Section 250. Communications and network requirements  

A. Where the distributed pull-tab system components are linked with one another in a network, communication protocols shall be used that ensure that erroneous data or signals will not adversely affect the operations of any such system components.

B. All data communication shall incorporate an error detection and correction scheme to ensure the data is transmitted and received accurately.

C. Connections between all components of the distributed pull-tab system shall only be through the use of secure communication protocol(s) that are designed to prevent unauthorized access or tampering, employing Advanced Encryption Standard (AES), or equivalent encryption.

D. A firewall or equivalent hardware device configured to block all inbound and outbound traffic that has not been expressly permitted and is not required for continued use of the distributed pull-tab system must exist between the distributed pull-tab system and any external point of access.

E. The minimum width (size) for encryption keys is 112 bits for symmetric algorithms and 1024 bits for public keys.

F. There must be a secure method implemented for changing the current encryption key set. It is not acceptable to only use the current key set to "encrypt" the next set.

G. There must be a secure method in place for the storage of any encryption keys. Encryption keys must not be stored without being encrypted themselves.

H. If a wireless network is used, wireless products used in conjunction with any gaming system or system component must meet the following minimum standards:

1. Employ a security process that complies with the Federal Information Processing Standard 140-2 (FIPS 140-2); or

2. Employ an alternative method, as approved by the department.