Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
EXAMINER’S NOTE: The claims have been reviewed and considered under the new guidance pursuant to the 2019 Revised Patent Subject Matter Eligibility Guidance (PEG 2019) issued January 7, 2019.
This communication is in response to Applicant’s Amendment filed on 24 September 2025. Claims 3-4, 6-7, 10-11, 13-14, 17-18, and 20-21 have been previously cancelled. Claims 1, 8, and 15 have been amended. Claims 1-2, 5, 8-9, 12, 15-16, and 19 remain pending.
Response to Arguments
Applicant's arguments, see pages 5-7, filed on 24 September 2025, with respect to the rejection of claims 1-2, 5, 8-9, 12, 15-16, and 19 in view of Chhabra et al. and Kida et al. have been fully considered but they are not persuasive.
In light of the previous 101 rejection, the Applicant amended claims 1, 8, and 15, however, the claims are still directed towards an abstract idea without significantly more being performed, therefore, the rejection will be maintained.
In light of the previous 101 rejection, the Applicant failed to amend claims 15-16, therefore, the rejection will be maintained.
In light of the Applicant’s arguments for claims 1, 8, and 15, the Applicant traverses that the prior art, Chhabra et al. in view of Kida et al. fail to disclose – “prefetch encrypted graphics workload data for the compute processor comprising one or more processing resources to execute a compute process, decrypt the encrypted graphics workload data and allow the decrypted data to be accessible to the compute processor, and perform one or more attestation operations to establish a shared secret key with an initiator device”.
The Examiner respectfully disagrees and asserts that according to the Applicant’s specification paragraph 0030, graphics workload data is synonymous to compute data which are instructions that are executed by a processing device used with a system on a chip and in paragraph 0044, the prefetch graphics workload data operating in tandem with a compute processor is defined as encrypted data that is prefetched in 128-bit increments wherein a portion of data is prefetched and decrypted in portions used for the next thread.
Therefore, the Chhabra et al. reference teaches this feature prefetching encrypted compute data (corresponding to graphics workload data) for the compute processor by a computing device, item 120 for a compute processor, item 112 comprising one or more processing resources to execute the compute process via a TDRM and a cryptographic unit, item 405 is used to encrypt the data and decrypting the compute data and allow the decrypted data to be accessible to the compute processor by utilizing the MK-TME engine by loading the decrypted compute data into the local computer readable memory (main memory, item 114) as disclosed in paragraphs 43, 45, 48, and 65. Chhabra et al. discloses in paragraphs 67, 71, and 81, encrypted and decrypted compute data is pre-fetched in 128-bit increments using a shared key to cryptographically protect the addresses on the memory address bus.
Chhabra et al. further discloses in paragraphs 89-90, the cryptographic processor operating in tandem with a processor, wherein a cryptographic engine, MK-TME (MEE), item 145 performs encryption using the encryption seed for counter mode encryption associated with each portion of data written to the main memory. Each time data is written to the main memory, the encryption seed is different and the data will be uniquely encrypted, when two data portions are the same data, each of the two data portions are uniquely encrypted when they are written to the main memory. The series of numbers generated using the encryption seed can be a series of pseudo random numbers used to encrypt or decrypt data as an input to an iterative function for encryption and decryption that iterates through the temporally and spatially unique parameters to different CLs.
Kida et al. discloses protecting data transferred between secure applications and networked devices. Kida et al. teaches in paragraphs 181 and 218-222 performing one or more attestation operations wherein a security protocol and data model (SPDM) protocol is used to establish a shared secret key between the cryptographic processing engine and the trusted execution environment (TEE) with an initiator device disclosed as a CPU processor.
Kida et al. further discloses in paragraphs 224-232, other attestation operations being performed to establish a shared secret key with a CPU processor wherein the encrypted data using the shared secret key and integrity protected.
Therefore, the rejection of claims 1-2, 5, 8-9, 12, 15-16, and 19 will be maintained in view of the reasons above and below.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1, 8, and 15 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. Claims 1, 8, and 15 recites the steps of prefetching, decrypting, and performing in which prefetching is mere data gathering and decrypting could reasonably be categorized as mental step/mathematical formula. The This judicial exception is not integrated into a practical application because the step of prefetching encrypted data is mere data gathering, the step of decrypting the data, and performing operations are categorized as mental step/mathematical formula that amounts to generic computer functionality. The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because as discussed above, the steps amount to no more than instructions to apply which cannot provide an inventive concept. Claims recite various circuitry performing the steps which is well known and generic computer that merely requires prefetching, decrypting, and performing. The claim does not impose any limits on how the data is output or require any particular components.
Dependent claims 2, 5, 9, 12, 16, and 19 are rejected under 35 USC 101, because they do not integrate the abstract idea into a practical application and they do not cure the deficiencies of independent claims 1, 8, and 15.
Claim 15 is rejected under 35 U.S.C. 101 because the claims recite “a computer-readable medium”. The computer-readable medium defined within the Applicant’s specification in paragraph 0011 and 0050 can be either transitory or non-transitory and although hardware is disclosed as a (CD, DVD, magnetic tape, flash drive, hard drive) the hardware embodies signal-bearing media which does not exclude signals nor the claim language limits the interpretation of the medium to just hardware/non-signal embodiments.
Furthermore, in light of the board's decision precedential ruling that a computer-readable storage medium is not statutory subject matter, please look at Ex parte Mewherter, Appeal No. 2012-007692.
Therefore, in order to overcome the 101 rejection, the Examiner suggest the following options to the Applicant: Replace computer-readable medium with non-transitory computer-readable medium or computer-readable device.
Dependent claim 16 is rejected under 35 USC 101, because the claim does not cure the deficiencies of independent claim 15.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Applicant has provided a submission in this file that the claimed invention and the subject matter disclosed in the prior art reference were owned by, or subject to an obligation of assignment to, the same entity as Intel Corporation not later than the effective filing date of the claimed invention, or the subject matter disclosed in the prior art reference was developed and the claimed invention was made by, or on behalf of one or more parties to a joint research agreement not later than the effective filing date of the claimed invention. However, although subject matter disclosed in the references Chhabra et al. (Pub No. 2022/0207194) and Kida et al. (Pub No. 2022/0103536) of has been excepted as prior art under 35 U.S.C. 102(a)(2), it is still applicable as prior art under 35 U.S.C. 102(a)(1) that cannot be excepted under 35 U.S.C. 102(b)(2)(C).
Applicant may overcome this rejection under 35 U.S.C. 102(a)(1) by a showing under 37 CFR 1.130(a) that the subject matter disclosed in the reference was obtained directly or indirectly from the inventor or a joint inventor of this application, and is therefore, not prior art as set forth in 35 U.S.C. 102(b)(1)(A). Alternatively, applicant may rely on the exception under 35 U.S.C. 102(b)(1)(B) by providing evidence of a prior public disclosure via an affidavit or declaration under 37 CFR 1.130(b).
Claims 1-2, 5, 8-9, 12, 15-16, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Chhabra et al. (Pub No. 2022/0207194) in view of Kida et al. (Pub No. 2022/0103536).
Referring to the rejection of claim 1, Chhabra et al. discloses an apparatus comprising:
processing circuitry coupled with a memory, the processing circuitry having a cryptographic processor operating in tandem with a compute processor, the processing circuitry to: (See Chhabra et al., para. 37, 54 and 89-90, i.e., a compute processor, item 112, comprising one or more processing resources to execute a compute process via a TDRM coupled with a main memory, item 114, wherein a cryptographic engine, MK-TME (MEE), item 145 performs encryption using the encryption seed for counter mode encryption associated with each portion of data written to the main memory. Each time data is written to the main memory, the encryption seed is different and the data will be uniquely encrypted, when two data portions are the same data, each of the two data portions are uniquely encrypted when they are written to the main memory. The series of numbers generated using the encryption seed can be a series of pseudo random numbers used to encrypt or decrypt data as an input to an iterative function for encryption and decryption that iterates through the temporally and spatially unique parameters to different CLs)
*According to the Applicant’s specification, paragraph 0044, the prefetch graphics workload data operating in tandem with a compute processor is defined as encrypted data that is prefetched in 128-bit increments wherein a portion of data is prefetched and decrypted in portions used for the next thread.
prefetch encrypted graphics workload data (corresponding to instructions/compute data) for the compute processor comprising one or more processing resources to execute a compute process; (See Chhabra et al., para. 43, 48, and 65, i.e., prefetching encrypted compute data for the compute processor by a computing device, item 120 for a compute processor, item 112 comprising one or more processing resources to execute the compute process via a TDRM and a cryptographic unit, item 405 is used to encrypt the data, para. 43-46, encrypted TD pages)
*According to the Applicant’s specification paragraph 0030, graphics workload data is synonymous to compute data which are instructions that are executed by a processing device used with a system on a chip.
decrypt the encrypted graphics workload data (corresponding to instructions/compute data) and allow the decrypted data to be accessible to the compute processor. (See Chhabra et al., para. 43, 45, and 48, i.e., decrypt the compute data and allow the decrypted data to be accessible to the compute processor by utilizing the MK-TME engine by loading the decrypted compute data into the local computer readable memory (main memory, item 114, para. 43-46, decoding the instructions)
However, Chhabra et al. fails to explicitly disclose perform one or more attestation operations to establish a shared secret key with an initiator device.
Kida et al. discloses a data processing apparatus for protecting data transfer between a secure application and networked devices.
Kida et al. discloses and perform one or more attestation operations to establish a shared secret key with an initiator device. (See Kida et al., para. 181 and 220-222, i.e., performing one or more attestation operations wherein a security protocol and data model (SPDM) protocol is used to establish a shared secret key between the cryptographic processing engine and the trusted execution environment (TEE) with an initiator device disclosed as a CPU processor. Kida et al. further discloses other attestation operations being performed to establish a shared secret key with a CPU processor as shown in para. 224-232)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date the claimed invention was made to combine Chhabra et al.’s memory address bus protection for increased resilience against hardware replay attacks and memory access pattern leakage modified with Kida et al.’s data processing apparatus for protecting data transfer between a secure application and networked devices. Motivation for such implementation would enable a security protocol and data model (SPDM) protocol to establish a shared secret key between a cryptographic processing engine and the trusted execution environment of the initiator device (CPU processor). (See Kida et al., para. 181)
Referring to the rejection of claim 2, (Chhabra et al. modified by Kida et al.) discloses further comprising: wherein the memory comprises a computer-readable memory associated with a communication path between the initiator device and the apparatus, wherein the compute processor is coupled to or hosted by the processing circuitry. (See Chhabra et al., para. 37, 51, 54, i.e., wherein the memory, item 114, comprises a computer-readable memory associated with a communication path between the compute processor, item 112 and the cryptographic processor, item 405, wherein the compute processor, item 112 is coupled to the processing device bus)
Referring to the rejection of claim 5, (Chhabra et al. modified by Kida et al.) discloses wherein the encrypted compute data is prefetched in 128-bit increments and wherein the decrypted compute data is prefetched in 128-bit increments. (See Chhabra et al., para. 67, 71, and 81, i.e., encrypted and decrypted compute data is pre-fetched in 128-bit increments)
Referring to the rejection of claim 8, (Chhabra et al. modified by Kida et al.) discloses a method comprising:
prefetching, by processing circuitry of a computing device, encrypted graphics workload data (corresponding to instructions/compute data) for a compute processor comprising one or more processing resources to execute a compute process, (See Chhabra et al., para. 43, 48, and 65, i.e., prefetching encrypted compute data for the compute processor by a computing device, item 120 for a compute processor, item 112 comprising one or more processing resources to execute the compute process via a TDRM and a cryptographic unit, item 405 is used to encrypt the data)
*According to the Applicant’s specification paragraph 0030, graphics workload data is synonymous to compute data which are instructions that are executed by a processing device used with a system on a chip.
the processing circuitry having a cryptographic processor operating in tandem with the compute processor; (See Chhabra et al., para. 37, 54 and 89-90, i.e., a compute processor, item 112, comprising one or more processing resources to execute a compute process via a TDRM coupled with a main memory, item 114, wherein a cryptographic engine, MK-TME (MEE), item 145 performs encryption using the encryption seed for counter mode encryption associated with each portion of data written to the main memory. Each time data is written to the main memory, the encryption seed is different and the data will be uniquely encrypted, when two data portions are the same data, each of the two data portions are uniquely encrypted when they are written to the main memory. The series of numbers generated using the encryption seed can be a series of pseudo random numbers used to encrypt or decrypt data as an input to an iterative function for encryption and decryption that iterates through the temporally and spatially unique parameters to different CLs)
*According to the Applicant’s specification, paragraph 0044, the prefetch graphics workload data operating in tandem with a compute processor is defined as encrypted data that is prefetched in 128-bit increments wherein a portion of data is prefetched and decrypted in portions used for the next thread.
decrypting the encrypted graphics workload data (corresponding to instructions/compute data) and allowing the decrypted data to be accessible to the compute processor. (See Chhabra et al., para. 43, 45, and 48, i.e., decrypt the compute data and allow the decrypted data to be accessible to the compute processor by utilizing the MK-TME engine by loading the decrypted compute data into the local computer readable memory (main memory, item 114)
However, Chhabra et al. fails to explicitly disclose performing one or more attestation operations to establish a shared secret key with an initiator device.
Kida et al. discloses a data processing apparatus for protecting data transfer between a secure application and networked devices.
Kida et al. discloses and performing one or more attestation operations to establish a shared secret key with an initiator device. (See Kida et al., para. 181 and 220-222, i.e., performing one or more attestation operations wherein a security protocol and data model (SPDM) protocol is used to establish a shared secret key between the cryptographic processing engine and the trusted execution environment (TEE) with an initiator device disclosed as a CPU processor. Kida et al. further discloses other attestation operations being performed to establish a shared secret key with a CPU processor as shown in para. 224-232)
The rationale for combining Chhabra et al. in view of Kida et al. is the same as claim 1.
Referring to the rejection of claim 9, (Chhabra et al. modified by Kida et al.) discloses further comprising: wherein the memory comprises a computer-readable memory associated with a communication path between the initiator device and the computing device, wherein the compute processor is coupled to or hosted by one or more processors of the computing device. (See Chhabra et al., para. 37, 51, 54, i.e., wherein the memory, item 114, comprises a computer-readable memory associated with a communication path between the compute processor, item 112 and the cryptographic processor, item 405, wherein the compute processor, item 112 is coupled to the processing device bus)
Referring to the rejection of claim 12, (Chhabra et al. modified by Kida et al.) discloses wherein the encrypted compute data is prefetched in 128-bit increments and wherein the decrypted compute data is prefetched in 128-bit increments. (See Chhabra et al., para. 67, 71, and 81, i.e., encrypted and decrypted compute data is pre-fetched in 128-bit increments)
Referring to the rejection of claim 15, (Chhabra et al. modified by Kida et al.) discloses at least one computer-readable medium having stored thereon instructions, when executed, cause a computing device to perform operations comprising: (See Chhabra et al., para. 186, i.e., non-transitory computer-readable storage media)
prefetching, via processing circuitry of the computing device, encrypted graphics workload data (corresponding to instructions/compute data) for a compute processor comprising one or more processing resources to execute a compute process; (See Chhabra et al., para. 43, 48, and 65, i.e., prefetching encrypted compute data for the compute processor by a computing device, item 120 for a compute processor, item 112 comprising one or more processing resources to execute the compute process via a TDRM and a cryptographic unit, item 405 is used to encrypt the data, para. 43-46, encrypted TD pages)
*According to the Applicant’s specification paragraph 0030, graphics workload data is synonymous to compute data which are instructions that are executed by a processing device used with a system on a chip.
the processing circuitry having a cryptographic processor operating in tandem with the compute processor; (See Chhabra et al., para. 37, 54 and 89-90, i.e., a compute processor, item 112, comprising one or more processing resources to execute a compute process via a TDRM coupled with a main memory, item 114, wherein a cryptographic engine, MK-TME (MEE), item 145 performs encryption using the encryption seed for counter mode encryption associated with each portion of data written to the main memory. Each time data is written to the main memory, the encryption seed is different and the data will be uniquely encrypted, when two data portions are the same data, each of the two data portions are uniquely encrypted when they are written to the main memory. The series of numbers generated using the encryption seed can be a series of pseudo random numbers used to encrypt or decrypt data as an input to an iterative function for encryption and decryption that iterates through the temporally and spatially unique parameters to different CLs)
*According to the Applicant’s specification, paragraph 0044, the prefetch graphics workload data operating in tandem with a compute processor is defined as encrypted data that is prefetched in 128-bit increments wherein a portion of data is prefetched and decrypted in portions used for the next thread.
decrypting the encrypted graphics workload data (corresponding to instructions/compute data) and allowing the decrypted data to be accessible to the compute processor. (See Chhabra et al., para. 43, 45, and 48, i.e., decrypt the compute data and allow the decrypted data to be accessible to the compute processor by utilizing the MK-TME engine by loading the decrypted compute data into the local computer readable memory (main memory, item 114, para. 43-46, decoding instructions)
However, Chhabra et al. fails to explicitly disclose performing one or more attestation operations to establish a shared secret key with an initiator device.
Kida et al. discloses a data processing apparatus for protecting data transfer between a secure application and networked devices.
Kida et al. discloses and performing one or more attestation operations to establish a shared secret key with an initiator device. (See Kida et al., para. 181 and 220-222, i.e., performing one or more attestation operations wherein a security protocol and data model (SPDM) protocol is used to establish a shared secret key between the cryptographic processing engine and the trusted execution environment (TEE) with an initiator device disclosed as a CPU processor. Kida et al. further discloses other attestation operations being performed to establish a shared secret key with a CPU processor as shown in para. 224-232)
The rationale for combining Chhabra et al. in view of Kida et al. is the same as claim 1.
Referring to the rejection of claim 16, (Chhabra et al. modified by Kida et al.) discloses wherein the operations further comprising: wherein the memory comprises a computer-readable memory associated with a communication path between the initiator device and the computing device, wherein the compute processor is coupled to or hosted by one or more processors of the computing device. (See Chhabra et al., para. 37, 51, 54, i.e., wherein the memory, item 114, comprises a computer-readable memory associated with a communication path between the compute processor, item 112 and the cryptographic processor, item 405, wherein the compute processor, item 112 is coupled to the processing device bus)
Referring to the rejection of claim 19, (Chhabra et al. modified by Kida et al.) discloses wherein the encrypted compute data is prefetched in 128-bit increments and wherein the decrypted compute data is prefetched in 128-bit increments. (See Chhabra et al., para. 67, 71, and 81, i.e., encrypted and decrypted compute data is pre-fetched in 128-bit increments)
Conclusion
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to COURTNEY D FIELDS whose telephone number is (571)272-3871. The examiner can normally be reached IFP M-F 8am-4:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, SHEWAYE GELAGAY can be reached at (571)272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/COURTNEY D FIELDS/Examiner, Art Unit 2436 December 26, 2025
/SHEWAYE GELAGAY/Supervisory Patent Examiner, Art Unit 2436
Prosecution Insights