DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Amendment
The amendments filed on October 31, 2025 have been entered.
Claims 1, 6-8, 12, and 17-19 have been amended.
Claims 2, 5, 13, and 16 have been canceled.
Response to Arguments
Applicant's arguments filed on October 31, 2025, have been fully considered but they are not persuasive.
Applicant argued that “Kuang does not disclose the element of "wherein each of a length of the input bit stream and a length of the output bit stream of the one-way function is N (N being a natural number), each of a length of the first intermediate bit stream and a length of the second intermediate bit stream is M (M being a natural number), where M is a multiple of N, and a length of a divided bit stream input to the S-box is L (L being a natural number), where L is a factor of M, wherein the augmented matrix comprises a binary matrix having a size of MxN, and the reduced matrix comprises a binary matrix having a size of NxM" of claim 1 in the present application. None of the other cited references cures the deficiencies of Kuang.”
The Examiner respectfully disagrees.
In interpreted the elements of “wherein each of a length of the input bit stream and a length of the output bit stream of the one-way function is N (N being a natural number), each of a length of the first intermediate bit stream and a length of the second intermediate bit stream is M (M being a natural number), where M is a multiple of N, and a length of a divided bit stream input to the S-box is L (L being a natural number), where L is a factor of M, wherein the augmented matrix comprises a binary matrix having a size of MxN, and the reduced matrix comprises a binary matrix having a size of NxM" of claim 1, the Examiner has reasonably interpreted the N x M matrix to be a square matrix, and this is valid in math when N = M. The claim language doesn’t distinguish between N and M.
In addition, regarding “where M is a multiple of N” the Examiner notes that every integer is a multiple of itself. Also, regarding “a length of a divided bit stream input to the S-box is L (L being a natural number), where L is a factor of M,” when a bit stream of length “M” (i.e., the first intermediate bit stream) is divided into a predetermined number of bit streams each of length “L” is reasonably interpreted as “where L is a factor of M” meaning that “L” divides M.
PNG
media_image1.png
1
1
media_image1.png
Greyscale
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
Claims 1, 3, 7-12, 14, 18-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Kuang et al. (Pub. No. US 2022/0224509), hereinafter Kuang.
Claim 1. Kuang discloses a calculating method using a zero-knowledge proof-friendly one-way function, performed by a computing device, the calculating method comprising:
calculating a first intermediate bit stream by inputting an input bit stream of a one-way function to an augmented matrix (See Parag. [0062] and Fig. 11; the entropy expander 37 takes the conventional AES keys 75 (e.g., AES round keys) as its N-bit input data words (input bit stream) … producing N-bit output data words based on selecting the k.sup.th permutation element in a set of M permutation elements (e.g., switch fabrics or permutation matrices). The N-bit output data words (first intermediate bit stream) are thus the modified AES keys 73 (e.g., modified AES round keys) provided to the AES encryption block 72. See Parag. [0083]; The g function consists of three stages: an S-Box transformation, a permutation, and an exclusive-or);
calculating a second intermediate bit stream by dividing the first intermediate bit stream into a predetermined number of bit streams and inputting each of the predetermined number of divided bit streams to a substitution-box (S-box) (See Parag. [0076]; the four sub-operations of AES are AddRoundKey, SubBytes, ShiftRows, and MixColumns … See Parag. [0078] and Fig. 11; The SubBytes phase of AES involves splitting the input (i.e., The N-bit output data words (first intermediate bit stream)) provided to the AES encryption block 72) into bytes (second intermediate bit stream) and passing each through a Substitution Box or S-Box); and
outputting an output bit stream of the one-way function by inputting the second intermediate bit stream to a reduced matrix (See Parag. [0076]; the four sub-operations of AES are AddRoundKey, SubBytes, ShiftRows, and MixColumns … See Parag. [0079]; In the ShiftRows phase of AES, each row of the 128-bit internal state of the cipher is shifted. The rows in this stage refer to the standard representation of the internal state in AES, which is a 4×4 matrix where each cell contains a byte. Bytes of the internal state are placed in the matrix across rows from left to right and down columns. See Parag. [0061]; the AES encryption block 72 is used to encrypt plaintext 77 (such as data that the sender device 12 wishes to transmit) into ciphertext 78 (output bit stream) using a set of AES keys (e.g., AES round keys). See also Parag. [0081]),
wherein each of a length of the input bit stream and a length of the output bit stream of the one-way function is N (N being a natural number), each of a length of the first intermediate bit stream and a length of the second intermediate bit stream is M (M being a natural number), where M is a multiple of N, and a length of a divided bit stream input to the S-box is L (L being a natural number), where L is a factor of M (See Parag. [0036]; the entropy expansion process may be conceptually described in the form of an entropy expander 37 acting on a stream of N-bit input data words m0, m1, . . . , to produce a stream of N-bit output data words e0, e1, . . . N can take on any integer value greater than 1. See also Parag. [0101]; the AES algorithm takes in blocks of bits (e.g., 128, 256, . . . ) and applies a sequence of substitutions and permutations. The substitutions employ an “S-box”, an invertible nonlinear transformation that works on 8 bits at a time, i.e., if carries out byte substitution. Examiner’s note: N is a multiple of N in N x 1 = N), and
wherein the augmented matrix comprises a binary matrix having a size of MxN, and the reduced matrix comprises a binary matrix having a size of NxM (See Parag. [0062] producing N-bit output data words based on selecting the k.sup.th permutation element in a set of M permutation elements (e.g., switch fabrics or permutation matrices). See Parag. [0079]; In the ShiftRows phase of AES, each row of the 128-bit internal state of the cipher is shifted. The rows in this stage refer to the standard representation of the internal state in AES, which is a 4×4 matrix where each cell contains a byte. Bytes of the internal state are placed in the matrix across rows from left to right and down columns… See also Parag. [0049] [0081]).
Claim 3. Kuang discloses the calculating method of claim 1,
Kuang further discloses wherein the S-box includes K number of sub S-boxes (K being a natural number greater than or equal to 1), and the calculating the second intermediate bit stream includes: dividing the first intermediate bit stream into K number of bit streams; and inputting each of the K number of divided bit streams to each of the K number of sub S-boxes (See Parag. [0104]; if a block is sixteen consecutive 8-bit input words, k may remain constant for sixteen consecutive 8-bit input words. The next set of 8-bit input words uses another S-box selected with the next value of k, and so on).
Claim 7. Kuang discloses the calculating method of claim 1,
Kuang discloses the method further comprising generating the reduced matrix, wherein the generating the reduced matrix includes: configuring a first row and/or a first column of the reduced matrix based on a random value; and forming remaining rows or remaining columns of the reduced matrix through a circular shift for the first row and/or the first column (See Parag. [0079; In the ShiftRows phase of AES, each row of the 128-bit internal state of the cipher is shifted. The rows in this stage refer to the standard representation of the internal state in AES, which is a 4×4 matrix where each cell contains a byte. Bytes of the internal state are placed in the matrix across rows from left to right and down columns… See also Parag. [0081]).
Claim 8. Kuang discloses the calculating method of claim 1,
Kuang discloses the method further comprising configuring entire rows and/or entire columns of the augmented matrix and entire rows and/or entire columns of the reduced matrix based on random values (See Parag. [0107]; an entropy expander 37 used to enhance entropy of a system PRNG 80 that supplies a stream of N-bit pseudo-random numbers y0, y1, . . . , resulting in a stream of N-bit pseudo-random numbers z0, z1, . . . . Details of the system show a randomizer 39 that produces a randomized value k between 0 and M−1, where M>1. The randomizer 39 may include a PRNG 41 and may include a mapper 42, as has already been described. A switching core 51 may be configured to convert an N-bit input data word y0, y1, . . . , into a 2.sup.N-element sparse input bit array and to process the 2.sup.N-element sparse input bit array with the k.sup.th of M permutation elements to produce an 2.sup.N-element sparse output bit array … See also Parag. [0108]).
Claim 9. Kuang discloses the calculating method of claim 1,
Kuang further discloses wherein the one-way function is configured as a single round (See Parag. [0082]; The AES Key Schedule is used to produce a set number of round keys from the initial key. In AES, the initial key is used in the initial round of AES as input to the AddRoundKey operation. From this key, 10, 12, or 14 round keys are produced as input to the other AddRoundKey operations in the 128, 192, and 256-bit versions of AES. Each word (32 bytes) of the previous round key is exclusive-ored with some value to produce the corresponding word of the current round key. In the case of words 1-3, the value used in the exclusive-or is the previous word (words 0-2) of the previous round key. For the first word of the round key, the value used in the exclusive-or is the result of passing the last word of the previous round key through the g function. See also Parag. [0083-0084]).
Claim 10. Kuang discloses the calculating method of claim 1,
Kuang discloses the method further comprising performing a zero- knowledge proof-based digital signature by using the input bit stream and the output bit stream of the one-way function (See Parag. [0057]; entropy expander can be the one implemented by the sender device 12 or the recipient device 13. At step 1010, an N-bit input data word is received. At step 1020, a value of k is generated, e.g., based on the secret S ... See Parag. [0033]; the sender device 12 and the recipient device 13 are each configured to store a secret S in their respective memories 15, 21. The secret S may be a data element 27 encoded using a plurality of bits 28 or other digital symbols (e.g., hexadecimal characters). The same secret S is known to both the sender device 12 and the recipient device 13).
Claim 11. Kuang discloses the calculating method of claim 10,
Kuang discloses the method wherein the performing the zero- knowledge proof-based digital signature includes: setting the input bit stream and the output bit stream as a secret key and a public key of a digital signature, respectively; and generating signature data for the digital signature by inputting the secret key and the public key to a proof function for a zero-knowledge proof (See Parag. [0057]; entropy expander can be the one implemented by the sender device 12 or the recipient device 13. At step 1010, an N-bit input data word is received. At step 1020, a value of k is generated, e.g., based on the secret S ... See Parag. [0033]; the sender device 12 and the recipient device 13 are each configured to store a secret S in their respective memories 15, 21. The secret S may be a data element 27 encoded using a plurality of bits 28 or other digital symbols (e.g., hexadecimal characters). The same secret S is known to both the sender device 12 and the recipient device 13).
Claim 12. Kuang discloses a computing device comprising:
one or more processors; and a storage configured to store a computer program executable by the one or more processors (See Fig. 1), wherein the computer program comprises:
first calculation code configured to cause the one or more processors to calculate a first intermediate bit stream by inputting an input bit stream of a one-way function to an augmented matrix (See Parag. [0062] and Fig. 11; the entropy expander 37 takes the conventional AES keys 75 (e.g., AES round keys) as its N-bit input data words (input bit stream) … producing N-bit output data words based on selecting the k.sup.th permutation element in a set of M permutation elements (e.g., switch fabrics or permutation matrices). The N-bit output data words (first intermediate bit stream) are thus the modified AES keys 73 (e.g., modified AES round keys) provided to the AES encryption block 72. See Parag. [0083]; The g function consists of three stages: an S-Box transformation, a permutation, and an exclusive-or);
second calculation code configured to cause the one or more processors to calculate a second intermediate bit stream by dividing the first intermediate bit stream into a predetermined number of bit streams and inputting each of the predetermined number of divided bit streams to S-box (See Parag. [0076]; the four sub-operations of AES are AddRoundKey, SubBytes, ShiftRows, and MixColumns … See Parag. [0078] and Fig. 11; The SubBytes phase of AES involves splitting the input (i.e., The N-bit output data words (first intermediate bit stream)) provided to the AES encryption block 72) into bytes (second intermediate bit stream) and passing each through a Substitution Box or S-Box); and
output code configured to cause the one or more processors to output an output bit stream of the one-way function by inputting the second intermediate bit stream to a reduced matrix (See Parag. [0076]; the four sub-operations of AES are AddRoundKey, SubBytes, ShiftRows, and MixColumns … See Parag. [0079]; In the ShiftRows phase of AES, each row of the 128-bit internal state of the cipher is shifted. The rows in this stage refer to the standard representation of the internal state in AES, which is a 4×4 matrix where each cell contains a byte. Bytes of the internal state are placed in the matrix across rows from left to right and down columns. See Parag. [0061]; the AES encryption block 72 is used to encrypt plaintext 77 (such as data that the sender device 12 wishes to transmit) into ciphertext 78 (output bit stream) using a set of AES keys (e.g., AES round keys). See also Parag. [0081]),
wherein each of a length of the input bit stream and a length of the output bit stream of the one-way function is N (N being a natural number), each of a length of the first intermediate bit stream and a length of the second intermediate bit stream is M (M being a natural number), where M is a multiple of N, and a length of a divided bit stream input to the S-box is L (L being a natural number), where L is a factor of M (See Parag. [0036]; the entropy expansion process may be conceptually described in the form of an entropy expander 37 acting on a stream of N-bit input data words m0, m1, . . . , to produce a stream of N-bit output data words e0, e1, . . . N can take on any integer value greater than 1. See also Parag. [0101]; the AES algorithm takes in blocks of bits (e.g., 128, 256, . . . ) and applies a sequence of substitutions and permutations. The substitutions employ an “S-box”, an invertible nonlinear transformation that works on 8 bits at a time, i.e., if carries out byte substitution. Examiner’s note: N is a multiple of N in N x 1 = N), and
wherein the augmented matrix comprises a binary matrix having a size of MxN, and the reduced matrix comprises a binary matrix having a size of NxM (See Parag. [0062] producing N-bit output data words based on selecting the k.sup.th permutation element in a set of M permutation elements (e.g., switch fabrics or permutation matrices). See Parag. [0079]; In the ShiftRows phase of AES, each row of the 128-bit internal state of the cipher is shifted. The rows in this stage refer to the standard representation of the internal state in AES, which is a 4×4 matrix where each cell contains a byte. Bytes of the internal state are placed in the matrix across rows from left to right and down columns… See also Parag. [0049] [0081]).
Claim 14. The applicant is directed to the rejections to claim 3 set forth above, as it is rejected based on the same rationale.
Claim 18. The applicant is directed to the rejections to claim 7 set forth above, as it is rejected based on the same rationale.
Claim 19. The applicant is directed to the rejections to claim 8 set forth above, as it is rejected based on the same rationale.
Claim 20. The applicant is directed to the rejections to claim 11 set forth above, as it is rejected based on the same rationale.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 4 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Kuang et al. (Pub. No. US 2022/0224509), hereinafter Kuang, in view of Satpathy et al. (Pub. No. US 2019/0199517), hereinafter Satpathy.
Claim 4. Kuang discloses the calculating method of claim 3,
Kuang doesn’t explicitly disclose wherein each of the K number of sub S- boxes has a nonlinear function for performing a polynomial operation on a finite field.
However, Satpathy discloses wherein each of the K number of sub S- boxes has a nonlinear function for performing a polynomial operation on a finite field (See Parag. [0026]; Sbox SB uses the reduction polynomial to reduce all intermediate results to 8-bit values. See Parag. [0029]; In the embodiment of FIG. 1, FSM 46 includes registers R1, R2, and R3, each of which holds 32 bits, as well as Sboxes SA and SB).
It would have been obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify the teaching, taught by Kuang, to include each of the K number of sub S- boxes has a nonlinear function for performing a polynomial operation on a finite field, as taught by Satpathy. This would be convenient to reduce each of those exponents using the reduction polynomial (Satpathy, Parag. [0026]).
Claim 15. The applicant is directed to the rejections to claim 4 set forth above, as it is rejected based on the same rationale.
Claims 6 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Kuang et al. (Pub. No. US 2022/0224509), hereinafter Kuang, in view of Jetchev et al. (Pub. No. US 2020/0336302), hereinafter Jetchev.
Claim 6. Kuang discloses the calculating method of claim 1,
Kuang doesn’t explicitly disclose the method further comprising generating the augmented matrix, wherein the generating the augmented matrix includes: configuring a first row and/or a first column of the augmented matrix based on a random value; and configuring remaining rows or remaining columns of the augmented matrix through a circular shift for the first row and/or the first column.
However, Jetchev discloses generating the augmented matrix, wherein the generating the augmented matrix includes: configuring a first row and/or a first column of the augmented matrix based on a random value; and configuring remaining rows or remaining columns of the augmented matrix through a circular shift for the first row and/or the first column (See Parag. [0030]; We create a matrix X consisting of columns x.sub.1, x.sub.2, . . . , x.sub.n with each column being a vector representing a time shifted version of the time series x. We next create the augmented matrix X′ by prepending the columns of X with columns y.sub.1, y.sub.2, . . . , y.sub.m where each of the prepended columns is a vector representing a time shifted version of the time series y).
It would have been obvious to one of ordinary skill in the art at the time before the effective filling date of the claimed invention to modify the teaching, taught by Kuang, to include configuring a first row and/or a first column of the augmented matrix based on a random value and configuring remaining rows or remaining columns of the augmented matrix through a circular shift for the first row and/or the first column, as taught by Jetchev. This would be convenient to determine a statistic for one of the plurality of time-shifted sequences of data from the independent time series as a predictor of the dependent time series of data (Jetchev, Parag. [0003]).
Claim 17. The applicant is directed to the rejections to claim 6 set forth above, as it is rejected based on the same rationale.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure (see PTO-form 892).
The following Patents and Papers are cited to further show the state of the art at the time of Applicant’s invention with respect to ensuring trust validation and integrity of workflow execution.
Farooq et al. (Pub. No. US 2022/0166600); “Evolving Cryptography System and Method;”
Teaches An evolving encryption circuit for transforming a plain-text data stream into an encrypted data stream, the evolving encryption circuit comprising a confusion box population manager that generates a plurality of confusion boxes, a confusion box population agent that applies at least one evolutionary operator to each of the generated plurality of confusion boxes to create an evolved plurality of confusion boxes, a confusion box fitness evaluator that evaluates a cryptographic fitness of each of the evolved plurality of confusion boxes and assigns a cryptographic fitness measure to each of the evolved plurality of confusion boxes, a confusion box library that stores each one of the evolved plurality of confusion boxes that has an assigned cryptographic fitness measure above a fitness threshold value; and an encryptor block that implements one of the confusion boxes stored in the confusion box library to transform the plain-text data stream into the encrypted data stream. (See Abstract).
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GHIZLANE MAAZOUZ whose telephone number is (571)272-8118. The examiner can normally be reached Telework M-F 7:30-5 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Philip J Chea can be reached on 571-272-3951. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/GHIZLANE MAAZOUZ/Examiner, Art Unit 2499
/PHILIP J CHEA/Supervisory Patent Examiner, Art Unit 2499