DETAILED ACTION
This action is in response to the Request for Continued Examination filed on October 20, 2025. Claims 1, 9, and 16 have been amended, no claims have been canceled. Of such, claims 1-20 are pending. Of such, Claims 1-20 represent a method directed to secure provisioning of communication channels.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on October 20, 2025 has been entered.
Response to Arguments
Applicant’s arguments and amendments, see Remarks, filed September 18, 2025 with respect to the rejection(s) of claim(s) 1-20 under 35 USC 103 have been fully considered and are persuasive. Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made in view of Carter, Hawkes, and Zhang.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-9 and 12-20 are rejected under 35 U.S.C. 103 as being unpatentable over Carter et al. (US 20060041750), hereinafter referred to as Carter, in view of Hawkes et al. (US 20230087211), hereinafter referred to as Hawkes.
Regarding Claim 1, Carter discloses:
A method for secure provisioning of a wireless communications channel (In the abstract, Carter discloses “In a communication network, an architecture for supporting secure communication network setup in a wireless local area network (WLAN) is provided”), the method comprising a discovery phase and a provisioning phase, the discovery phase comprising: a first device: receiving a first local physical presence signal (In ¶ 32, Carter discloses “In various embodiments of the invention, activating a hardware button and/or software button may register a client station 104 with an AP 102. This may comprise activating a hardware and/or software enabled button located on an AP 102, and by activating a hardware and/or software enabled button located on a client station 104.”); a second device: receiving a second local physical presence signal (In ¶ 32, Carter discloses “Activation of a hardware and/or software enabled button located on an AP 102, and subsequent activation of a hardware and/or software enabled button located on a client station 104, may result in a registering of the client station 104 with the AP 102.”); generating an asymmetric public-private key pair including a public key and a private key (In ¶ 101, Carter discloses “In step 1222, the DH generator 720 may receive a random number from the network driver 708 to generate a second public key, key 2.” And further discloses “In step 1224, the DH generator 720 may generate a private key from the key 2 and the key 1 in the key 1 message.”); scanning a plurality of channels by transmitting a request to be provisioned signal including the generated public key to receive a ready to provision signal (In ¶ 59, Carter discloses “The client station 204 may scan beacon frames received from one or more collocated devices 208 functioning as either a configurator or an access point…the client station 204 may communicate authentication response information to the collocated device 208 functioning as a configurator, via one or more messages associated with the steps 608, 612, 616, 620 and 624. The client station 204 may communicate the one or more messages, associated with the steps 608, 612, 616, 620 and 624, comprising authentication response information based on authentication enablement information contained in the transmitted beacon frame during a time interval in which the configurator timing window was open.” And in ¶ 88, further discloses “In step 1018, a key 2 message, associated with the step 620, may be transmitted to the collocated device 208 functioning as a configurator.”); the first device: the provisioning phase comprising: one of the second device or the first device: allocating a secure link with the other of the second device or the first device based on the public key (In ¶ 63, Carter discloses “In step 622, the collocated device 208 functioning as a configurator, may communicate a configuration message to the client station 204. The configuration message, associated with the step 622, may comprise configuration information that may be utilized to authenticate a client station 204.” And further discloses “The configuration information communicated in the configuration message, associated with the step 622, may be encrypted based on the configurator key and/or the client key.”); the other of the second device or the first device: allocating the secure link from the one of the second device or the first device based on the public key (In ¶ 63, Carter discloses “In step 622, the collocated device 208 functioning as a configurator, may communicate a configuration message to the client station 204. The configuration message, associated with the step 622, may comprise configuration information that may be utilized to authenticate a client station 204.” And further discloses “The configuration information communicated in the configuration message, associated with the step 622, may be encrypted based on the configurator key and/or the client key.”); and provisioning the one of the second device or the first device (In ¶ 63, Carter discloses “The status message, associated with the step 624, may indicate whether the client station 204 was successfully configured during the packet exchange.”).
However, Carter does not explicitly disclose only if the provisioning signal includes a public key to proceed with provisioning.
Hawkes discloses:
only if the ready to provision signal was received over exactly one of the scanned plurality of channels (In ¶ 35, Hawkes discloses “To perform passive scanning, a STA 104 listens for beacons, which are transmitted by respective APs 102 at a periodic time interval referred to as the target beacon transmission time (TBTT) (measured in time units (TUs) where one TU may be equal to 1024 microseconds (μs)).”), identifying the exactly one channel as the channel and sending the request to be provisioned signal at least once to the first device (In ¶ 34, Hawkes discloses “For example, the beacons can include an identification of a primary channel used by the respective AP 102 as well as a timing synchronization function for establishing or maintaining timing synchronization with the AP 102.” And further discloses in ¶ 130 “At 1202, an interface of the wireless communication device 400 may provide a probe request to an AP. The probe request includes a token, and the token is associated with a service set.”) only if the request to be provisioned signal was received with exactly one public key, proceeding to the provisioning phase (In ¶ 182, Hawkes discloses “In some implementations, each time a STA is to send a token in a probe request, the STA may encrypt the token (such as using a public key).”)
One in ordinary skill in the art of cryptography would have been motivated, before the effective filing date of the claimed invention to modify Carter’s approach by utilizing Hawkes’ approach of ensuring the public key is associated with the request prior to proceeding with the provisioning as the motivation would be the use of a key pair would allow the device to verify the probe request using the private key associated with the public key (see Hawkes ¶ 68).
Regarding Claim 2, the combination of Carter and Hawkes disclose:
The method of Claim 1, further comprising: the first device transmitting the ready to provision signal over the channel (In ¶ 58, Carter discloses “At a time instant when a configurator timing window is opened, a subsequent first beacon message, associated with the step 605, transmitted by the collocated device 208 functioning as a configurator.”).
Regarding Claim 3, the combination of Carter and Hawkes disclose:
The method of Claim 1, wherein the first local physical presence signal and the second local physical presence signal are indicative of a same user’s presence at each of the first device and the second device, respectively (In ¶ 33, Carter discloses “In various embodiments of the invention, in order to provide support for WPA, the passphrase and/or SSID may be generated by an AP 102, and entered at a client station 104, by activating a hardware and/or software enabled button located on an AP 102, and/or located on a client station 104.”)
Regarding Claim 4, the combination of Carter and Hawkes disclose:
The method of Claim 1, wherein the first local physical presence signal and the second local physical presence signal comprise biometric identification information of the user (In ¶ 33, Carter discloses “For example, configuration parameters, such as a passphrase or SSID, may require manual entry by a user at an AP 102 and/or at a client station 104 in some conventional WPA-based WLANs.” And further in ¶ 72 “The input interface 712 may receive signals in response to user input actions, such as, for example, the pressing of a button by a user.”)
Regarding Claim 5, the combination of Carter and Hawkes disclose:
The method of Claim 1, wherein the first device transmits the ready to provision signal in beacons and probe responses for a period of time (In ¶ 55, Carter discloses “In an unconfigured collocated device 208 functioning as a configurator, activation of a button located thereon for a specified time duration may initiate step 602.”)
Regarding Claim 6, the combination of Carter and Hawkes disclose:
The method of Claim 5, wherein the period of time is based on a time for a user to travel from the first device to the second device (In ¶ 56, Carter discloses “The time during which the configurator timing window remains open subsequent to a short button activation may be configured at the collocated device 208 functioning as a configurator.”)
Regarding Claim 7, the combination of Carter and Hawkes disclose:
The method of Claim 5, wherein the period of time is user selectable. (In ¶ 56, Carter discloses “The time during which the configurator timing window remains open subsequent to a short button activation may be configured at the collocated device 208 functioning as a configurator.”)
Regarding Claim 8, the combination of Carter and Hawkes disclose:
The method of Claim 1, wherein a cryptographic algorithm for generating the public-private key pair is a Diffie-Hellman (DH) algorithm (In ¶ 62, Carter discloses “The packet exchange may utilize, but may not be limited to, the Diffie-Hellman (DH) protocol.”)
Regarding Claim 9, Carter discloses:
A method for secure provisioning of a wireless communications channel at an access point, the method comprising receiving a local physical presence signal (In ¶ 32, Carter discloses “In various embodiments of the invention, activating a hardware button and/or software button may register a client station 104 with an AP 102. This may comprise activating a hardware and/or software enabled button located on an AP 102, and by activating a hardware and/or software enabled button located on a client station 104.”); transmitting a ready to provision signal over the channel (In ¶ 58, Carter discloses “At a time instant when a configurator timing window is opened, a subsequent first beacon message, associated with the step 605, transmitted by the collocated device 208 functioning as a configurator.”); and transmitting over the channel provisioning information encrypted with the public key (In ¶ 63, Carter discloses “In step 622, the collocated device 208 functioning as a configurator, may communicate a configuration message to the client station 204. The configuration message, associated with the step 622, may comprise configuration information that may be utilized to authenticate a client station 204.” And further discloses “The configuration information communicated in the configuration message, associated with the step 622, may be encrypted based on the configurator key and/or the client key.”).
However, Carter does not explicitly disclose only if the provisioning signal includes a public key to proceed with provisioning.
Hawkes discloses:
Sending at least once a request to be provisioned signal including a generated public key (In ¶ 130 “At 1202, an interface of the wireless communication device 400 may provide a probe request to an AP. The probe request includes a token, and the token is associated with a service set.”); only if the request to be provisioned signal was received with exactly one public key, allocating a secure link over the channel based on the public key (In ¶ 182, Hawkes discloses “In some implementations, each time a STA is to send a token in a probe request, the STA may encrypt the token (such as using a public key).”)
One in ordinary skill in the art of cryptography would have been motivated, before the effective filing date of the claimed invention to modify Carter’s approach by utilizing Hawkes’ approach of ensuring the public key is associated with the request prior to proceeding with the provisioning as the motivation would be the use of a key pair would allow the device to verify the probe request using the private key associated with the public key (see Hawkes ¶ 68).
Regarding Claim 12, the combination of Carter and Hawkes disclose:
The method of Claim 9, further comprising: refusing to provision if the access point cannot get beacons or probe responses out over the channel or if there is more than a threshold amount of energy on the channel. (In ¶ 84, Carter discloses “If the configurator timing window has been open for a period of time greater than the configured timeout value, step 930 may stop transmitting beacon frames from the collocated device 208 functioning as a configurator, that comprise authentication enablement information. Step 932 may close the configurator timing window and return the LED, for example, at the collocated device 208 functioning as a configurator, to the state that was in effect prior to the most recent button press at the collocated device 208 functioning as a configurator.”)
Regarding Claim 13, the combination of Carter and Hawkes disclose:
The method of Claim 9, wherein the local physical presence signal is generated in response to a press or touch of a at least one of a physical button or a virtual button or screen icon (In ¶ 32, Carter discloses “In various embodiments of the invention, activating a hardware button and/or software button may register a client station 104 with an AP 102. This may comprise activating a hardware and/or software enabled button located on an AP 102, and by activating a hardware and/or software enabled button located on a client station 104.”)
Regarding Claim 14, the combination of Carter and Hawkes disclose:
The method of Claim 9, further comprising: providing a diagnostic indication that the access point is ready to provision, or when provisioning has aborted, failed, or succeeded.(In ¶ 85, Carter discloses “If the LED, for example, at the collocated device 208 functioning as a configurator, is activated to solid green, it may indicate that the collocated device 208 functioning as a configurator, is configured and has configured at least one client station 204.”)
Regarding Claim 15, the combination of Carter and Hawkes disclose:
The method of Claim 14, wherein the provided diagnostic indication is local to the access point (In ¶ 85, Carter discloses “If the LED, for example, at the collocated device 208 functioning as a configurator, is activated to solid green, it may indicate that the collocated device 208 functioning as a configurator, is configured and has configured at least one client station 204.”)
Regarding Claim 16, Carter discloses:
A method for secure provisioning of a wireless communications channel at a station, the method comprising: receiving a local physical presence signal (In ¶ 32, Carter discloses “Activation of a hardware and/or software enabled button located on an AP 102, and subsequent activation of a hardware and/or software enabled button located on a client station 104, may result in a registering of the client station 104 with the AP 102.”); generating an asymmetric public-private key pair including a public key and a private key (In ¶ 101, Carter discloses “In step 1222, the DH generator 720 may receive a random number from the network driver 708 to generate a second public key, key 2.” And further discloses “In step 1224, the DH generator 720 may generate a private key from the key 2 and the key 1 in the key 1 message.”); scanning a plurality of channels by transmitting a request to be provisioned signal including the generated public key to receive a ready to provision signal (In ¶ 59, Carter discloses “the client station 204 may communicate authentication response information to the collocated device 208 functioning as a configurator, via one or more messages associated with the steps 608, 612, 616, 620 and 624. The client station 204 may communicate the one or more messages, associated with the steps 608, 612, 616, 620 and 624, comprising authentication response information based on authentication enablement information contained in the transmitted beacon frame during a time interval in which the configurator timing window was open.” And in ¶ 88, further discloses “In step 1018, a key 2 message, associated with the step 620, may be transmitted to the collocated device 208 functioning as a configurator.”); allocating a secure link over the channel based on the public key; receiving over the channel provisioning information encrypted with the public key (In ¶ 63, Carter discloses “In step 622, the collocated device 208 functioning as a configurator, may communicate a configuration message to the client station 204. The configuration message, associated with the step 622, may comprise configuration information that may be utilized to authenticate a client station 204.” And further discloses “The configuration information communicated in the configuration message, associated with the step 622, may be encrypted based on the configurator key and/or the client key.”).
However, Carter does not explicitly disclose only if the provisioning signal includes a public key to proceed with provisioning.
Hsiao discloses:
only if the ready to provision signal was received with no more than said another public key over exactly one of the scanned plurality of channels (In ¶ 35, Hawkes discloses “To perform passive scanning, a STA 104 listens for beacons, which are transmitted by respective APs 102 at a periodic time interval referred to as the target beacon transmission time (TBTT) (measured in time units (TUs) where one TU may be equal to 1024 microseconds (μs)).”), identifying the exactly one channel as the channel and sending the request to be provisioned signal at least once (In ¶ 34, Hawkes discloses “For example, the beacons can include an identification of a primary channel used by the respective AP 102 as well as a timing synchronization function for establishing or maintaining timing synchronization with the AP 102.” And further discloses in ¶ 130 “At 1202, an interface of the wireless communication device 400 may provide a probe request to an AP. The probe request includes a token, and the token is associated with a service set.”)
One in ordinary skill in the art of cryptography would have been motivated, before the effective filing date of the claimed invention to modify Carter’s approach by utilizing Hawkes’ approach of ensuring the public key is associated with the request prior to proceeding with the provisioning as the motivation would be the use of a key pair would allow the device to verify the probe request using the private key associated with the public key (see Hawkes ¶ 68).
Regarding Claim 17, the combination of Carter and Hawkes disclose:
The method of Claim 16, further comprising: sending a plurality of probe request signals (In ¶ 59, Carter discloses “Subsequent to the opening of the client timing window, the client station 204 may communicate authentication response information to the collocated device 208 functioning as a configurator, via one or more messages associated with the steps 608, 612, 616, 620 and 624.”)
Regarding Claim 18, the combination of Carter and Hawkes disclose:
The method of Claim 16, further comprising: if the station cannot get probe requests onto a channel or detects energy greater than a threshold but no signal immediately following a probe request, signaling an alert; providing a local diagnostic indication when provisioning has aborted, failed, or succeeded (In ¶ 82, Carter discloses “If the value of the counter open_window is greater than N, step 834 may generate an error indication. The error indication generated in step 834 may be displayed in a user interface at the client station 204.”)
Regarding Claim 19, the combination of Carter and Hawkes disclose:
The method of Claim 16, wherein the ready to provision signal includes another public key, wherein at least one of any ad hoc public key exchange mechanism or a Diffie-Hellman (DH) algorithm may be used (In ¶ 62, Carter discloses “The packet exchange may utilize, but may not be limited to, the Diffie-Hellman (DH) protocol.”)
Regarding Claim 20, the combination of Carter and Hawkes disclose:
The method of Claim 16, wherein the local physical presence signal is responsive to a button comprising at least one of a physical button, a virtual button or a touch-screen icon In ¶ 32, Carter discloses “In various embodiments of the invention, activating a hardware button and/or software button may register a client station 104 with an AP 102. This may comprise activating a hardware and/or software enabled button located on an AP 102, and by activating a hardware and/or software enabled button located on a client station 104.”)
Claims 10-11 are rejected under 35 U.S.C. 103 as being unpatentable over Carter et al. (US 20060041750), hereinafter referred to as Carter, hereinafter referred to as Carter, in view of Hawkes et al. (US 20230087211), hereinafter referred to as Hawkes, in further view of Zhang et al. (US 20210219315), hereinafter referred to as Zhang.
Regarding Claim 10, Carter and Hawkes discloses:
The method of Claim 9 wherein: transmitting a ready to provision signal includes transmitting a public key of the access point (In ¶ 62, Carter discloses “In step 618, the collocated device 208 functioning as a configurator, may communicate a key 1 message to the client station 204.”);
However, Carter does not explicitly disclose the advertising on multiple frequencies.
Zhang discloses:
the access point comprises a multi-channel access point, the method further comprising: advertising a list of center frequencies on which the multi-channel access point is ready to provision (In ¶ 55, Zhang discloses “In various embodiments, multiple different frequency bands within the RF spectrum are employed for signal transmissions within the WLAN 110.”)
One in ordinary skill in the art of cryptography would have been motivated, before the effective filing date of the claimed invention to modify Carter’s approach by utilizing Zhang’s approach of multiple channels and MAC addresses as the motivation would be to ensure a higher transmission of data to stations to allow for increased throughput of the WLAN improving capacity of the channels (see Zhang ¶ 96).
Regarding Claim 11, the combination of Carter, Hawkes and Zhang disclose:
The method of Claim 10 wherein the multi-channel access point has a plurality of media access control (MAC) addresses corresponding to the plurality of channels, the method further comprising: advertising a list of MAC addresses corresponding to the list of center frequencies, respectively (In ¶ 5, Zhang discloses “In an embodiment, a method for duplex communication in a wireless local area network (WLAN) includes: generating, at an access point (AP) of the WLAN, a plurality of first media access control (MAC) data units intended for a plurality of client stations of the WLAN”)
One in ordinary skill in the art of cryptography would have been motivated, before the effective filing date of the claimed invention to modify Carter’s approach by utilizing Zhang’s approach of multiple channels and MAC addresses as the motivation would be to ensure a higher transmission of data to stations to allow for increased throughput of the WLAN improving capacity of the channels (see Zhang ¶ 96).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Fang et al. (US 20190191301) discloses a method for secure provisioning and association with an access point.
Ho et al. (US 12526624) discloses facilitating mobility of wireless communication devices configured for multi-link operation (MLO)
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHADI H KOBROSLI whose telephone number is (571)272-1952. The examiner can normally be reached M-F 9am-5pm ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Rupal Dharia can be reached at 571-272-3880. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SHADI H KOBROSLI/Examiner, Art Unit 2492
/RUPAL DHARIA/Supervisory Patent Examiner, Art Unit 2492