63 (20). The process proceeds to a procedure for transmitting the individual ID number (SID) of the sub CPU 61 of the slave station or the I / O chip 63 (20).
  In this embodiment, the random number generation circuit 61m or 63m (20m) generates a new random number value R4, and the individual ID number (SID) stored in the individual ID number storage circuit 63p is mixed with the random number value R4 for encryption. I already got the data I didEncryption key k3Is transmitted to the main CPU 10 of the main station.
  The main CPU 10 of the main station receives the encrypted data obtained by mixing the received SID and the random value R4.Encryption key k3To obtain an individual ID number (SID) and a random value R4.
  The acquired individual ID number (SID) and a predetermined device identification code (D) stored in the other chip ID number storage circuit 10q_n) Is verified whether or not the SID that matches is matched. If they do not match, the system is reset via the reset circuit 10k to stop the function of the main CPU of the master station, and if they match, the sub CPU 61 or the I / O chip 63 (20) of the slave station is determined to be normal. Then, the sub-CPU 61 or the I / O chip 63 (20) of the slave station is disconnected and the mutual authentication is completed.
[0040]
  The device identification code (D) stored in the monitoring information storage circuit 10u of the main CPU 10 of the main station_n), The process proceeds to the mutual authentication procedure with the sub CPU 61 or the I / O chip 63 (20) of the next slave station.
  In the above embodiment, MID and random value R3 and SID and random value R4 are mixed and encrypted.Encryption key k3Even if is the same every time, the MID and SID transmission / reception data at the time of mutual authentication will be different each time, making analysis difficult.
  As described above, the main CPU 10 of the master station performs mutual authentication with the sub CPU 61 or the I / O chip 63 (20) of the slave station. In this embodiment, mutual authentication is performed by the timer circuit 10t of the main CPU 10 of the master station. The response time from the sub CPU 61 or the I / O chip 63 of the slave station is monitored at intervals, and if there is no response from the sub CPU 61 or the I / O chip 63 (20) of the slave station, the identification circuit 10r Reset is performed via the reset circuit 10k to stop the function of the main CPU 10 of the main station.
  If the sub-CPU 61 or the I / O chip 63 (20) of the slave station does not receive a connection request for mutual authentication from the main CPU 10 of the master station at a predetermined interval, the identification circuit 61r or 63r (20r) is replaced with a reset circuit. Reset is performed via 61k or 63k (20k) to stop the function of the sub CPU 61 or the I / O chip 63 (20) of the slave station.
[0041]
(4) When the individual ID number is stored only in the main CPU and the random number generated from the random number generation circuit is not used for communication. (FIG. 13).
a. Link establishment procedure
  First, a predetermined device identification code (D) stored in the monitoring information storage circuit 10u from the main CPU 10 of the main station when the power is turned on._nA connection request signal is transmitted to the slave sub CPU 61 or the I / O chip 63 (20).
A connectable signal is returned from the sub CPU 61 or the I / O chip 63 (20) of the slave station that has received this.
Next, an individual ID number (MID) of the main CPU 10 is transmitted from the main CPU 10 of the main station.
  The sub CPU 61 or the I / O chip 63 (20) of the slave station is the main of the main CPU 10 of the master station.IndividualAfter acquiring the ID number (MID) and storing it in the individual ID number storage circuit 61q or 63q (20q), the MID and the device identification code (D) of the sub CPU 61 or the I / O chip 63 (20) of the slave station_n), The slave individual ID number (SID) of the slave CPU 61 or the I / O chip 63 (20)._n) Is created and stored in the individual ID number storage circuit 63p (61p), and then the created slave individual ID number (SID) is created._n) To the main CPU 10 of the master station, and the main CPU 10 of the master station sends the slave individual ID number (SID)._n) For the device identification code (D_n) Is stored in the other chip ID number storage circuit 10q in a form corresponding to (), and the connection is disconnected.
  The device identification code (D) stored in the monitoring information storage circuit 10u of the main CPU 10 of the main station_n), The process proceeds to a procedure for establishing a link with the sub CPU 61 or the I / O chip 63 (20) of the next slave station.
[0042]
  In this way, the main CPU 10 serving as the main station sequentially receives device identification codes (D_n) To establish sub-links to all the sub CPUs 61 or I / O chips 63 (20) as slave stations, and to the sub CPU 61 or I / O chip 63 (20) of each slave station. Distribute individual ID numbers (MID) and all individual ID numbers (SIDs) from the sub CPU 61 or I / O chip 63 (20) of the accessed slave station_n) And obtain this device identification code (D_n) Corresponding to the other chip individual ID number storage circuit 10q.
  The sub CPU 61 or the I / O chip 63 (20) of the slave station stores the distributed individual ID number (MID) of the main CPU 10 of the master station in the other chip ID number storage circuit 61q or 63q (20q). In this way, the link establishment procedure between the master station and the slave station is completed.
As a result, the main CPU 10, sub CPU 61 or I / O chip 63 (20) serving as the master station and the main CPU 10, sub CPU 61 or I / O chip 63 (20) serving as the slave station have individual ID numbers (MID, SID)._n).
[0043]
b. Mutual authentication procedure
  A device identification code (D) stored in the monitoring information storage circuit 10u from the main CPU 10 of the main station at a predetermined time interval after the link is established._nA connection request signal is transmitted to the slave sub CPU 61 or the I / O chip 63 (20).
  A connectable signal is returned from the sub CPU 61 or the I / O chip 63 (20) of the slave station that has received this.
  Next, the main CPU 10 of the main stationIndividualThe ID number (MID) is transmitted, and the sub CPU 61 or the I / O chip 63 (20) of the slave station transmits the (MID) of the main CPU of the master station stored in the other chip individual ID number storage circuit 61q (63q). MainIndividualThe identification circuit 61r (63r) determines whether or not the ID number (MID) matches. If the ID numbers (MID) do not match, the reset circuit 61k (63k) is driven and the system is reset to reset the sub CPU 61 or I of the slave station. The function of the / O chip 63 (20) is stopped.
  If they match, the slave individual ID number (SID) of the slave sub CPU 61 or I / O chip 63 (20) stored in the individual ID number storage circuit 61p (63p)._n) To the main CPU 10 of the main station.
  The main CPU 10 of the master station that has received the SID of the sub CPU 61 or the I / O chip 63 (20) of the slave station stored in the other chip individual ID number storage circuit 10p._nThe identification circuit 10r determines whether or not the received SID matches, and if not, the system is reset and the function of the main CPU 10 of the main station is stopped. If they match, the connection with the sub CPU 61 or the I / O chip 63 (20) of the slave station is cut and the mutual authentication is completed.
[0044]
  The device identification code (D) stored in the monitoring information storage circuit 10u of the main CPU 10 of the main station_n), The process proceeds to the mutual authentication procedure with the sub CPU 61 or the I / O chip 63 (20) of the next slave station.
[0045]
  As described above, the main CPU 10 of the master station performs mutual authentication with the sub CPU 61 or the I / O chip 63 (20) of the slave station. In this embodiment, the mutual authentication is performed by the timer circuit 10t of the main CPU 10 of the master station. The response time from the sub CPU 61 or the I / O chip 63 of the slave station is monitored at a predetermined interval. If there is no response from the sub CPU 61 or the I / O chip 63 (20) of the slave station, the identification circuit 10r Resets via the reset circuit 10k and stops the function of the main CPU 10 of the main station.
  In the sub CPU 61 or the I / O chip 63 (20) of the slave station, if the connection request for mutual authentication from the main CPU 10 of the master station does not come at a predetermined interval, the identification circuit 61r or 63r (20r) is reset. Reset is performed via the circuit 61k or 63k (20k) to stop the function of the sub CPU 61 or the I / O chip 63 (20) of the slave station.
[0046]
(5) When the individual ID number is written only in the main CPU and a random number value generated from the random number generation circuit is used for communication. (Random values are not exchanged during authentication) (FIG. 14).
a. Link establishment procedure
  First, when the power is turned on, the device identification code (D_n) Is transmitted to the sub CPU 61 or the I / O chip 63 (20) (slave station) of the slave station.
  A connectable signal is returned from the sub CPU 61 or the I / O chip 63 (20) of the slave station that has received this.
[0047]
  Next, the main CPU 10 of the main station first stores the random number value R1 (hereinafter fixed) generated from the random number generation circuit 10m in the random number value storage circuit 10n, and the identification circuit 10r uses the encryption key k1 to execute a predetermined algorithm. The random number value R1 is encrypted based on the above, and the encrypted random number value R1 is transmitted to the sub CPU 61 or the I / O chip 63 (20) of the slave station.
  The sub CPU 61 or the I / O chip 63 (20) of the slave station uses the identification circuit 61r or 63r (20r) to transmit the random number value R1 encrypted and transmitted with the encryption key k1.Encryption key k1The received random number value R1 is obtained by decrypting and stored in the random number value storage circuit 61n or 63n (20n).
  Next, the random number value R2 (hereinafter fixed) generated from the random number generation circuit 61m or 63m (20m) is stored in the random value storage circuit 61n or 63n (20n), and the identification circuit 61r or 63r (20r) stores the encryption key k2. The random number value R2 is encrypted based on a predetermined algorithm, and the encrypted random number value R2 is transmitted to the main CPU 10 of the main station.
  The main CPU 10 of the master station that has received R2 encrypted with the encryption key k2 first decrypts it with the encryption key k2 in the identification circuit 10r, and obtains the random value R2 of the sub CPU 61 of the slave station or the I / O chip 63 (20). It is acquired and stored in the random number value storage circuit 10n. As a result, the random number value storage circuit 10n, 61n or 63n (20n) of the main CPU 10 of the master station and the sub CPU 61 of the slave station or the I / O chip 63 (20) has random number values R1 extracted from the respective random number generation circuits. , R2 are stored.
[0048]
  Next, the main CPU 10 of the main station based on R1 and R2 stored in the random number value storage circuit 10n.Encryption key k3(Later fixed)Encryption key k3After the identification circuit 10r encrypts the individual ID number (MID) stored in the individual ID number storage circuit 10p of the main CPU of the main station based on the information, the sub-CPU 61 or the I / O chip 63 (20) of the slave station Send to.
  The sub CPU 61 or the I / O chip 63 (20) of the slave station is based on the received random numbers R1 and R2 that have already acquired the encrypted individual ID numbers (MID).Encryption key k3After creatingEncryption key k3To obtain an individual ID number (MID).
  After this individual ID number (MID) is stored in the individual ID number storage circuit 61q or 63q (20q) of another chip, the MID and the device identification code (D) of the slave sub CPU 61 or I / O chip 63 (20) are stored._n), The slave individual ID number (SID) of the slave CPU 61 or the I / O chip 63 (20)._n) Is created and stored in the individual ID number storage circuit 63p (61p).
[0049]
  The sub CPU 61 or the I / O chip 63 (20) of the slave stationEncryption key k3Based on the individual ID number (SID) stored in the individual ID number storage circuit 61p or 63p (20p)_n) Is transmitted to the main CPU 10 of the main station. Encryption individual ID number (SID_n) That received the main CPU 10 has already acquiredEncryption key k3Based on the individual ID number (SID of the sub CPU 61 or the I / O chip 63 (20) of the slave station._n). This is the device identification code (D_n) To the other chip ID number storage circuit 10q, and disconnect from the sub CPU 61 or the I / O chip 63 (20) of the slave station.
  The device identification code (D) stored in the monitoring information storage circuit 10u of the main CPU 10 of the main station_nAccordingly, the procedure proceeds to a procedure for establishing a link with the sub CPU 61 or the I / O chip 63 (20) of the next slave station.
[0050]
  In this way, the main CPU 10 serving as the main station sequentially receives device identification codes (D_n) To access all the sub-CPUs 61 or I / O chips 63 (20) as slave stations to establish a link,
  The random number value R1 is distributed to the sub CPU 61 or the I / O chip 63 (20) of each slave station, and all the individual random value R2 from the accessed sub CPU 61 or the I / O chip 63 (20) is accessed. Between the main CPU 10 of the master station and each sub CPU 61 or I / O chip 63 (20) of each slave station.Encryption key k3And the device identification code (D_n) Corresponding to the sub-CPU 61 or the I / O chip 63 (20) of each slave station, and distributes its own individual ID number (MID) to the sub-station of the accessed slave station. All individual ID numbers (SIDs) from the CPU 61 or the I / O chip 63 (20)_n) And obtain this device identification code (D_n) Corresponding to the other chip individual ID number storage circuit 10q.
  Further, the sub CPU 61 or the I / O chip 63 (20) of the slave station has the individual random number values R1 and R2 shared with the main CPU 10 of the master station.Encryption key k3Is stored in the random number value storage circuit 61n or 63n (20n), and the distributed individual ID number (MID) of the main CPU 10 is stored in the other chip ID number storage circuit 61q or 63q (20q). In this way, the link establishment procedure between the master station and the slave station is completed.
  As a result, the main CPU 10 or sub CPU 61 or I / O chip 63 (20) serving as the master station and the main CPU 10 or sub CPU 61 or I / O chip 63 (20) serving as the slave station share the random numbers R1 and R2.Encryption key k3In addition, the individual ID numbers (MID, SIDn) are held with each other.
[0051]
b. Mutual authentication procedure
  A device identification code (D) stored in the monitoring information storage circuit 10u from the main CPU 10 of the main station at a predetermined time interval after the link is established._nA connection request signal is transmitted to the sub CPU 61 or the I / O chip 63 (20) of a predetermined slave station having A connectable signal is returned from the sub CPU 61 or the I / O chip 63 (20) of the slave station that has received this.
[0052]
  Next, the main CPU 10 of the main station obtains the new random number value R3 generated by the random number generation circuit 10m and obtains it by the above-described link establishment procedure.Encryption key k3Based on the above, the identification circuit 10r mixes the individual ID number (MID) stored in the individual ID number storage circuit and the random number value R3 and encrypts the encrypted data to the slave sub CPU 61 or the I / O chip 63 (20). Send to.
  The sub CPU 61 or the I / O chip 63 (20) of the slave station has already acquired the encrypted data by mixing the received individual ID number (MID) and the random value R3 in the link establishment procedure.Encryption key k3To obtain the MID and the random value R3. Further, the identification circuit 61r or 63r (20r) collates whether or not the acquired individual ID number (MID) of the main CPU 10 of the main station matches the MID already stored in the other chip individual ID number storage circuit. It authenticates whether the main CPU 10 of the station is authorized.
  If they do not match, the system is reset via the reset circuit 63k to stop the function of the slave sub CPU 61 or the I / O chip 63 (20). Determine the individual ID number (SID) of the sub CPU 61 of the slave station or the I / O chip 63 (20)._n) In the present embodiment, the random number generation circuit 61m or 63m (20m) generates a new random number value R4 and the individual ID number (SID) stored in the individual ID number storage circuit 63p._n) And the random number value R4, the encrypted data has already been acquired.Encryption key k3Is transmitted to the main CPU 10 of the main station.
[0053]
  The main CPU 10 of the master station receives the received SID_nAnd encrypted data mixed with random number R4Encryption key k3Based on the individual ID number (SID_n) And a random value R4. Obtained individual ID number (SID_n) And a predetermined device identification code (D) stored in the other chip ID number storage circuit 10q._n) Is verified as to whether or not the SIDn that matches. If they do not match, the system is reset via the reset circuit 10k to stop the function of the main CPU of the master station, and if they match, the sub CPU 61 or the I / O chip 63 (20) of the slave station is determined to be normal. Then, the sub-CPU 61 or the I / O chip 63 (20) of the slave station is disconnected and the mutual authentication is completed.
[0054]
  The device identification code (D) stored in the monitoring information storage circuit 10u of the main CPU 10 of the main station_n), The process proceeds to the mutual authentication procedure with the sub CPU 61 or the I / O chip 63 (20) of the next slave station.
  In the above embodiment, MID and random value R3, SID_nMID and SID at the time of mutual authentication even if k3 is the same every time by mixing and encrypting random number R4_nThe transmitted / received data will be different each time, making analysis difficult.
[0055]
  As described above, the main CPU 10 of the master station performs mutual authentication with the sub CPU 61 of the slave station or the I / O chip 63 (20). In this embodiment, the mutual authentication is performed by the timer circuit 10t of the main CPU 10 of the master station. The response time from the sub CPU 61 or the I / O chip 63 of the slave station is monitored at a predetermined interval. If there is no response from the sub CPU 61 or the I / O chip 63 (20) of the slave station, the identification circuit 10r Resets via the reset circuit 10k and stops the function of the main CPU 10 of the main station.
  If the sub-CPU 61 or the I / O chip 63 (20) of the slave station does not receive a connection request for mutual authentication from the main CPU 10 of the master station at a predetermined interval, the identification circuit 61r or 63r (20r) is replaced with a reset circuit. Reset is performed via 61k or 63k (20k) to stop the function of the sub CPU 61 or the I / O chip 63 (20) of the slave station.
[0056]
(6) When the individual ID number is written in the chip and the random number value generated from the random number generation circuit is used for communication. (The random number value is exchanged at the time of authentication) (FIG. 15).
a. Link establishment procedure
  First, the device identification code (D) stored in the monitoring information storage circuit 10u from the main CPU 10 (main station) of the main station when the power is turned on._nA connection request signal is transmitted to the sub CPU 61 or the I / O chip 63 (20) of the predetermined slave station having A connectable signal is returned from the sub CPU 61 or the I / O chip 63 (20) of the slave station that has received this.
[0057]
  Next, the main CPU 10 of the main station first stores the random number value R1 generated from the random number generation circuit 10m in the random number value storage circuit 10n, and the identification circuit 10r uses the encryption key k1 to determine the random number value based on a predetermined algorithm. R1 is encrypted, and the encrypted random value R1 is transmitted to the slave sub CPU 61 or the I / O chip 63 (20).
  The sub CPU 61 or the I / O chip 63 (20) of the slave station uses the identification circuit 61r or 63r (20r) to transmit the random number value R1 encrypted and transmitted with the encryption key k1.Encryption key k1The received random number value R1 is obtained by decrypting and stored in the random number value storage circuit 61n or 63n (20n).
  Next, the random number value R2 generated from the random number generation circuit 61m or 63m (20m) is stored in the random number value storage circuit 61n or 63n (20n), and the identification circuit 61r or 63r (20r) uses the encryption key k2 to obtain a predetermined value. The random number value R2 is encrypted based on the algorithm, and the encrypted R2 is transmitted to the main CPU 10 of the main station.
  The main CPU 10 of the master station that has received R2 encrypted with the encryption key k2 first decrypts it with the encryption key K2 in the identification circuit 10r, and obtains the random value R2 of the sub CPU 61 or I / O chip 63 (20) of the slave station. It is acquired and stored in the random number value storage circuit 10n. As a result, the random number value storage circuit 10n, 61n or 63n (20n) of the main CPU 10 of the master station and the sub CPU 61 of the slave station or the I / O chip 63 (20) has random number values R1 extracted from the respective random number generation circuits. , R2 are stored.
[0058]
  Next, the main CPU 10 of the main station based on R1 and R2 stored in the random number value storage circuit 10n.Encryption key k3GenerateEncryption key k3After the identification circuit 10r encrypts the individual ID number (MID) stored in the individual ID number storage circuit 10p of the main CPU of the main station based on the information, the sub-CPU 61 or the I / O chip 63 (20) of the slave station Send to.
  The sub CPU 61 or the I / O chip 63 (20) of the slave station uses the received encrypted individual ID number (MID) based on the already obtained random number values R1 and R2.Encryption key k3After creatingEncryption key k3Based on the above, decryption is performed to obtain MID.
  After this MID is stored in the individual ID number storage circuit 10q of another chip, the MID and the device identification code (D) of the slave sub CPU 61 or I / O chip 63 (20) are stored._n), The slave individual ID number (SID) of the slave CPU 61 or the I / O chip 63 (20)._n) Is created and stored in the individual ID number storage circuit 63p (61p).
[0059]
  The sub CPU 61 or the I / O chip 63 (20) of the slave stationEncryption key k3Based on the individual ID number (SID) stored in the individual ID number storage circuit 61p or 63p (20p)_n) Is transmitted to the main CPU 10 of the main station. Encryption individual ID number (SID_n) That received the main CPU 10 has already acquiredEncryption key k3And the individual ID number (SID) of the sub CPU 61 of the slave station or the I / O chip 63 (20)._n). This is the individual ID number (SID) of the slave station_n) Device identification code (D_n) To the other chip ID number storage circuit 10q, and disconnect from the sub CPU 61 or the I / O chip 63 (20) of the slave station.
  The device identification code (D) stored in the monitoring information storage circuit 10u of the main CPU 10 of the main station_nAccordingly, the procedure proceeds to a procedure for establishing a link with the sub CPU 61 or the I / O chip 63 (20) of the next slave station.
[0060]
  In this way, the main CPU 10 serving as the main station sequentially receives device identification codes (D_n) To access all the sub-CPUs 61 or I / O chips 63 (20) as slave stations to establish a link,
  The random number value R1 is distributed to the sub CPU 61 or the I / O chip 63 (20) of each slave station, and all the individual random value R2 from the accessed sub CPU 61 or the I / O chip 63 (20) is accessed. Between the main CPU 10 of the master station and each sub CPU 61 or I / O chip 63 (20) of each slave station.Encryption key k3And the device identification code (D_n) Corresponding to the sub-CPU 61 or the I / O chip 63 (20) of each slave station, and distributes its own individual ID number (MID) to the sub-station of the accessed slave station. All individual ID numbers (SIDs) from the CPU 61 or the I / O chip 63 (20)_n) And obtain this device identification code (D_n) Corresponding to the other chip individual ID number storage circuit 10q.
  Further, the sub CPU 61 or the I / O chip 63 (20) of the slave station has the individual random number values R1 and R2 shared with the main CPU 10 of the master station.Encryption key k3Is stored in the random number value storage circuit 61n or 63n (20n), and the distributed individual ID number (MID) of the main CPU 10 is stored in the other chip ID number storage circuit 61q or 63q (20q). In this way, the link establishment procedure between the master station and the slave station is completed.
  As a result, the main CPU 10 or sub CPU 61 or I / O chip 63 (20) serving as the master station and the main CPU 10 or sub CPU 61 or I / O chip 63 (20) serving as the slave station share the random numbers R1 and R2.Encryption key k3And individual ID number (MID, SID)_n).
[0061]
b. Mutual authentication procedure
  A device identification code (D) stored in the monitoring information storage circuit 10u from the main CPU 10 of the main station at a predetermined time interval after the link is established._nA connection request signal is transmitted to the slave sub CPU 61 or the I / O chip 63 (20). A connectable signal is returned from the sub CPU 61 or the I / O chip 63 (20) of the slave station that has received this.
  Next, the main CPU 10 of the main station first stores the random number value R1 generated from the random number generation circuit 10m in the random number value storage circuit 10n, and the identification circuit 10r uses the encryption key k1 to determine the random number value based on a predetermined algorithm. R1 is encrypted, and the encrypted random value R1 is transmitted to the slave sub CPU 61 or the I / O chip 63 (20).
  The sub CPU 61 or the I / O chip 63 (20) of the slave station uses the identification circuit 61r or 63r (20r) to transmit the random number value R1 encrypted and transmitted with the encryption key k1.Encryption key k1The received random number value R1 is obtained by decrypting and stored in the random number value storage circuit 61n or 63n (20n). Next, the random number value R2 generated from the random number generation circuit 61m or 63m (20m) is stored in the random number value storage circuit 61n or 63n (20n), and the identification circuit 61r or 63r (20r) uses the encryption key k2 to obtain a predetermined value. The random number value R2 is encrypted based on the algorithm, and the encrypted R2 is transmitted to the main CPU 10 of the main station.
  The main CPU 10 of the master station that has received R2 encrypted with the encryption key k2 first decrypts it with the encryption key K2 in the identification circuit 10r, and obtains the random value R2 of the sub CPU 61 or I / O chip 63 (20) of the slave station. It is acquired and stored in the random number value storage circuit 10n. As a result, the random number value storage circuit 10n, 61n or 63n (20n) of the main CPU 10 of the master station and the sub CPU 61 of the slave station or the I / O chip 63 (20) has random number values R1 extracted from the respective random number generation circuits. , R2 are stored.
[0062]
  Next, the main CPU 10 of the main station obtains a new random number value R3 generated by the random number generation circuit 10m and then generates it based on R1 and R2 stored in the random number value storage circuit 10n.Encryption key k3The identification circuit 10r mixes the individual ID number (MID) stored in the individual ID number storage circuit with the random number value R3 and encrypts the encrypted data to the sub CPU 61 or the I / O chip 63 (20) of the slave station. Send to.
  The sub CPU 61 or the I / O chip 63 (20) of the slave station mixes the received individual ID number (MID) and the random number value R3 to the random number value storage circuit 61n or 63n (20n). Generated based on stored R1, R2Encryption key k3To obtain the MID and the random value R3. Further, the identification circuit 61r or 63r (20r) collates whether or not the acquired individual ID number (MID) of the main CPU 10 of the main station matches the MID already stored in the other chip individual ID number storage circuit. It authenticates whether the main CPU 10 of the station is authorized. If they do not match, the system is reset via the reset circuit 63k to stop the function of the slave sub CPU 61 or the I / O chip 63 (20). Determine the individual ID number (SID) of the sub CPU 61 of the slave station or the I / O chip 63 (20)._n) In the present embodiment, the random number generation circuit 61m or 63m (20m) generates a new random value R4 and the individual ID number (SID) stored in the individual ID number storage circuit 63p._n) And the random value R4, the encrypted data has already been acquired.Encryption key k3Is transmitted to the main CPU 10 of the main station.
[0063]
  The main CPU 10 of the main station receives the encrypted data obtained by mixing the received SIDn and the random value R4.Encryption key k3Based on the individual ID number (SID_n) And a random value R4. Obtained individual ID number (SID_n) And a predetermined device identification code (D) stored in the other chip ID number storage circuit 10q._n) Is verified as to whether or not the SIDn that matches. If they do not match, the system is reset via the reset circuit 10k to stop the function of the main CPU of the master station, and if they match, the sub CPU 61 or the I / O chip 63 (20) of the slave station is determined to be normal. Then, the sub-CPU 61 or the I / O chip 63 (20) of the slave station is disconnected and the mutual authentication is completed.
[0064]
  The device identification code (D) stored in the monitoring information storage circuit 10u of the main CPU 10 of the main station_n), The process proceeds to the mutual authentication procedure with the sub CPU 61 or the I / O chip 63 (20) of the next slave station.
  In the above embodiment, MID and random value R3, SID_nMID and SID at the time of mutual authentication even if k3 is the same every time by mixing and encrypting random number R4_nThe transmitted / received data will be different each time, making analysis difficult.
  As described above, the main CPU 10 of the master station performs mutual authentication with the sub CPU 61 or the I / O chip 63 (20) of the slave station. In this embodiment, mutual authentication is performed by the timer circuit 10t of the main CPU 10 of the master station. The response time from the sub CPU 61 or the I / O chip 63 of the slave station is monitored at intervals, and if there is no response from the sub CPU 61 or the I / O chip 63 (20) of the slave station, the identification circuit 10r Reset is performed via the reset circuit 10k to stop the function of the main CPU 10 of the main station.
  If the sub-CPU 61 or the I / O chip 63 (20) of the slave station does not receive a connection request for mutual authentication from the main CPU 10 of the master station at a predetermined interval, the identification circuit 61r or 63r (20r) is replaced with a reset circuit. Reset is performed via 61k or 63k (20k) to stop the function of the sub CPU 61 or the I / O chip 63 (20) of the slave station.
[0065]
  In the above-described embodiments (4) to (6), the individual ID number of the master station is received when the slave sub CPU 61 or the I / O chip 63 (20) receives the master station individual ID number from the master CPU 10. Device identification number (D_n) Is used to calculate the individual ID number of the sub CPU 61 or the I / O chip 63 (20) of the slave station, but the sub CPU 61 or the I / O chip 63 of the slave station responding on the main CPU 10 side of the master station. From the device identification code (Dn) of (20), the slave individual ID number (SID)_n) Is calculated from the slave sub CPU 61 or the I / O chip 63 (20), the slave individual ID number (SID)._n) Can be stored in the chip ID number storage circuit 10q in addition to the main CPU of the main station.
  In the embodiment shown in FIG. 3 or FIG. 4 and the embodiments (1) to (6) corresponding to FIG. 10 to FIG. 15, when the comparison result of the ID number of the comparison object does not match in the result of mutual authentication. The functions to be stopped are the gaming machine control CPUs 10a and 61a in the main CPU 10 and the sub CPU 61. The I / O chip 63 (20) is an input / output control circuit 63x (20x), an input / output circuit 63y (20y), and each main The CPU 10, the sub CPU 61, and the identification circuits 10r, 61r, and 63r (20r) of the I / O chip 63 (20) are externally read out by the external communication circuits 10s, 61s, and 63s (20s) of each chip. To do.
  In the above star connection embodiment, the main CPU 10 as the master station and the sub CPU 61 or the I / O chip 63 (20) as the slave station are star-connected to perform mutual authentication as needed, and all chips normally perform mutual authentication. Since all the chips operate normally during this time, the entire gaming machine functions normally.
  However, when the main CPU 10 of the master station is replaced with an illegal chip, the mutual authentication request does not reach the sub CPU 61 or the I / O chip 63 (20) of the slave station, so the sub CPU 61 or the I / O chip 63 (20 of the slave station). ) Times out and stops functioning, and if the sub CPU 61 or I / O chip 63 (20) of the slave station is replaced with an illegal chip, normal mutual authentication is not performed and the main CPU of the master station stops functioning Therefore, the function of the entire gaming machine is stopped when even one chip is replaced with an illegal chip.
[0066]
  FIG. 9 is a block diagram showing an embodiment in which adjacent chips are monitored in a ring connection instead of mutual monitoring between chips, and the difference from FIG. 3 is that the main CPU 10 and sub CPU 61 or I / O. The chip 63 (20) is not communicatively connected to each other,
(A) Main CPU 10 and sub CPU 61 or I / O chip 63 (20),
(B) the sub CPU 61 or the I / O chip 63 (20), the sub CPU 61 or the I / O chip 63 (20),
(C) The sub CPU 61 or the I / O chip 63 (20) is connected to the main CPU 10, and
  Mutual authentication is performed only between adjacent chips (ring connection state).
  Since the other configurations are the same as those in FIG. 3, the same numbers are given and the description thereof is omitted.
[0067]
  In the configuration described above, the sub-CPU 61 or the I / O chip 63 (20) connected in a ring according to the second embodiment is monitored between the chips by the following authentication procedures (1) to (3). Authentication is performed.
  The link establishment between the main CPU and the sub CPU 61 or the I / O chip 63 (20) and the mutual authentication procedure are the same as the above (1) to (3), so the link between the sub CPU 61 or the I / O chip 63 (20). Only the establishment and mutual authentication procedures are described.
(1) Individual ID numbers are written in all chips, and random numbers generated from a random number generation circuit are not used for communication.
(2) When individual ID numbers are written in all chips and a random number value generated from a random number generation circuit is used for communication. (Random values are not exchanged during authentication)
(3) When individual ID numbers are written in all the chips and a random value generated from a random number generation circuit is used for communication. (Exchange random numbers at the time of authentication)
[0068]
  Hereinafter, a link establishment procedure and an authentication procedure between the main CPU 10, the sub CPU 61, or the I / O chip 63 (20) in each of the procedures (1) to (3) will be described.
(1) Individual ID numbers are written in all chips, and random numbers generated from a random number generation circuit are not used for communication. (Fig. 16)
a. Link establishment procedure
  First, the device identification code (D_n) From the sub-CPU 61 of the main station or the I / O chip 63 (20) having a predetermined adjacent device identification code (D_{n + 1}The connection request signal is transmitted to the sub CPU 61 or the I / O chip 63 (20) of the slave station having the above. A connectable signal is returned from the sub CPU 61 or the I / O chip 63 (20) of the slave station that has received this.
  Next, the main station individual ID number (SID) stored in the main station individual ID number storage circuit 61p or 63p (20p) from the main station sub CPU 61 or I / O chip 63 (20)._n) Is transmitted, and the sub CPU 61 or the I / O chip 63 (20) of the slave station transmits the master station individual ID number (SID) of the sub CPU 61 or the I / O chip 63 (20) of the master station._n) Is acquired and stored in the other chip ID number storage circuit 61q or 63q (20q) of the slave station, and then stored in the individual ID number storage circuit 61p or 63p (20p) of the slave CPU 61 or I / O chip 63 (20). Slave individual ID number (SID)_{n + 1}) Is transmitted to the sub CPU 61 or the I / O chip 63 (20) of the master station, and the sub CPU 61 or the I / O chip 63 (20) of the master station transmits the slave station individual ID number (SID)._{n + 1}) Is stored in the other chip ID number storage circuit 61q or 63q (20q) to disconnect.
  Next, the sub CPU 61 or the I / O chip 63 (20) of the slave station becomes the master station, and the subordinate sub CPU 61 or the I / O chip 63 (20) which is adjacent to the slave CPU is the slave station and shifts to the link establishment procedure as needed.
[0069]
  In this way, the sub CPU 61 or the I / O chip 63 (20) serving as the main station accesses the sub CPU 61 or the I / O chip 63 (20) adjacent to the lower CPU as needed to establish a link. Adjacent IDs of each other (SID)_n, SID_{n + 1}) Device identification code (D_n) Corresponding to the other chip individual ID number storage circuit 61q or 63q (20q).
  As a result, all the main CPU 10, sub CPU 61 or I / O chip 63 (20) in the link and the adjacent main CPU 10, sub CPU 61 or I / O chip 63 (20) have individual ID numbers (MID, SID). They will hold each other.
[0070]
b. Mutual authentication procedure
  Device identification code (D_n) From the sub CPU 61 or the I / O chip 63 (20) of the main station having a predetermined adjacent device identification code (D_{n + 1}The connection request signal is transmitted to the sub CPU 61 or the I / O chip 63 (20) of the slave station having the above. A connectable signal is returned from the sub CPU 61 or the I / O chip 63 (20) of the slave station that has received this.
Next, the main station individual ID number (SID) from the sub CPU 61 of the main station or the I / O chip 63 (20)._n) Is transmitted to the slave station, and the sub CPU 61 or the I / O chip 63 (20) of the slave station receives the master station individual ID number (SID) stored in the other chip ID number storage circuit 61q or 63q (20q)._n) And the transmitted master station individual ID number (SID)_n) And the identification circuit 61r or 63r (20r) determines whether or not the sub-CPU 61 or I of the slave station by driving the reset circuit 61k or 63k (20k) and resetting the system. The function of the / O chip 63 (20) is stopped. If they match, the slave individual ID number (SID) stored in the slave sub CPU 61 or the I / O chip 63 (20) individual ID number storage circuit 61p or 63p (20p)._{n + 1}) To the sub CPU 61 or the I / O chip 63 (20) of the main station.
  The sub CPU 61 or the I / O chip 63 (20) of the master station that has received the slave station individual ID number (SID) stored in the other chip individual ID number storage circuit 61p or 63p (20p)._{n + 1}) And the received individual ID number (SID)_{n + 1}) Is determined by the identification circuit 61r or 63r (20r), and if it does not match, the system of the sub CPU 61 or the I / O chip 63 (20) of the main station is stopped by resetting the system. To do. If they match, the connection with the sub CPU 61 or the I / O chip 63 (20) is cut.
[0071]
  Then, the sub CPU 61 or the I / O chip 63 (20) of the slave station becomes the master station, and the subordinate sub CPU 61 or the I / O chip 63 (20) adjacent to the slave station is the slave station, and shifts to the link establishment procedure as needed.
[0072]
  As described above, the sub CPU 61 or the I / O chip 63 (20) of the master station performs mutual authentication using the adjacent sub CPU 61 or I / O chip 63 (20) as a slave station. Mutual authentication is performed at predetermined intervals by the timer circuit 61t or 63t (20t) of the sub CPU 61 or the I / O chip 63 (20), and the response time from the sub CPU 61 or the I / O chip 63 is monitored. When there is no response from the sub CPU 61 or the I / O chip 63 (20), the identification circuit 61r or 63r (20r) resets via the reset circuit 61k or 63k (20k), and the sub CPU 61 of the main station or The function of the I / O chip 63 (20) is stopped.
  Further, if the sub CPU 61 or the I / O chip 63 (20) of the slave station does not receive a connection request for mutual authentication of the sub CPU 61 or the I / O chip 63 (20) of the master station at a predetermined interval, the identification circuit 61r or 63r (20r) resets via the reset circuit 61k or 63k (20k) and stops the function of the sub CPU 61 or the I / O chip 63 (20) of the slave station.
[0073]
(2) When individual ID numbers are written in all chips and a random number value generated from a random number generation circuit is used for communication. (Random numbers are not exchanged during authentication) (Fig. 17)
a. Link establishment procedure
  First, when the power is turned on, the main unit's device identification code (D_n) From the sub CPU 61 or the I / O chip 63 (20) having a predetermined adjacent device identification code (D_{n + 1}The connection request signal is transmitted to the sub CPU 61 or the I / O chip 63 (20) of the slave station having the above. A connectable signal is returned from the sub CPU 61 or the I / O chip 63 (20) of the slave station that has received this.
  Next, the sub CPU 61 or the I / O chip 63 (20) of the main station transfers the random number value R1 generated from the random number generation circuit 61m or 63m (20m) to the random number value storage circuit 61n or 63n (20n). The identification circuit 61r or 63r (20r) encrypts the random value R1 based on a predetermined algorithm using the encryption key k1 and stores the encrypted random value R1 in the sub CPU 61 or the I / O chip of the slave station. 63 (20).
  The sub CPU 61 or the I / O chip 63 (20) of the slave station that has received the random value R1 encrypted with the encryption key k1 decrypts it with a predetermined algorithm by the identification circuit 61r or 63r (20r) based on the encryption key k1. To obtain the random value R1 of the sub CPU 61 or the I / O chip 63 (20) of the main station and store it in the random number value storage circuit 61n or 63n (20n).
  Next, the random number value R2 (hereinafter fixed) generated from the random number generation circuit 61m or 63m (20m) is stored in the random number value storage circuit 61n or 63n (20n) and the identification circuit 61r or 63r (20r) using the encryption key k2. ) Encrypts the random value R2 based on a predetermined algorithm, and transmits the encrypted R2 to the sub CPU 61 or the I / O chip 63 (20) of the main station.
  The sub CPU 61 or the I / O chip 63 (20) of the main station that has received the random value R2 encrypted with the encryption key k2 decrypts it with a predetermined algorithm by the identification circuit 61r or 63r (20r) based on the encryption key k2. The random number value R2 of the sub CPU 61 or the I / O chip 63 (20) of the slave station is acquired and stored in the random number value storage circuit 61n or 63n (20n).
  As a result, the random number values R1, R2 are stored in the random number value storage circuit 61n or 63n (20n) of the sub CPU 61 or I / O chip 63 (20) of the master station and the sub CPU 61 or I / O chip 63 (20) of the slave station. And will be stored.
[0074]
  Next, the sub CPU 61 or the I / O chip 63 (20) of the main station is based on R1 and R2 stored in the random number value storage circuit 61n or 63n (20n).Encryption key k3GenerateEncryption key k3The identification number 61r or 63r (20r) is used to identify the main station individual ID number (SID) stored in the individual ID number storage circuit 61p or 63p (20p) based on a predetermined algorithm._n) Is transmitted to the sub CPU 61 or the I / O chip 63 (20) of the slave station.
  The sub CPU 61 or the I / O chip 63 (20) of the slave station is based on the random number values R1 and R2 stored in the random number value storage circuit 61n or 63n (20n).Encryption key k3After creating the encrypted individual ID number (SID_n)Encryption key k3Using the identification circuit 61r or 63r (20r) based on a predetermined algorithm and decoding the master station individual ID number (SID)_n) And is stored in the other chip ID number storage circuit 61q or 63q (20q).
  Next, the slave sub CPU 61 or the I / O chip 63 (20)Encryption key k3Using the identification circuit 61r or 63r (20r), the slave individual number (SID) stored in the slave individual ID number storage circuit 61p or 63p (20p) based on a predetermined algorithm_{n + 1}) Is transmitted to the sub CPU 61 or the I / O chip 63 (20) of the main station. Slave individual ID number (SID)_{n + 1}), The sub CPU 61 or the I / O chip 63 (20) of the main stationEncryption key k3Using the identification circuit 61r or 63r (20r), based on a predetermined algorithm, and the slave individual ID number (SID)_{n + 1}) Is stored in the other chip ID number storage circuit 61q or 63q (20q) and the connection is disconnected.
  Then, the sub CPU 61 or the I / O chip 63 (20) of the slave station becomes the master station, and the subordinate sub CPU 61 or the I / O chip 63 (20) adjacent to the slave station is the slave station, and shifts to the link establishment procedure as needed.
[0075]
  In this way, the sub CPU 61 or the I / O chip 63 (20) serving as the main station accesses the sub CPU 61 or the I / O chip 63 (20) adjacent to the lower CPU as needed to establish a link. Random values R1, R2, and common between adjacent chipsEncryption key k3Are stored in each random number storage circuit 61n or 63n (20n), and each individual ID number (SID)_n, SID_{n + 1}) Device identification code (D_n) Corresponding to the other chip individual ID number storage circuit 61q or 63q (20q).
  As a result, all main CPUs 10, sub CPUs 61 or I / O chips 63 (20) in the link and other main CPUs 10, sub CPUs 61 or I / O chips 63 (20) adjacent to each other share random values R1, R2.Encryption key k3, And individual ID numbers (MID, SID).
[0076]
b. Mutual authentication procedure
  Master station device identification code (D_n) From the sub CPU 61 or the I / O chip 63 (20) having a predetermined adjacent device identification code (D_{n + 1}The connection request signal is transmitted to the sub CPU 61 or the I / O chip 63 (20) of the slave station having the above. A connectable signal is returned from the sub CPU 61 or the I / O chip 63 (20) of the slave station that has received this.
  Next, the sub CPU 61 or the I / O chip 63 (20) of the main station acquires a new random number value R3 generated by the random number generation circuit 61m or 63m (20m), and thenEncryption key k3Using the identification circuit 61r or 63r (20r), the main station individual ID number (SIDn) stored in the individual ID number storage circuit 61p or 63p (20p) and the random number value R3 are mixed and encrypted based on a predetermined algorithm. Data is transmitted to the sub CPU 61 or the I / O chip 63 (20) of the slave station.
  The sub CPU 61 or the I / O chip 63 (20) of the slave station receives the received master station individual ID number (SID)._n) And the random number value R3, the encrypted data has already been acquired.Encryption key k3Is decoded by a discriminating circuit 61r or 63r (20r) based on a predetermined algorithm, and the master station ID number (SID)_n) And a random value R3.
  Further, the slave station identification circuit 61r or 63r (20r) acquires the master station individual ID number (SID) of the acquired master CPU sub CPU 61 or I / O chip 63 (20)._n) Has already been stored in the individual ID number storage circuit 63p (61p, 20p) of the slave station._n) And the sub CPU 61 of the main station or the I / O chip 63 (20) is authenticated. If they do not match, the system is reset via the reset circuit 61k or 63k (20k) to stop the function of the sub CPU 61 or the I / O chip 63 (20) of the slave station. In the case of coincidence, it is determined that the sub CPU 61 or the I / O chip 63 (20) of the master station is normal, and the slave individual ID number (SID) of the sub CPU 61 or the I / O chip 63 (20) of the slave station is determined._{n + 1})
[0077]
  In this embodiment, after acquiring a new random number value R4 from the random number generator circuit 61m or 63m (20m) of the slave station,Encryption key k3Based on a predetermined algorithm by the identification circuit 61r or 63r (20r), the slave individual ID number (SID) stored in the slave individual ID number storage circuit 63p (61p, 20p) is used._{n + 1}) And the random number value R4 are mixed and transmitted to the sub CPU 61 or the I / O chip 63 (20) of the main station.
[0078]
  The sub CPU 61 or the I / O chip 63 (20) of the master station receives the received slave individual ID number (SID)._{n + 1}) And random number value R4 mixed data encryptedEncryption key k3The identification circuit 61r or 63r (20r) performs decoding based on a predetermined algorithm and uses the slave individual ID number (SID)._{n + 1}) And a random value R4. Acquired slave individual ID number (SID_{n + 1}) And the slave individual ID number (SID) stored in the other chip ID number storage circuit 61q or 63q (20q)_{n + 1}) Is verified, and if they do not match, the system is reset via the reset circuit 61k or 63k (20k), and the function of the sub CPU 61 or the I / O chip 63 (20) of the main station is established. Stop. In the case of coincidence, the sub CPU 61 or the I / O chip 63 (20) of the slave station is determined to be a regular one and the connection with the sub CPU 61 or the I / O chip 63 (20) is disconnected.
[0079]
  Then, the sub CPU 61 or the I / O chip 63 (20) of the slave station becomes the master station, and the subordinate sub CPU 61 or the I / O chip 63 (20) adjacent to the slave station is the slave station, and shifts to the link establishment procedure as needed.
[0080]
  As described above, the sub CPU 61 or the I / O chip 63 (20) of the master station performs mutual authentication using the adjacent sub CPU 61 or I / O chip 63 (20) as a slave station. Mutual authentication is performed at predetermined intervals by the timer circuit 61t or 63t (20t) of the sub CPU 61 or the I / O chip 63 (20), and the response time from the sub CPU 61 or the I / O chip 63 is monitored. When there is no response from the sub CPU 61 or the I / O chip 63 (20), the identification circuit 61r or 63r (20r) resets via the reset circuit 61k or 63k (20k), and the sub CPU 61 of the main station or The function of the I / O chip 63 (20) is stopped.
  Further, if the sub CPU 61 or the I / O chip 63 (20) of the slave station does not receive a connection request for mutual authentication of the sub CPU 61 or the I / O chip 63 (20) of the master station at a predetermined interval, the identification circuit 61r or 63r (20r) resets via the reset circuit 61k or 63k (20k) and stops the function of the sub CPU 61 or the I / O chip 63 (20) of the slave station.
[0081]
(3) When individual ID numbers are written in all the chips and a random value generated from a random number generation circuit is used for communication. (Exchange random numbers at the time of authentication) (FIG. 18)
a. Link establishment procedure
  First, when the power is turned on, the main unit's device identification code (D_n) From the sub CPU 61 or the I / O chip 63 (20) having a predetermined adjacent device identification code (D_{n + 1}The connection request signal is transmitted to the sub CPU 61 or the I / O chip 63 (20) of the slave station having the above. A connectable signal is returned from the sub CPU 61 or the I / O chip 63 (20) of the slave station that has received this.
  Next, the sub CPU 61 or the I / O chip 63 (20) of the main station stores the random number value R1 generated from the random number generation circuit 61m or 63m (20m) in the random number value storage circuit 61n or 63n (20n). Using the encryption key k1, the identification circuit 61r or 63r (20r) encrypts the random number value R1 based on a predetermined algorithm, and the encrypted random number value R1 is used as the slave sub CPU 61 or the I / O chip 63 (20). Send to.
  The sub CPU 61 or the I / O chip 63 (20) of the slave station that has received the random value R1 encrypted with the encryption key k1 uses the identification circuit 61r or 63r (20r) to decrypt it with a predetermined algorithm based on the encryption key k1. Then, the random number value R1 of the sub CPU 61 or the I / O chip 63 (20) of the main station is acquired and stored in the random number value storage circuit 61n or 63n (20n).
  Next, the random number value R2 generated from the random number generation circuit 61m or 63m (20m) is stored in the random number value storage circuit 61n or 63n (20n), and the identification circuit 61r or 63r (20r) uses the encryption key k2 to determine the predetermined value. The random value R2 is encrypted based on the algorithm, and the encrypted R2 is transmitted to the sub CPU 61 or the I / O chip 63 (20) of the main station.
  The sub CPU 61 or the I / O chip 63 (20) of the main station that has received the random value R2 encrypted with the encryption key k2 decrypts it with a predetermined algorithm by the identification circuit 61r or 63r (20r) based on the encryption key k2. The random number value R2 of the sub CPU 61 or the I / O chip 63 (20) of the slave station is acquired and stored in the random number value storage circuit 61n or 63n (20n).
  As a result, the random number values R1, R2 are stored in the random number value storage circuit 61n or 63n (20n) of the sub CPU 61 or I / O chip 63 (20) of the master station and the sub CPU 61 or I / O chip 63 (20) of the slave station. And will be stored.
[0082]
  Next, the sub CPU 61 or the I / O chip 63 (20) of the main station is based on R1 and R2 stored in the random number value storage circuit 61n or 63n (20n).Encryption key k3GenerateEncryption key k3The identification number 61r or 63r (20r) is used to identify the main station individual ID number (SID) stored in the individual ID number storage circuit 61p or 63p (20p) based on a predetermined algorithm._n) Is transmitted to the sub CPU 61 or the I / O chip 63 (20) of the slave station.
  The sub CPU 61 or the I / O chip 63 (20) of the slave station is based on the random number values R1 and R2 stored in the random number value storage circuit 61n or 63n (20n).Encryption key k3After creating the encrypted individual ID number (SID_n)Encryption key k3Using the identification circuit 61r or 63r (20r) based on a predetermined algorithm and decoding the master station individual ID number (SID)_n) And is stored in the other chip ID number storage circuit 61q or 63q (20q).
  Next, the slave sub CPU 61 or the I / O chip 63 (20)Encryption key k3Using the identification circuit 61r or 63r (20r), the slave individual number (SID) stored in the slave individual ID number storage circuit 61p or 63p (20p) based on a predetermined algorithm_{n + 1}) Is transmitted to the sub CPU 61 or the I / O chip 63 (20) of the main station. Slave individual ID number (SID)_{n + 1}), The sub CPU 61 or the I / O chip 63 (20) of the main stationEncryption key k3And the identification circuit 61r or 63r (20r) performs decoding based on a predetermined algorithm, and the individual ID number (SID) of the slave station_{n + 1}) Is stored in the other chip ID number storage circuit 61q or 63q (20q) and the connection is disconnected.
[0083]
  Then, the sub CPU 61 or the I / O chip 63 (20) of the slave station becomes the master station, and the subordinate sub CPU 61 or the I / O chip 63 (20) adjacent to the slave station is the slave station, and shifts to the link establishment procedure as needed.
[0084]
  In this way, the sub CPU 61 or the I / O chip 63 (20) serving as the main station accesses the sub CPU 61 or the I / O chip 63 (20) adjacent to the lower CPU as needed to establish a link. Random values R1, R2, and common between adjacent chipsEncryption key k3Are stored in each random number storage circuit 61n or 63n (20n), and each individual ID number (SID)_n, SID_{n + 1}) Device identification code (D_n) Corresponding to the other chip individual ID number storage circuit 61q or 63q (20q).
  As a result, all the main CPU 10 or sub CPU 61 or I / O chip 63 (20) in the link and the adjacent main CPU 10 or sub CPU 61 or I / O chip 63 (20) share the random numbers R1, R2.Encryption key k3, And individual ID numbers (MID, SID).
[0085]
b. Mutual authentication procedure
  Master station device identification code (D_n) From the sub CPU 61 or the I / O chip 63 (20) having a predetermined adjacent device identification code (D_{n + 1}The connection request signal is transmitted to the sub CPU 61 or the I / O chip 63 (20) of the slave station having the above. A connectable signal is returned from the sub CPU 61 or the I / O chip 63 (20) of the slave station that has received this.
  Next, the sub CPU 61 or the I / O chip 63 (20) of the main station stores the random number value R1 generated from the random number generation circuit 61m or 63m (20m) in the random number value storage circuit 61n or 63n (20n). Using the encryption key k1, the identification circuit 61r or 63r (20r) encrypts the random number value R1 based on a predetermined algorithm, and the encrypted random number value R1 is used as the slave sub CPU 61 or the I / O chip 63 (20). Send to.
  The sub CPU 61 or the I / O chip 63 (20) of the slave station that has received the random value R1 encrypted with the encryption key k1 uses the identification circuit 61r or 63r (20r) to decrypt it with a predetermined algorithm based on the encryption key k1. Then, the random number value R1 of the sub CPU 61 or the I / O chip 63 (20) of the main station is acquired and stored in the random number value storage circuit 61n or 63n (20n).
  Next, the random number value R2 generated from the random number generation circuit 61m or 63m (20m) is stored in the random number value storage circuit 61n or 63n (20n), and the identification circuit 61r or 63r (20r) uses the encryption key k2 to determine the predetermined value. The random value R2 is encrypted based on the algorithm, and the encrypted R2 is transmitted to the sub CPU 61 or the I / O chip 63 (20) of the main station.
  The sub CPU 61 or the I / O chip 63 (20) of the main station that has received the random value R2 encrypted with the encryption key k2 decrypts it with a predetermined algorithm by the identification circuit 61r or 63r (20r) based on the encryption key k2. The random number value R2 of the sub CPU 61 or the I / O chip 63 (20) of the slave station is acquired and stored in the random number value storage circuit 61n or 63n (20n).
  As a result, the random number values R1, R2 are stored in the random number value storage circuit 61n or 63n (20n) of the sub CPU 61 or I / O chip 63 (20) of the master station and the sub CPU 61 or I / O chip 63 (20) of the slave station. And will be stored.
[0086]
  Next, the sub CPU 61 or the I / O chip 63 (20) of the main station acquires a new random number value R3 generated by the random number generation circuit 61m or 63m (20m), and thenEncryption key k3The identification number 61r or 63r (20r) is used to identify the main station individual ID number (SID) stored in the individual ID number storage circuit 61p or 63p (20p) based on a predetermined algorithm._n) And the random number value R3 are mixed and transmitted to the sub CPU 61 or the I / O chip 63 (20) of the slave station.
  The sub CPU 61 or the I / O chip 63 (20) of the slave station receives the received master station individual ID number (SID)._n) And the random number value R3, the encrypted data has already been acquired.Encryption key k3Is decoded by a discriminating circuit 61r or 63r (20r) based on a predetermined algorithm, and the master station ID number (SID)_n) And a random value R3. Further, the slave station identification circuit 61r or 63r (20r) acquires the master station individual ID number (SID) of the acquired master CPU sub CPU 61 or I / O chip 63 (20)._n) Has already been stored in the individual ID number storage circuit 63p (61p, 20p) of the slave station._n) And the sub CPU 61 of the main station or the I / O chip 63 (20) is authenticated. If they do not match, the system is reset via the reset circuit 61k or 63k (20k) to stop the function of the sub CPU 61 or the I / O chip 63 (20) of the slave station. In the case of coincidence, it is determined that the sub CPU 61 or the I / O chip 63 (20) of the master station is normal, and the slave individual ID number (SID) of the sub CPU 61 or the I / O chip 63 (20) of the slave station is determined._{n + 1})
[0087]
  In this embodiment, after acquiring a new random number value R4 from the random number generator circuit 61m or 63m (20m) of the slave station,Encryption key k3Based on a predetermined algorithm by the identification circuit 61r or 63r (20r), the slave individual ID number (SID) stored in the slave individual ID number storage circuit 63p (61p, 20p) is used._{n + 1}) And the random number value R4 are mixed and transmitted to the sub CPU 61 or the I / O chip 63 (20) of the main station.
[0088]
  The sub CPU 61 or the I / O chip 63 (20) of the master station receives the received slave individual ID number (SID)._{n + 1}) And random number value R4 mixed data encryptedEncryption key k3The identification circuit 61r or 63r (20r) performs decoding based on a predetermined algorithm and uses the slave individual ID number (SID)._{n + 1}) And a random value R4. Acquired slave individual ID number (SID_{n + 1}) And the slave individual ID number (SID) stored in the other chip ID number storage circuit 61q or 63q (20q)_{n + 1}) Is verified, and if they do not match, the system is reset via the reset circuit 61k or 63k (20k), and the function of the sub CPU 61 or the I / O chip 63 (20) of the main station is established. Stop. In the case of coincidence, the sub CPU 61 or the I / O chip 63 (20) of the slave station is determined to be a normal one, and the connection with the sub CPU 61 or the I / O chip 63 (20) of the slave station is disconnected.
[0089]
  Then, the sub CPU 61 or the I / O chip 63 (20) of the slave station becomes the master station, and the subordinate sub CPU 61 or the I / O chip 63 (20) adjacent to the slave station is the slave station, and shifts to the link establishment procedure as needed.
[0090]
  As described above, the sub CPU 61 or the I / O chip 63 (20) of the master station performs mutual authentication using the adjacent sub CPU 61 or I / O chip 63 (20) as a slave station. Mutual authentication is performed at predetermined intervals by the timer circuit 61t or 63t (20t) of the sub CPU 61 or the I / O chip 63 (20), and the response time from the sub CPU 61 or the I / O chip 63 is monitored. When there is no response from the sub CPU 61 or the I / O chip 63 (20), the identification circuit 61r or 63r (20r) resets via the reset circuit 61k or 63k (20k), and the sub CPU 61 of the main station or The function of the I / O chip 63 (20) is stopped.
  Further, if the sub CPU 61 or the I / O chip 63 (20) of the slave station does not receive a connection request for mutual authentication of the sub CPU 61 or the I / O chip 63 (20) of the master station at a predetermined interval, the identification circuit 61r or 63r (20r) resets via the reset circuit 61k or 63k (20k) and stops the function of the sub CPU 61 or the I / O chip 63 (20) of the slave station.
[0091]
  In the embodiments (1) to (3) of FIGS.in frontIn the result of mutual authentication, when the comparison result of the ID numbers to be compared does not match, the function to be stopped in the main CPU 10 and the sub CPU 61 is the gaming machine control CPUs 10a and 61a, and the I / O chip 63 (20) Are the input / output control circuit 63x (20x), the input / output circuit 63y (20y), the identification circuits 10r, 61r and 63r (20r) of the main CPU 10, the sub CPU 61 and the I / O chip 63 (20). The external reading of the authentication result by the external communication circuits 10 s, 61 s and 63 s (20 s) operates.
[0092]
  In this way, the main CPU, sub CPU 61 or I / O chip 63 (20) of the master station ends the mutual authentication with the main CPU, sub CPU 61 or I / O chip 63 (20) of the adjacent slave station, Since the monitoring timer checks the timing every predetermined time, mutual authentication in the ring connection resumes every predetermined time, and while the mutual authentication between adjacent chips is normally completed, the entire gaming machine is normal Operate.
[0093]
  In the above embodiment, the sub-CPU or I / O chip of the master station has been described for the mutual authentication operation with the adjacent sub-CPU or I / O chip of the slave station, but a specific main CPU, sub-CPU or I / O chip has been described. When the O chip is replaced with another illegal chip, mutual authentication between adjacent chips is not normally performed, and the operation of the adjacent chip is stopped. Further, the operation of the adjacent chip of the stopped chip is also not performed normally because the mutual authentication is not normally performed, so that the operation of the adjacent chip in the link connection is chained so that all the operations are finally performed. When the chip stops, the operation of the entire gaming machine stops.
[0094]
  As described above, the main CPU 10, each sub CPU 61 or the I / O chip 63 (20) of the gaming machine related to the ring connection has a device identification code (D_n) And individual ID numbers (MID, SID) are acquired from each other and stored in the other chip individual ID number storage circuit 10q. In such a state, the main CPU 10, the sub CPU 61 or the I / O chip having the external communication circuit 10s, 61s or 63s (20s) with the device identification code and the individual ID number of each chip by the token circulating in the ring is the master controller. Can be collected.
[0095]
  In the embodiment of FIG. 3, the main CPU 10 connected by the external communication means 40 becomes the master controller and all the individual ID numbers and authentication results are collected. In the embodiment of FIG. 9, the main CPU 10 is connected to the external communication means 40. The main CPU 10 collects all the individual ID numbers and authentication results by turning the token to the chip in the link.
[0096]
  In such a state, the hall computer 400 shown in FIG.₁~ 600_nThe main CPU 10, the sub CPU 61, and the I / O chip 20 are communicated via the external communication means 40 provided in each unit.₁, 20₂, 20₃, ... 20_nThe individual ID numbers of the I / O chips are acquired and stored in the storage means, and the hall computer 400 stores the identification circuit 10r, random number generation circuit 10m, random number value storage circuit 10n as shown in FIG. Whether or not which chip has been changed by performing mutual authentication including the other chip ID number storage circuit 10q and confirming the individual ID number (SID) of the sub CPU 61 or the I / O chip 63 (20). Can be confirmed.
  In FIG. 2, the communication line connected for sending the mutual authentication result from the main CPU 10 is connected to the table inspection device 80 via the external communication means 40, and is mutually connected to the individual ID number of the connected chip for each table. The authentication result can be read offline.
[0097]
  Further, the host computer 100 connected to each hall computer 400 shown in FIG. 1 through a public line is connected to the hall computers 400 in the halls A, B, C._A, 400_B, 400_CBecause of the connection with the hall computer 400_A, 400_B, 400_CTo each main CPU 10, sub CPU 61 or I / O chip 63 (20_i), Etc., the database 200 is arranged in such a way that the individual ID numbers (MID or SID) of the sub CPU 61 or the I / O chip 63 (20) for each hall and each table are arranged. To remember.
  In this state, the host computer 100 accesses the main CPU 10 of each hall at any time via the external communication unit 500, the external communication unit 40, etc., and each sub CPU 61 or the I / O chip 63 (20) has another It is also possible to check whether or not it has not been replaced.
  When the main CPU 10, the sub CPU 61 or the I / O chip 63 (20) cannot recognize the individual ID number, the system is reset and the gaming machine is stopped. At the same time, the hall computer 400 or the host computer 100 is stopped. By transmitting information on which main CPU 10, sub CPU 61 or individual identification number (MID or SID) of the I / O chip 63 (20) could not be confirmed, the hall side or the gaming machine administrator side can indicate the illegal situation of the gaming machine. It can be discovered instantly.
[0098]
【The invention's effect】
  As described above, in the chip according to the present invention,
(1) Since monitoring is performed mutually, even if one of the chips is illegally replaced, an abnormality can be detected, so that it is difficult to perform the fraud.
(2) In the invention encrypted at the time of communication between chips, since the encryption value is always changed and the random values R1 and R2 used for communication are different for each chip, fraud is prevented.
(3) If the ID number other than the main CPU is not stored, the transmitted MID and device identification number (D_nSince the individual ID number of the chip is created on the basis of (), it is less likely to be fraudulent by a third party than in the case described above.
(4) Since it is possible to constantly monitor from an external monitoring device or the like via an external communication means, it is possible to prevent unauthorized modification of the gaming machine board.
(5) Mutual authentication between the main CPU 10, sub CPU 61 or I / O chip 63 (20)AlwaysSince it is configured to monitor, it is possible to detect fraud in the gaming situation as well as when the gaming machine is started up.
[Brief description of the drawings]
FIG. 1 is a schematic diagram showing a network management system by a host computer.
FIG. 2 is a schematic diagram showing an in-store management system using a hall computer.
FIG. 3 is a schematic block diagram of a mutual authentication chip according to the star connection of the present invention.
FIG. 4 is a schematic block diagram showing another embodiment of the mutual authentication chip according to the star connection of the present invention.
FIG. 5 is a block diagram showing a configuration of a main CPU.
FIG. 6 is a block diagram showing a configuration of an I / O chip.
FIG. 7 is a block diagram showing a configuration of a sub CPU.
FIG. 8a is a schematic block diagram showing a state in which an individual ID number is stored in each chip, and FIG. 8b is a schematic block diagram showing a state in which an individual ID number is stored only in the main CPU.
FIG. 9 is a schematic block diagram of a mutual authentication chip showing a state in which the main CPU and each sub CPU 61 or I / O chip 63 (20) are ring-connected.
FIG. 10 is a transition diagram showing a sequence for performing mutual authentication when an individual identification number is incorporated in each chip in a star connection (no random number is used).
FIG. 11 is a transition diagram showing a sequence for performing mutual authentication when an individual identification number is incorporated in each chip in star connection (using random numbers, no exchange of random numbers during authentication);
FIG. 12 is a transition diagram showing a sequence for performing mutual authentication when an individual identification number is incorporated in each chip in star connection (using random numbers, with random number exchange at the time of authentication).
FIG. 13 is a transition diagram showing a sequence for performing mutual authentication when an individual identification number is incorporated only in the main CPU in star connection (no random number is used).
FIG. 14 is a transition diagram showing a sequence for performing mutual authentication when an individual identification number is incorporated only in the main CPU in a star connection (using random numbers, no exchange of random numbers during authentication).
FIG. 15 is a transition diagram showing a sequence for performing mutual authentication when an individual identification number is incorporated only in the main CPU in star connection (using random numbers, with random number exchange during authentication).
FIG. 16 is a transition diagram showing a sequence for performing mutual authentication when an individual identification number is incorporated in each chip in ring connection (no random number is used).
FIG. 17 is a transition diagram showing a sequence for performing mutual authentication when an individual identification number is incorporated in each chip in ring connection (using random numbers, no exchange of random numbers during authentication).
FIG. 18 is a transition diagram showing a sequence for mutual authentication when an individual identification number is incorporated in each chip in ring connection (using random numbers, with random number exchange during authentication).
FIG. 19 is a schematic diagram showing a memory configuration of a user ROM of a main CPU or a sub CPU according to the present invention.
FIG. 20 is a block diagram of a mutual authentication system between a main CPU and an I / O chip.
FIG. 21 is a block diagram showing a mutual authentication system between a main CPU and a sub CPU.
[Explanation of symbols]
100 Host computer
200 storage means
300 Public line
400_{A, B, C ... N}      Hall computer
600_{1, 2, 3, ... m}  Game machine
1 Main board
2 Bus lines
5 winning sensors
6 Display
10 Main CPU
10a CPU for gaming machine control
61a Sub CPU
10b, 61b Boot RAM
10c, 61c Boot ROM
10d, 61d User RAM
10e, 61e User ROM
10f, 61f Watchdog timer circuit
10g, 61f Illegal address execution prohibition circuit
10h, 61g timer circuit
10i, 61i Security check circuit
10j, 61j clock circuit
10k, 20k, 61k, 63k reset circuit
10m, 20m, 61m, 63m random number generator
10n, 20n, 61n, 63n Random value storage circuit
10p, 20p, 61p, 63p Individual ID number storage circuit
10q, 20q, 61q, 63q Other chip ID number storage circuit
10r, 20r, 61r, 63r identification circuit
10s, 20s, 61s, 63s External communication circuit
10t, 20t, 61t, 63t monitoring timer
10u, 20u, 61u, 63u Monitoring information storage circuit
20v, 63v monitoring information setting circuit
20w, 63w Address decode circuit
20x, 63x I / O control circuit
20y, 63y input / output circuit
20_{1, 2, 3, ... n}    I / O chip
40 External communication means
50 Monitoring device
60_{1, 2, i}         Sub board
61 Sub CPU
62 Interface circuit
63 I / O chip
64 Interface circuit
65 Bus Line

Claims (10)

In the gaming machine control board in which the main CPU, sub CPU and / or I / O chip are mounted on the main board or sub board,
The main CPU and sub CPU are constituted by a gaming machine control CPU, an identification circuit, a chip individual ID number storage circuit, another chip-specific ID number storage circuit, a monitoring timer and reset circuit, and / or a random number generation circuit,
The I / O chip comprises an identification circuit, a unique ID number storage circuit of another chip, an individual ID number storage circuit, a monitoring timer, a reset circuit, and / or a random number generation circuit.
The main CPU and each sub CPU and / or I / O chip are star-connected through a communication line,
The main CPU and sub CPU and / or I / O chip mutually store individual ID numbers of other chips, and the main CPU and sub CPU and / or I / O chip mutually confirm individual ID numbers. Configured to authenticate whether or not the mutual chip is legitimate
When the connection request is made from the main CPU based on the device identification code of a predetermined sub CPU or I / O chip at the time of the mutual authentication, and the connection is returned from the sub CPU or I / O chip, the individual ID of the main CPU The sub CPU or I / O chip authenticates whether or not the main CPU is genuine based on the transmitted individual ID number of the main CPU, and then the individual ID of the sub CPU or I / O chip. A gaming machine control board having a mutual authentication function, wherein the main CPU is configured to authenticate an individual ID number of a sub CPU or I / O chip by transmitting a number . When the main CPU confirms the individual ID number of the sub CPU or I / O chip, the individual ID number stored in the ID number storage circuit of the main CPU and the individual ID number transmitted from the sub CPU or I / O chip 2. A gaming machine control board having a mutual authentication function according to claim 1, wherein when the two do not match, the main CPU is stopped through a reset circuit . When the main CPU makes a connection request based on the device identification code of a predetermined sub CPU or I / O chip at the time of the mutual authentication, and the return identification code that can be connected is returned from the sub CPU or I / O chip, the main CPU The individual ID number of the main CPU encrypted according to the encryption key created based on the random number value generated by the random number generation circuit and the random number value are transmitted to the sub CPU or I / O chip, and the sub CPU or I / O chip is transmitted. The side authenticates whether or not the received individual ID number of the main CPU is authentic after decrypting the encrypted individual ID number according to the encryption key created based on the transmitted random number value, and then the sub CPU or I / O-chip sub CPU or I / O chip random number generating circuit is encrypted under the encryption key created based on the random number value generated in the individual I Whether those sub CPU or I / O chip after decrypting the encrypted individual ID number in accordance with the encryption key that is created based on the random number value which the main CPU is transmitted is a regular by transmitting the number and those of the random numerical The gaming machine control board having a mutual authentication function according to claim 1 or 2, wherein the board is configured to perform such authentication. When the connection request is made from the main CPU based on the device identification code of a predetermined sub CPU or I / O chip at the time of the mutual authentication, and the return identification code that can be connected is returned from the sub CPU or I / O chip, the main CPU The random number value R1 generated by the random number generation circuit is encrypted and transmitted according to a predetermined protocol, and the sub CPU or I / O chip side stores the transmitted random number value R1 and the random number value R2 generated by the random number generation circuit. After the main CPU stores the random value R2, the main CPU stores the individual ID number of the main CPU encrypted based on the encryption key k3 created based on the random values R1 and R2. The sub CPU or I / O chip that is sent to and received from the sub CPU or I / O chip is created based on the stored random number values R1 and R2. To advance another chip separate ID stored in the ID storage circuit collates the individual ID number, if the individual ID number storage circuit which is consistent with decrypting the encrypted individual ID number in accordance with the encryption key k3 The stored individual ID number is encrypted according to the encryption key k3 and transmitted to the main CPU. The main CPU decrypts the received encrypted individual ID number based on the encryption key k3 and stores it in the other chip individual number storage circuit. It is configured to collate with the individual ID number, and when the two match, the mutual authentication is terminated and the process proceeds to the collation with the next sub CPU or I / O chip. Item 3. A gaming machine control board having a mutual authentication function according to item 1 or 2. Random number generating circuit random number value is generated from R1, R2 are stored in the always random value such storage circuit is configured to utilize the stored fixed random number value R1, R2, the main performing mutual authentication 5. A gaming machine control board having a mutual authentication function according to claim 4, wherein the encryption key k3 between the CPU and the sub CPU or the I / O chip is always constant. The main individual ID number stored in the individual ID number storage circuit of the main CPU (MID) are all the same fixed value, the random number value R1, R2 generated from the random number generating circuit utilizing a new one for each authentication 6. A gaming machine control board having a mutual authentication function according to claim 4 or 5. In the gaming machine control board in which the main CPU, sub CPU and I / O chip are mounted on the main board or sub board,
  The main CPU and sub CPU are constituted by a gaming machine control CPU, an identification circuit, a chip individual ID number storage circuit, another chip-specific ID number storage circuit, a monitoring timer and reset circuit, and / or a random number generation circuit,
  The I / O chip comprises an identification circuit, a unique ID number storage circuit of another chip, an individual ID number storage circuit, a monitoring timer, a reset circuit, and / or a random number generation circuit.
  The main CPU and each sub CPU and I / O chip are ring-connected via a communication line, and the main CPU, sub CPU and I / O chip store the individual ID numbers of other chips adjacent to each other. Consists of
  The main CPU, I / O chip and sub CPU authenticate the individual ID number of the adjacent main CPU, I / O chip or sub CPU,
  The main CPU, I / O chip or sub CPU to be authenticated is adjacent to the main CPU, I / O chip connected in a ring by collating the individual ID numbers of the adjacent main CPU, I / O chip or sub CPU. Or it is configured to sequentially check the individual ID numbers of the sub CPUs,
At the time of the authentication, a connection request is issued from the main CPU, I / O chip or sub CPU to the adjacent main CPU, I / O chip or sub CPU, and connection is possible from the adjacent main CPU, I / O chip or sub CPU. Is sent from the main CPU, I / O chip or sub CPU, and the CPU, I / O chip or sub CPU side of the adjacent device sends the main CPU based on the transmitted individual ID number. , Authenticate whether the I / O chip or sub CPU is genuine, and then the main CPU, I / O chip or sub CPU of the adjacent device transmits the individual ID number, thereby allowing the main CPU, I / O A gaming machine control base having an authentication function, wherein the chip or sub CPU is configured to authenticate an individual ID number of an adjacent device. . When the sub CPU, I / O chip, or main CPU that has collated the individual ID number does not match the individual ID number of the CPU or I / O chip to be collated, the main CPU, I / O chip, or sub CPU 8. The gaming machine control board having an authentication function according to claim 7, wherein the CPU is configured to stop the apparatus via a reset circuit . At the time of the authentication, a connection request is issued from the main CPU, I / O chip or sub CPU to the adjacent main CPU, I / O chip or sub CPU, and connection is possible from the adjacent main CPU, I / O chip or sub CPU. the main CPU, I / O chip or on the basis of the random number by the random number generating circuit occurs in the sub CPU encrypted main CPU, I / O chip or sub-CPU of the individual ID number and those the random number in the case where a reply is The adjacent main CPU, I / O chip or sub CPU side decrypts the encrypted individual ID number based on the transmitted random number value, and then the main CPU, I / O chip or sub CPU The main CPU, the I / O chip, or the sub-CPU random number generation circuit that is encrypted based on the random number value generated thereafter. After decrypting the encrypted individual ID number based on the random number value transmitted by the main CPU, I / O chip or sub CPU by transmitting the individual ID number of the PU, I / O chip or sub CPU and the random value 9. The authentication function according to claim 7, wherein the authentication function is configured to authenticate whether or not an individual ID number of a main CPU, an I / O chip, or a sub CPU of an adjacent device is regular. Board for gaming machine control. The table inspection device 80 is connected to the main CPU, sub CPU or I / O chip via the external communication means 40, and the individual ID number written in the individual ID storage circuit of the connected chip for each table is read offline. 10. The gaming machine control board according to claim 1 , wherein the gaming machine control board is configured so as to be able to perform.

Images