Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This office action is in response to the communication filed on 7/17/2023.
Claims 1-3 have been examined.
Information Disclosure Statement
No IDS has been filed. The applicants are reminded of their duty of disclosure. See MPEP section 2000.
Specification
The abstract of the disclosure is objected to because the abstract refers to and compares itself to the prior art. Further, the abstract contains phrases which can be implied (e.g. “is provided”, “with this invention”, etc.) Correction is required. See MPEP § 608.01(b).
Applicant is reminded of the proper content of an abstract of the disclosure.
A patent abstract is a concise statement of the technical disclosure of the patent and should include that which is new in the art to which the invention pertains. The abstract should not refer to purported merits or speculative applications of the invention and should not compare the invention with the prior art.
If the patent is of a basic nature, the entire technical disclosure may be new in the art, and the abstract should be directed to the entire disclosure. If the patent is in the nature of an improvement in an old apparatus, process, product, or composition, the abstract should include the technical disclosure of the improvement. The abstract should also mention by way of example any preferred modifications or alternatives.
Where applicable, the abstract should include the following: (1) if a machine or apparatus, its organization and operation; (2) if an article, its method of making; (3) if a chemical compound, its identity and use; (4) if a mixture, its ingredients; (5) if a process, the steps.
Extensive mechanical and design details of an apparatus should not be included in the abstract. The abstract should be in narrative form and generally limited to a single paragraph within the range of 50 to 150 words in length. The abstract should describe the disclosure sufficiently to assist readers in deciding whether there is a need for consulting the full patent text for details.
The language should be clear and concise and should not repeat information given in the title. It should avoid using phrases which can be implied, such as, “The disclosure concerns,” “The disclosure defined by this invention,” “The disclosure describes,” etc. In addition, the form and legal phraseology often used in patent claims, such as “means” and “said,” should be avoided.
See MPEP § 608.01(b) for guidelines for the preparation of patent abstracts.
The specification is further objected to because page 4 lines 12-13 recite “if the cryptographic symmetric key used to encode the sample key is outside the window…”. “The sample key” is not described anywhere in the remainder of the specification and this line is not an accurate description of the instant invention. It should read “…to encode the sample is outside…”.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 1-3 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claim 1 is directed towards “a method for performing secure and scalable distribution of symmetric keys from a publisher to one or more subscribers…” but does not claim doing so in the body of the claim. As such, it is unclear whether or not this limitation is required or whether the preamble is accurate.
Claim 1 recites multiple steps but does not describe what is performing those steps. This creates ambiguity to the scope of the claim.
Claim 1 recites “having a plurality of applications…”. It is not clear what is “having a plurality of applications”?
Claim 1 recites “having a cryptographic symmetric key…”. It is not clear what is “having a cryptographic symmetric key”?
Claim 1 recites distributing the unique key material. It is not clear from the language what is distributing the unique key material. Is the participant distributing the unique key material or is the unique key material for the publisher [generated] by the participant? In other words, the language “by the participant” can plainly mean that the participant is doing the distribution or that the participant authored/generated the unique key material. This would be similar to the statement “giving you the book by an author”. It is not clear whether the author wrote the book, gave you the book, or both.
Claim 1 recites distributing the key revisions. It is not clear from the language what is distributing the key revisions. Is the participant distributing the key revisions or are the key revisions [generated] by the participant? In other words, the language “by the participant” can plainly mean that the participant is doing the distribution or that the participant authored/generated the key revisions. This would be similar to the statement “giving you the book by an author”. It is not clear whether the author wrote the book, gave you the book, or both.
Claim 1 recites deriving a new cryptographic symmetric key. It is not clear what is “deriving a new cryptographic symmetric key”.
Claim 1 recites “in publish-subscribe system” which is not grammatically correct and should read “in a publish-subscribe system”.
Claim 1 line 8 recites “the publisher”. It is unclear to which publisher this is referring. The claim requires “a plurality of publishers” for each participant and there are “a plurality of participants” for each application and there are “a plurality of applications” (the language requires at least 8 publishers – there is also a publisher claimed in the preamble).
Claim 1 line 9 recites “the cryptographic symmetric key”. It is unclear to which cryptographic symmetric key this is referring. As discussed above, the claim requires at least 8 publishers, and each publisher has a cryptographic symmetric key, so it is unclear to which of these keys the language is referring.
Claim 1 line 14 recites “the publisher”. It is unclear to which publisher this is referring. The claim requires “a plurality of publishers” for each participant and there are “a plurality of participants” for each application and there are “a plurality of applications” (the language requires at least 8 publishers – there is also a publisher claimed in the preamble).
Claim 1 line 14 recites “the participant”. It is unclear to which participant this is referring. The claim requires “a plurality of participants” for each application and there are “a plurality of applications” (the language requires at least 4 participants).
Claim 1 line 15 recites “the publisher”. It is unclear to which publisher this is referring. The claim requires “a plurality of publishers” for each participant and there are “a plurality of participants” for each application and there are “a plurality of applications” (the language requires at least 8 publishers – there is also a publisher claimed in the preamble).
Claim 1 line 15 recites “the other participants” which lacks antecedent basis in the claim.
Claim 1 line 16 recites “the participant”. It is unclear to which participant this is referring. The claim requires “a plurality of participants” for each application and there are “a plurality of applications” (the language requires at least 4 participants).
Claim 1 lines 16-17 recite “the publisher”. It is unclear to which publisher this is referring. The claim requires “a plurality of publishers” for each participant and there are “a plurality of participants” for each application and there are “a plurality of applications” (the language requires at least 8 publishers – there is also a publisher claimed in the preamble).
Claim 1 line 17 recites “the other participants” which lacks antecedent basis in the claim.
Claim 1 line 18 recites “the publisher”. It is unclear to which publisher this is referring. The claim requires “a plurality of publishers” for each participant and there are “a plurality of participants” for each application and there are “a plurality of applications” (the language requires at least 8 publishers – there is also a publisher claimed in the preamble).
Claim 1 line 19 recites “the publisher”. It is unclear to which publisher this is referring. The claim requires “a plurality of publishers” for each participant and there are “a plurality of participants” for each application and there are “a plurality of applications” (the language requires at least 8 publishers – there is also a publisher claimed in the preamble).
Claim 1 lines 19-20 recite “the distributed key revisions” which lacks antecedent basis in the claim. The claim only recites distribution of one key revision.
Claim 2 recites multiple steps but does not describe what is performing those steps. This creates ambiguity to the scope of the claim.
Claim 2 recites “having a plurality of applications…”. It is not clear what is “having a plurality of applications”?
Claim 2 recites “having a plurality of cryptographic symmetric keys…”. It is not clear what is “having a plurality of cryptographic symmetric keys”?
Claim 2 recites “having a cache of sample in the publisher”. It is not clear whether the publisher has the cache of samples or whether something else has a cache of “samples in the publisher”. i.e. what has the cache?
Claim 2 line 8 recites “the publisher”. It is unclear to which publisher this is referring. The claim requires “a plurality of publishers” for each participant and there are “a plurality of participants” for each application and there are “a plurality of applications” (the language requires at least 8 publishers – there is also a publisher claimed in the preamble).
Claim 2 line 10 recites “the publisher”. It is unclear to which publisher this is referring. The claim requires “a plurality of publishers” for each participant and there are “a plurality of participants” for each application and there are “a plurality of applications” (the language requires at least 8 publishers – there is also a publisher claimed in the preamble).
Claim 2 line 12 recites “the publisher”. It is unclear to which publisher this is referring. The claim requires “a plurality of publishers” for each participant and there are “a plurality of participants” for each application and there are “a plurality of applications” (the language requires at least 8 publishers – there is also a publisher claimed in the preamble).
Claim 2 lines 12-13 recite “the most recent cryptographic symmetric keys” which lacks antecedent basis in the claim.
Claim 2 lines 12-13 recite “the most recent cryptographic symmetric keys”. This is a relative term which does not contain enough context to determine to what it is referring. Is this referring to “the most recent cryptographic symmetric key” created in the universe? Is this referring to “the most recent cryptographic symmetric key” in terms of length of storage in the system? Etc. It is not possible to determine what this limitation is meant to encompass.
Claim 2 line 14 recites “the oldest cryptographic symmetric key” which lacks antecedent basis in the claim.
Claim 2 line 14 recites “the oldest cryptographic symmetric key”. This is a relative term which does not contain enough context to determine to what it is referring. Is this referring to “the oldest cryptographic symmetric key” ever created? Is this referring to “the oldest cryptographic symmetric key” in terms of length of storage in the system? Etc. It is not possible to determine what this limitation is meant to encompass.
Claim 2 lines 15-16 recite “an oldest cryptographic symmetric key”. This is a relative term which does not contain enough context to determine to what it is referring. Is this referring to “the oldest cryptographic symmetric key” ever created? Is this referring to “the oldest cryptographic symmetric key” in terms of length of storage in the system? Etc. It is not possible to determine what this limitation is meant to encompass.
Claim 2 lines 16-17 recite “the latest cryptographic symmetric key…”. This is a relative term which does not contain enough context to determine to what it is referring. Is this referring to “the latest cryptographic symmetric key” created in the universe? Is this referring to “the latest cryptographic symmetric key” in terms of length of storage in the system? Etc. It is not possible to determine what this limitation is meant to encompass.
Claim 2 line 17 recites “the cryptographic symmetric key history” which lacks antecedent basis in the claim.
Claim 2 line 18 recites “the publisher”. It is unclear to which publisher this is referring. The claim requires “a plurality of publishers” for each participant and there are “a plurality of participants” for each application and there are “a plurality of applications” (the language requires at least 8 publishers – there is also a publisher claimed in the preamble).
Claim 2 lines 18-19 recite “the most recent cryptographic symmetric keys”. This is a relative term which does not contain enough context to determine to what it is referring. Is this referring to “the most recent cryptographic symmetric key” created in the universe? Is this referring to “the most recent cryptographic symmetric key” in terms of length of storage in the system? Etc. It is not possible to determine what this limitation is meant to encompass.
Claim 2 line 19 recites “the cryptographic symmetric key history” which lacks antecedent basis in the claim.
Claim 2 line 21 recites “the publisher”. It is unclear to which publisher this is referring. The claim requires “a plurality of publishers” for each participant and there are “a plurality of participants” for each application and there are “a plurality of applications” (the language requires at least 8 publishers – there is also a publisher claimed in the preamble).
Claim 2 line 22 recites “the publisher”. It is unclear to which publisher this is referring. The claim requires “a plurality of publishers” for each participant and there are “a plurality of participants” for each application and there are “a plurality of applications” (the language requires at least 8 publishers – there is also a publisher claimed in the preamble).
Claim 2 lines 22-23 recite “the latest cryptographic symmetric key…”. This is a relative term which does not contain enough context to determine to what it is referring. Is this referring to “the latest cryptographic symmetric key” created in the universe? Is this referring to “the latest cryptographic symmetric key” in terms of length of storage in the system? Etc. It is not possible to determine what this limitation is meant to encompass.
Claim 2 lines 23-24 recite “the cryptographic symmetric key history” which lacks antecedent basis in the claim.
Claim 2 lines 24-25 recite “the cryptographic symmetric key used to encode the sample key” which lacks antecedent basis in the claim.
Claim 2 line 25 recites “the sample key” which lacks antecedent basis in the claim.
Claim 2 line 25 recites “the window sent to one or more subscribers” which lacks antecedent basis in the claim.
Claim 3 inherits all of the above issues of claims 1 and 2.
Furthermore, it is not clear how the methods of claim 1 and 2 are combined to form claim 3.
Furthermore, combining claims 1 and 2 in the manner suggested by claim 3 not only inherits the above issues of claims 1 and 2, but dramatically compounds the multiple antecedent basis issues addressed above.
Regarding claim 3, the examiner suggests that the applicants rewrite claim 3 as an independent claim, incorporating the methods of claims 1 and 2 in a manner that presents a clear scope.
Due to the above plethora of clarity issues, the scopes of the claims is indeterminant. The examiner has attempted to search for what appears to be the general inventive concept, but further search and consideration will be required upon correction of the above clarity issues.
Claim Interpretation
The examiner acknowledges the Acronyms and Definitions provided on pages 9-15 of the instant specification.
Conclusion
Claims 1-3 have been rejected.
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US 2011/0296175 taught a system for software license distribution including updating and distribution of encryption keys.
US 2017/0155628 taught a system for fast and secure proxy re-encryption including key updating where data is decrypted using a key and then re-encrypted using an updated key.
US 20220191018 taught a publish-subscribe system including key symmetric key updating and re-encryption of messages with updated keys.
US 2022/0385738 taught a publish-subscribe system in which subscribes and publishers update their symmetric keys using a ratcheting key system based on deriving the next key from the current key.
US 2023/0142949 taught a publish/subscribe system including encryption key management where symmetric keys are derived from master key and key update values.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MATTHEW T HENNING whose telephone number is (571)272-3790. The examiner can normally be reached Monday-Friday 9AM-3PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, William Korzuch can be reached at (571)272-7589. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MATTHEW T HENNING/Primary Examiner, Art Unit 2491