SCH2 Technical Manual TSP016.doc Issue 3.0 – January 2005
Money Controls 2005. All rights reserved.
Page 18 of 61
11. Encryption Mechanism
A 64-bit encryption mechanism is used to ensure that an illegal attempt to dispense coins from
SCH2 is a hugely difficult task. The key to this mechanism is a secret algorithm, not published in
this document, which may be obtained from Money Controls after suitable approval procedures
have been gone through.
To show the procedure for dispensing a coin an example is shown here with a ‘trivial’ encryption
mechanism but the overall procedure is the same. Byte values between brackets are shown in
hex.
First of all we pump the random number generator of the hopper by sending 8 bytes of random
data to it…
Command = Pump RNG
Transmitted data :
[ 34 ] [ A2 ] [ D7 ] [ 0F ] [ 35 ] [ 17 ] [ 55 ] [ 94 ]
Received data :
ACK
This is not an essential step but is useful to broaden the spectrum of cipher keys that are
transmitted along the serial bus and which may be ‘recorded’ by a hacker. As the host machine
is likely to be an AWP machine with a sophisticated random number generator, way beyond the
capability of the hopper microcontroller, we may as well make use of it. Note that the pump
value does not pre-set or ‘seed’ the RNG as that would defeat the security mechanism, but only
scrambles it further. The exact details of the scrambling algorithm will not be documented.
Then we request a key cipher key…
Command = Request cipher key
Transmitted data :
<none>
Received data :
[ E5 ] [ 88 ] [ 13 ] [ 07 ] [ 46 ] [ FE ] [ 29 ] [ 05 ]
A new cipher key must always be requested prior to dispensing coins. There is no point using
an old copy as it changes after every dispense command. The ‘Request cipher key’ command
itself can be repeated in the event of a communication error and the cipher key will be re-
transmitted rather than regenerated.
Now we combine the cipher key with the number of coins to pay out ( in this example 20 coins
or the value 14 hex ) by tagging it onto the end of the data block…
Non-encrypted data [ E5 ] [ 88 ] [ 13 ] [ 07 ] [ 46 ] [ FE ] [ 29 ] [ 05 ] [ 14 ]
In this case we will assume that the CMF ( Cryptographic Mapping Function ) is simply inverting
all the bytes ( new data = FF - old data ).
Performing this calculation on each of the bytes we obtain…
Encrypted data [ 1A ] [ 77 ] [ EC ] [ F8 ] [ B9 ] [ 01 ] [ D6 ] [ FA ] [ 14 ]
Note that the number of coins to pay out is unencrypted but its value is used in the real CMF.
Now we send that data to the hopper to pay out a coin…
Continued…
Содержание SCH2
Страница 8: ......