DETAILED ACTION
This Final Office Action is in response to amendment filed on 11/04/2025. Claims 1, 9, and 17 have been amended. Claims 1-20 remain pending in the application.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The drawings filed on 07/08/2022 are accepted.
Response to Arguments filed on 11/04/2025
With respect to the USC 101 rejections:
Applicant stated in Page 8 “the amended claims do not recite any mathematical relationships, formulas, or calculations. See MPEP § 2106.04(a)(2)(1). The amended claims also do not recite any methods or techniques for organizing human activities, such as fundamental economic principles or practices, commercial or legal interactions, or personal behaviors or relationships or interactions between people. See MPEP § 2106.04(a)(2)(11)… Because the amended claims do not recite any mathematical relationships, formulas, or calculations, the claims cannot be properly rejected under§ 101 for merely involving, at some level, mathematical relationships, formulas, or calculations…the amended claims are not directed towards mental processes. The August Memo indicates that "[t]he mental process grouping is not without limits. Examiners are reminded not to expand this grouping in a manner that encompasses claim limitations that cannot practically be performed in the human mind…"a claim does not recite a mental process when it contains limitation(s) that cannot practically be performed in the human mind, for instance, when the human mind is not equipped to perform the claim limitation(s)." See also MPEP § 2106.04(a)(2)(111)… the amended claims do not recite "determining." The limitations of the amended claims include elements that cannot be practically performed in the human mind. The claims are not directed towards mental processes because the human mind is not equipped to perform the claim limitations. See MPEP § 2106.04(a)(2)(111)… the human mind is not equipped to read a cryptographic key in a first secure storage, or retrieve an emergency key from a second secure storage of the vehicle-based computing system, as required by the limitations of amended claim 1. The human mind does not include a secure storage, does not include a vehicle-based computing system, and cannot be provisioned with cryptographic keys and emergency keys, as required by the limitations of amended claim 1. Because the claims cannot be practically performed in the human mind or using pen/paper… Second, the amended claims recite limitations that are a practical application of an improvement described in the Specification. The August Memo states that "[t]he examiner is reminded to consult the specification to determine whether the disclosed invention improves technology or a technical field, and evaluate the claim to ensure it reflects the disclosed improvement. The specification does not need to explicitly set forth the improvement, but it must describe the invention such that the improvement would be apparent to one of ordinary skill in the art. The claim itself does not need to explicitly recite the improvement described in the specification." See also MPEP § 2106.04(d).”
The applicant’s arguments (adding vehicle-based and “reading…retrieving…based on”) with respect to the USC 101 rejection and arguments/remarks are fully considered. However, the amendments and arguments are not persuasive because the amended limitation: reading…of a vehicle-based computing system… retrieving…based on…” is a process that under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of a generic vehicle-based computing system. The mere nominal recitation of a generic vehicle-based computing system does not take the clam limitation out of the mental process grouping. The mere recitation of “reading…where the cryptographic key is corrupted… retrieving…based on…” requires a mental step that can be performed on paper to realize the key being red is a corrupted key and retrieving the replaced key based on corrupted key. Thus, the claim recites a mental process. Moreover, the mere recitation of the vehicle-based computing system is an insignificant extra-solution activity to the judicial exception and does not integrate into a practical application or provide significantly more because it amounts to e.g. consoling and updating the activity log/key, etc. See 2106.05(g). Therefore, the 101 rejection is maintained.
With respect to the prior art rejections in pages 12-13, applicant’s remarks are considered moot in light of the new ground of rejection below, where newly found prior art Kajuluri discloses replacing corrupted cryptographic keys in a vehicle-based computing system, where the keys are provisioned before corruption. Please see detailed rejection below.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more.
Step 1:
Independent claims 1, 9 and 17 recite a method, one or more non-transitory computer-readable media storing program instructions and system. Therefore, step 1 is satisfied for claims 1-20.
Step 2A Prong One:
The claim(s) recite(s) mental process and/or mathematical concepts steps of determining and accordingly retrieving/receiving data and establishing communication.
determining that the cryptographic key stored in a first secure storage is corrupted; in claims 1, 9 and 17 (this step recite abstract mental processes that can be performed by the human mind or practicably with pen and paper. MPEP § 2106.04(a)(2)(II). reading …retrieving…based on…is a mental process (e.g., observations, evaluations, judgments, and opinions) that is applied and performed in a computing environment—i.e., an abstract idea. See MPEP § 2106.04(a)(2)(I]); see also Elec. Power Grp., 830 F.3d at 1354 (“[A]nalyzing information by steps people go through in their minds, or by mathematical algorithms, without more, [are] essentially mental processes within the abstract-idea category.”’). ).
Step 2A Prong Two:
The claim/s recites the combination of the additional elements, the additional elements in the claim are:
“A method for recovering a cryptographic key:… a second secure storage… establishing communications”, “One or more non-transitory computer-readable media storing program instructions that, when executed by one or more processors, cause the one or more processors to perform steps of:… a second secure storage…establishing communications”, “A system embedded in a vehicle, comprising: one or more memories storing instructions; and one or more processors coupled to the one or more memories and, when executing the instructions:…a second secure storage… establish communications” (claims 1, 9 and 17), further additional elements in dependent claims.
With regards to the additional element discussed above, these elements are directed to mere insignificant extra-solution activity. See MPEP 2016.04(d)(I) and 2016.05(g). e.g. “Extra-solution activity includes both pre-solution and post-solution activity. An example of pre-solution activity is a step of retrieving data for use in a claimed process, e.g., a step of obtaining information about credit card transactions, which is recited as part of a claimed process of analyzing and manipulating the gathered information by a series of steps in order to detect whether the transactions were fraudulent.”. The act of transmitting data based on the abstract idea fails to integrate the judicial exception into a practical application as it does not differ from those actions that have previously been held to be extra-solution activity, such as “presenting offers to potential customers and gathering statistics generated based on the testing about how potential customers responded to the offers; the statistics are then used to calculate an optimized price”, “selecting information, based on types of information and availability of information in a power-grid environment, for collection, analysis and display”, and “requiring a request from a user to view an advertisement and restricting public access.”, “(i.e., all uses of the recited judicial exception require such data gathering or data output)”, The judicial exception is not integrated into a practical application because the remaining additional elements amount to nothing more than generic components recited at a high-level of generality such that it amounts to no more than mere instructions to apply the exception using generic computer components. See MPEP 2016.04(d)(I) and 2106.05(f).
Step 2B:
The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above, the additional elements amount to nothing more than mere instructions to apply the exception using generic computer component(s) and insignificant extra-solution activity. These cannot provide an inventive concept, and thus the claims are patent-ineligible.
Dependent claims fail to cure the aforementioned deficiency.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-2, 4, 7, 9-10, 12, 15, 17-18 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Andrews (US 20170187523 A1), hereinafter Andrews, in view of Kajuluri (US 20220255729 A1), hereinafter Kajuluri.
Regarding claim 1 (Currently Amended), Andrews teaches a method for recovering a cryptographic key (Andrews Figure 4), comprising:
reading the cryptographic key of a [[vehicle-based]] computing system, wherein the cryptographic key is corrupted (Andrews Figure 4 [0091] “Gateway device 110 can decrypt information encrypted with the split key 180 without ever accessing third key part 183 as long as gateway 110 has access to first key part 181 and second key part 182…in the event that first key part 181 or second key part 182 becomes corrupted”, key parts 181 and 181 correspond to the cryptographic key stored at the e.g. Gateway device 110, where the split key 180 comprising key parts 181 and 182 is construed as the cryptographic key);
retrieving an emergency key from a second secure storage of the [[vehicle-based]] computing system based on the cryptographic key being corrupted, wherein the emergency key and the cryptographic key are provisioned to the vehicle-based computing system before corruption of the cryptographic key; and establishing communications [[with]] between the [[vehicle-based]] computing system and a server by using the emergency key (Andrews Figure 4 [0091] “Device management resource 101 generates (operation 179) a split key 180 that includes three key parts 181, 182, and 183…in the event that first key part 181 or second key part 182 becomes corrupted, lost, or otherwise inaccessible, third key part 183 may be retrieved from cloud-based storage 104 and used in conjunction with the remaining uncorrupted key part to decrypt data encrypted with the split key 180. More generally, a split key may include 3 or more key parts where 2 or more, but less than all of the key parts are sufficient to decrypt messages encrypted with the split key.”, where:
the split key 180 comprising key parts 181 and 182 is construed as the cryptographic key.
In the case where the split key 180 is corrupted due to the part of 180, e.g. key part 182, becoming corrupted, then part of an emergency key, e.g. key part 183, is retrieved from a different storage 104 and combined with the uncorrupted part, e.g. key part 181, in order to form a complete emergency key that is different from the split key 180 and that replaces the split key 180, where all key parts making up the split key and the replaced/emergency key are provisioned before any corruption taking place, and eventually used for communication with other entities as further illustrated in e.g. Figure 2.)
Andrews discloses the replacing a corrupted key with a different key having different combination of key parts in order to establish communication between gateway 110 and other entities, i.e. two computing systems, by decrypting encrypted data. While the computing system can apply to all types of systems, which would make it obvious for one of ordinary skill in the field to conceive of a computing system such as vehicle-based computing system, however, Andrews does not explicitly disclose replacing a corrupted key with an emergency key in a vehicle-based computing system.
Kajuluri discloses replacing corrupted cryptographic keys in a vehicle-based computing system, where the keys are provisioned before corruption (Kajuluri Figure 1 100 illustrates a vehicle computing system, where [0022] “…the encrypted key table is stored in two locations, the first electronic control module 104 and the remote server 112, providing redundancy in case one copy of the encrypted key table is corrupted.”, where the encrypted key table comprising authentication keys for secure communication between senders and receivers as disclosed in [0019, 0021]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Andrews to incorporate the teaching of Kajuluri to utilize the above feature, with the motivation of providing redundancy and efficiently hold communications between senders and receivers while maintaining secure communication, as recognized by (Kajuluri Abstract, [0022] and throughout).
Regarding claim 9, the claim recites similar limitations to claim 1, therefore rejected with the same rationale applied to claim 1.
Regarding claim 17, the claim recites similar limitations to claim 1, and Kajuluri further discloses the system is embedded in a vehicle in the preamble, therefore rejected with the same rationale applied to claim 1.
Regarding claim 2 (Original), Andrews in view of Kajuluri teaches the method of claim 1, wherein the second secure storage is located in a controller that is separate from a computing device that includes the first secure storage (Andrews [0091] “…The device management resource 101 distributes the first key part 181 to gateway device 110 and the second key part 182 to mobile device 120 analogous to the sending of gateway key part 141 to gateway device 110 and mobile key part 142 to mobile device 120. The third key part 183, however, is not distributed to either the gateway device 110 or the mobile device 120. Instead, device management resource 101 stores the third key part 183 in cloud-based storage 104, which is accessible to device management resource 101.”).
Regarding claim 10, the claim recites similar limitations to claim 2, therefore rejected with the same rationale applied to claim 2.
Regarding claim 18, the claim recites similar limitations to claim 2, therefore rejected with the same rationale applied to claim 2.
Regarding claim 4 (Original), Andrews in view of Kajuluri teaches the method of claim 1, further comprising: subsequent to determining that the cryptographic key stored in the first secure storage is corrupted, invoking an emergency service that retrieves the emergency key from the second secure storage; and subsequent to establishing communications with the server, terminating the emergency service ([0091] “…in the event that first key part 181 or second key part 182 becomes corrupted, lost, or otherwise inaccessible, third key part 183 may be retrieved from cloud-based storage 104 and used in conjunction with the remaining uncorrupted key part to decrypt data encrypted with the split key 180. More generally, a split key may include 3 or more key parts where 2 or more, but less than all of the key parts are sufficient to decrypt messages encrypted with the split key.” where the service of invoking/retrieving a third key part, i.e. emergency key, is initiated and terminated when a the third key part is used, the service/process is terminated.)
Regarding claim 12, the claim recites similar limitations to claim 4, therefore rejected with the same rationale applied to claim 4.
Regarding claim 20, the claim recites similar limitations to claim 4, therefore rejected with the same rationale applied to claim 4.
Regarding claim 7 (Original), Andrews in view of Kajuluri teaches the method of claim 1, further comprising using the emergency key to perform an operation related to a digital service provided by the server (Andrews [0091] Figure 2 and 4).
Regarding claim 15, the claim recites similar limitations to claim 7, therefore rejected with the same rationale applied to claim 7.
Claims 3, 8, 11, 16 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Andrews (US 20170187523 A1), hereinafter Andrews, in view of Kajuluri and Miller (US 9893885 B1), hereinafter Miller.
Regarding claim 3 (Original), Andrews in view of Kajuluri teaches the method of claim 1, further comprising.
Andrews discloses key corruption and the following process in the aforementioned limitation; however, Andrews in view of Kajuluri does not explicitly disclose the below limitation.
Miller discloses subsequent to establishing communications with the server by using the emergency key: receiving a replacement key from the server; and replacing the cryptographic key with the replacement key (Miller Col. 18 line 2-7 “…in process 1302, key provisioning system 1200 is configured to detect a trigger event for updating a key in a computing device. The trigger events can include receiving information that the current key has been compromised (i.e. corrupted), e.g., the key has become known to an unauthorized entity, or a timer or a counter reaching a preset limit, etc.”, Col. 18 line 13-20 “In process 1304, upon receiving the trigger event, key provisioning system 1200 is configured to generate replacement keys, for example, a second private key and a second public key for the asymmetric cryptographic algorithm of the current keys, e.g., RSA. In process 1306, key provisioning system 1200 sends at least the second private key to the computing device with a command for replacing the first key with the second key in the computing device.”, where the second key, i.e. emergency key, is retrieved from a region in the key provisioning system 1200 and replaces the first key in the computing device, as disclosed in Col. 18 line 1-35, where subsequent to the use of the second key, another “replacement” key will replace the replacement key after a pre-set time).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Andrews in view of Kajuluri to incorporate the teaching of Miller to utilize the above feature, with the motivation of securing of the storing, transmitting and accessing the information, and responding to critical events, as recognized by (Miller Abstract and throughout).
Regarding claim 11, the claim recites similar limitations to claim 3, therefore rejected with the same rationale applied to claim 3.
Regarding claim 19, Andrews in view of Kajuluri do not disclose the limitation in claim 19. Claim 19 recites similar limitations to claim 3, therefore rejected with the same rationale and motivation applied to claim 3 with respect to Miller.
Regarding claim 8 (Original), Andrews in view of Kajuluri teaches the method of claim 1.
Andrews discloses key corruption and the following process in the aforementioned limitation; however, Andrews in view of Kajuluri does not explicitly disclose the below limitation.
Miller discloses wherein the first secure storage includes a replay protected memory block (Miller discloses replay protection in Col. 14 line 57-67 and Col. 15 line 1).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Andrews to incorporate the teaching of Miller to utilize the above feature, with the motivation of securing of the storing, transmitting and accessing the information, and responding to critical events, as recognized by (Miller Abstract and throughout).
Regarding claim 16, the claim recites similar limitations to claim 8, therefore rejected with the same rationale applied to claim 8.
Claims 5 and 13 are rejected under 35 U.S.C. 103 as being unpatentable over Andrews (US 20170187523 A1), hereinafter Andrews in view of Kajuluri and Graham (US 20190132308 A1).
Regarding claim 5 (Original), Andrews in view of Kajuluri teaches the method of claim 1, further comprising:
Andrews discloses emergency key as discussed in claim 1. However, Andrews in view of Kajuluri does not explicitly disclose the certificate signing request as discussed in the below limitation. Emphasis in italic.
Graham discloses further comprising: generating, via the emergency key, an emergency certificate signing request; transmitting the emergency certificate signing request to the server; receiving, from the server, a signed emergency certificate; and communicating with the server by using the emergency key and the signed emergency certificate (Graham Figure 8C 858, 865, 866 [0044-0045], where the device 322 transmits certificate signing request CSR, which includes a key, and in return receives a signed CSR, which is eventually used for secure communication).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Andrews in view of Kajuluri to incorporate the teaching of Graham to utilize the above feature, with the motivation of establish secure connection with devices with trust scores and multifactor authentication, as recognized by (Graham Abstract [0002, 0030] and throughout).
Regarding claim 13, the claim recites similar limitations to claim 5, therefore rejected with the same rationale applied to claim 5.
Claims 6 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Andrews (US 20170187523 A1), hereinafter Andrews in view of Kajuluri and Fukasawa (US 20050228986 A1).
Regarding claim 6 (Original), Andrews in view of Kajuluri teaches the method of claim 1.
Andrews in view of Kajuluri does not teach the below limitation.
Fukasawa discloses wherein determining that the cryptographic key is corrupted comprises: determining a first hash value computed from data included in the first secure storage, wherein the data includes the cryptographic key; comparing the first hash value to a second hash value that was previously computed from the data included in the first secure storage; and determining that the first hash value is not equal to the second hash value (Fukasawa Figure 16 S1605-S1609 and [0131-0137] e.g. [0135] “Next, in a step S1607, the key pair generation processing unit 1507 compares the digest value acquired in the step S1606 with the digest value of the private key calculated in the step S1605, thereby detecting whether or not the held data of the private key is damaged.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Andrews in view of Kajuluri to incorporate the teaching of Fukasawa to utilize the above feature, with the motivation of efficiently and without complicated operation by the user detect damaged key and generate a new key, as recognized by (Fukasawa [0010] and throughout).
Regarding claim 14, the claim recites similar limitations to claim 6, therefore rejected with the same rationale applied to claim 6.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BASSAM A NOAMAN whose telephone number is (571)272-2705. The examiner can normally be reached Monday-Friday 8:30 AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A. Shiferaw can be reached at (571) 272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/BASSAM A NOAMAN/Primary Examiner, Art Unit 2497
Prosecution Insights