Mapping unclear too DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 12/15/2025 has been entered. This office action is made Non-Final.
Status of claims
This office action is in response to claims filed on 12/15/2025
Claims 1-5, 7-12, 14-18 and 20 are pending and rejected; claims 1, 8 and 15 are independent claims
Response to Arguments
Applicant's arguments filed on 12/15/2025 have been fully considered but they are not persuasive.
With respect to applicant’s argument, Le and Yarabolu, singularly or in combination do not teach or suggest: determining, randomly from a plurality of available nodes, a first verification node and a second verification node ... and... determining, randomly from the plurality of available nodes, a third verification node;
Examiner respectfully disagree with applicant’s argument for the following reasons: [First, applicants own disclosure recite: “the selection of the verification nodes may be randomized (e.g., the first verification node and the second verification node may not necessarily be sequentially related)”;] Hence, Le teaches (see Le ¶17, while the authentication system may increase the security by increasing the number of computer nodes (t) required to generate the digital signature, the authentication system cannot require any particular computer node to participate in the authentication process [i.e. first verification node and the second verification node may not necessarily be sequentially related], ¶18 the authentication system may generate the shares from the shared secret and distribute the shares to the remaining multiple computer nodes such that shares from any combination of a number of computer nodes [i.e. not necessarily be sequentially related] equals to t minus the number of required nodes are needed to generate an output that mimics a computation based on the shared secret), disclosing the recited claim limitation.
With respect to applicant’s argument: Le and Yaraboulu singularly or in combination do not teach or suggest, “the at least one verification key comprising a first verification key corresponding to the first verification node, a second verification key corresponding to the second verification node, and a third verification key corresponding to the third verification node”
Applicant’s arguments have been fully considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
Claims 1, 8 and 15 recite limitations "the one or more characters in the first segment of the passcode", “the one or more characters in the second segment of the passcode”, “the one or more characters in the third segment of the passcode”. There is insufficient antecedent basis for these limitations in the claim.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-4, 7-11, 14-18 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Le Van Gong et al. US Pub. No.: 2023/0066582 A1 (hereinafter Le) in view of Afanasyeva et al. US Pub. No.: 2021/0203485 A1 (hereinafter Afanasyeva).
Le teaches:
1. A system for autogenerated authentication of network communications, the system comprising:
at least one non-transitory storage device containing instructions (see Le Fig. 2); and
at least one processing device coupled to the at least one non-transitory storage device, wherein the at least one processing device, upon execution of the instructions (see Le Fig. 2), is configured to:
determine, randomly from a plurality of available nodes [First, applicants own disclosure recite: “the selection of the verification nodes may be randomized (e.g., the first verification node and the second verification node may not necessarily be sequentially related)”;] Hence, Le teaches (see Le ¶17, while the authentication system may increase the security by increasing the number of computer nodes (t) required to generate the digital signature, the authentication system cannot require any particular computer node to participate in the authentication process [i.e. first verification node and the second verification node may not necessarily be sequentially related], ¶18 the authentication system may generate the shares from the shared secret and distribute the shares to the remaining multiple computer nodes such that shares from any combination of a number of computer nodes equals to t minus the number of required nodes are needed to generate an output that mimics a computation based on the shared secret), a first verification node and a second verification node (see Le ¶¶13 65, the authentication module 132 may determine a set of computer nodes (n nodes) for performing the authentication process for the user account) , wherein the first verification node is used to generate a first representation of a first segment of a passcode, and wherein the second verification node is used to generate a second representation of a second segment of the passcode (see Le ¶55, the secrets/passcode generation module 206 may generate the shares 312-318 such that each share includes multiple portions (but not all portions) of the secret/passcode 306 such that each computer node does not possess the entirety of the secret; Figs. 4 and 6 and ¶¶60 72, The subset of computer nodes may generate an intermediate output (e.g., the output 404) after completing the computations [i.e. the computer nodes generate an intermediate/share output/(first and second representation of a passcode)]);
receive the first representation of the first segment from the first verification node, wherein the first representation corresponds to each of the one or more characters in the first segment of the passcode (see Le ¶15, each computer node possesses a distinct share (which may include one or more portions of the secret). During the authentication process, each of the multiple computer nodes may be required to collaborate in generating the digital signature by performing a computation using its corresponding share(s) of the secret [i.e. the computer nodes generate an intermediate/share output/(first and second representation of a passcode)]; Figs. 4-6 and ¶¶60 72, The subset of computer nodes may generate an intermediate output (e.g., the output 404) after completing the computations) ;
receive the second representation of the second segment from the second verification node, wherein the second representation corresponds to each of the one or more characters in the second segment of the passcode (see Le ¶15, each computer node possesses a distinct share (which may include one or more portions of the secret). During the authentication process, each of the multiple computer nodes may be required to collaborate in generating the digital signature by performing a computation using its corresponding share(s) of the secret; Figs. 4-6 and ¶¶60 72, The subset of computer nodes may generate an intermediate output (e.g., the output 404) after completing the computations [i.e. the computer nodes generate an intermediate/share output/(first and second representation of a passcode)]);
determine, randomly from the plurality of available nodes(see Le ¶17, the authentication system cannot require any particular computer node to participate [i.e. determining randomly…], ¶49, an algorithm may be designed and implemented to require a set of computation to be performed among the set of computer nodes such that anyone (e.g., any devices, and not limited to one centralized authoritative device) can determine whether the quorum and required nodes requirements are satisfied (a number of nodes that equal to or exceeds the required number of nodes, including the required node(s) have participated in the authentication process), a third verification node, wherein the third verification node is used to generate a third representation of a third segment of the passcode (see Le ¶¶13 65, the authentication module 132 may determine a set of computer nodes (n nodes) for performing the authentication process for the user account; Figs. 4 and 6 and ¶¶60 72, The subset of computer nodes may generate an intermediate output (e.g., the output 404) after completing the computations);
receive the third representation of the third segment from the third verification node, wherein the third representation corresponds to each of the one or more characters in the third segment of the passcode (see Le ¶15, each computer node possesses a distinct share (which may include one or more portions of the secret). During the authentication process, each of the multiple computer nodes may be required to collaborate in generating the digital signature by performing a computation using its corresponding share(s) of the secret; Figs. 4-6 and ¶¶60 72, The subset of computer nodes may generate an intermediate output (e.g., the output 404) after completing the computations);
verify the first segment, the second segment, and the third segment of the passcode based on at least one verification key, (see Le Figs 4-6 and ¶¶¶62 74, verification module 210 may then compare the decrypted data (from decrypting the output 406 using the public key 222) and the data 402, and may verify the output 406 if they match… the verification module 210 may use the public key 222 to decrypt the output 406. The verification module 210 may then compare the decrypted data (from decrypting the output 406 using the public key 222) and the data 402, and may verify the output 406 if they match),; and
provide approval to an access request associated with a user, wherein the user is provided access to a network based on the approval to the access request (see Le Fig. 6 and ¶¶73-74, process 600 then processes (at step 640) the transaction in response to verifying the signed message using a public key corresponding to the user account; ¶32, the user 140 of the user device 110 may interact with the marketplace application 122 through the user interface application 112 over the network 160 to search and view various items available for access and/or purchase in the merchant database 124 )
Le does not explicitly teach but the related art Afanasyeva teaches:
the at least one verification key comprising a first verification key corresponding to the first verification node, a second verification key corresponding to the second verification node, and a third verification key corresponding to the third verification node (see Afanasyeva Figs. 6-7 and ¶42, key data 602, which may be embodied as verification keys, such as verification keys associated with the localizer nodes 140, usable in verifying location information generated by one or more of the localizer nodes 140 included in the authentication message from the gateway node 120; ¶51, the gateway node 120 distributes the generated secret key, SK.sub.l between the nodes 110, as indicated in block 714 )
Therefore, it would have been obvious to one with ordinary skill in the art before the effective filing date of the claimed invention to modify multi-party computation for authentication with multiple computer nodes disclosed by Le to include the system for multiple device authentication in a heterogeneous network as thought by Afanasyeva, to distribute verification keys for each verification node. A person with ordinary skill in the art would have been motivated to utilize features that may be specific to the particular devices that work together to generate the combined response of heterogeneous devices (see Afanasyeva ¶2).
As to claim 2, the combination of Le and Afanasyeva teaches the system of claim 1, wherein the at least one processing device, upon execution of the instructions, is configured to receive the access request associated with the user, wherein the access request comprises a request for the passcode to be provided, wherein the passcode is used to provide access to the user (see Le ¶27, Upon receiving an authentication request (e.g., from the service provider server 130), the authentication application 116 may be configured to perform an authentication routine (e.g., a set of computations using the secret or the share(s) associated with the secret) to produce an output)..
As to claim 3, the combination of Le and Afanasyeva teaches the system of claim 1, wherein the at least one processing device, upon execution of the instructions, is configured to determine the passcode based on the first representation of the first segment and the second representation of the second segment (see Le ¶55, the secrets generation module 206 may generate the shares 312-318 such that each share includes multiple portions (but not all portions) of the secret 306 such that each computer node does not possess the entirety of the secret 306. Furthermore, different shares may include different sets of multiple portions such that a portion of the computer nodes 180, 190, 310)
As to claim 4, the combination of Le and Afanasyeva teaches the system of claim 1, wherein the approval to the access request is providing the passcode to an entity associated with the access request (see Le ¶18, multiple secrets may be generated for the digital signature [i.e. passcode] in a manner such that the combination of the multiple secrets are required to generate the digital signature; ¶74, process 600 then processes (at step 640) the transaction in response to verifying the signed message using a public key [i.e. approval to the access request] corresponding to the user account [i.e. an entity associated with the access request])
As to claim 7, the combination of Le and Afanasyeva teaches the system of claim 1, wherein the at least one processing device, upon execution of the instructions, is configured to cause a transmission of the first segment of the passcode to the first verification node and cause a transmission of the second segment of the passcode to the second verification node (see Le ¶55, different shares may include different sets of multiple portions such that a portion of the computer nodes 180, 190, 310, and 312 (but not all of the computer nodes) are needed to have all of the parts of the secret 306)
As to claim 6, (canceled).
As to claim 13, (canceled).
As to Claim 19, (Canceled);
As to independent claim 8, this claim directed to a computer program product comprising at least one non-transitory computer-readable medium having computer-readable program code executed by the system of claim 1; therefore it is rejected along similar rationale.
As to independent claim 15, this claim directed to a method executed by the system of claim 1; therefore it is rejected along similar rationale.
As to dependent claims 9-11 and 16-18, these claims contain substantially similar subject matter as claim 2-4; therefore they are rejected along the same rationale.
As to dependent claim 14 and 20, this claims contain substantially similar subject matter as claim 7; therefore it is rejected along the same rationale.
Claim(s) 5 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Le in view of Afanasyeva as applied above to claims 1 and 8 and further in view of Yarabolu et al. US Pub. 2020/0162450 (hereinafter Yarabolu).
As to claim 5, the combination of Le and Afanasyeva teaches the system of claim 1; the combination of Le and Yarabolu does not explicitly teach but the related art Yarabolu teaches, wherein the access request comprises a request for a one-time password to be used to receive access to the network (see Yarabolu ¶64, the authorization code is a limited-use password such that once the authorization code has been used a threshold number of times (e.g., one-time passwords may be used only once))
Therefore, it would have been obvious to one with ordinary skill in the art before the effective filing date of the claimed invention to modify multi-party computation for authentication with multiple computer nodes disclosed by Le and the system for multiple device authentication in a heterogeneous network as thought by Afanasyeva to include the system for authentication using channel-dependent one-time passwords as thought by Yarabolu, in order to access a network service/resource based on approval to access request. a person with ordinary skill in the art would have been motivated because generating one time passwords may be vulnerable to misuse by unauthorized users or attackers (see Yarabolu ¶2).
As to dependent claim 12, this claims contain substantially similar subject matter as claim 5; therefore it is rejected along the same rationale.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to NEGA WOLDEMARIAM whose telephone number is (571)270-7478. The examiner can normally be reached Monday to Friday, 8am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Cathy Thiaw can be reached at 5712701138. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
NEGA . WOLDEMARIAM
Examiner
Art Unit 2407
/N.W/ Examiner, Art Unit 2407
/Catherine Thiaw/ Supervisory Patent Examiner, Art Unit 2407 2/5/2026