DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to the Continuation filed on 11/05/2025.
In the instant Amendment, claims 1, 3, 5, 7 -8 10, 12, and 15 have been amended; and claims 1, 5, 8, and 12 are independent claims. Claims 1-3, 5-10, 12-13, and 15 have been examined and are pending.
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 11/05/2025 has been entered.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 11/06/2025, is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Response to Arguments
In light of Applicant’s amendments, 112 b rejection of claims 3-10 has been withdrawn.
Applicants’ arguments filed on 11/05/2025 with respect to claims 1-3, 5-10, 12-13, and 15 have been considered but are moot in view of the new ground(s) of rejection, which were necessitated by amendment.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-3, and 8-10, are rejected under 35 U.S.C. 103 as being unpatentable over (3rd Generation Partnership Project; Technical Specification Group Services and System Aspects: Study on security aspects of enhancement for proximity based; Hereinafter “3GPP”) in view of Shi et al. (U.S. Pub. 20230023639 A1; Hereinafter “Shi”) and Wu et al. (U.S. Pub. 20190253889 A1; Hereinafter “Wu”).
As per claims 1 and 8, 3GPP teaches a method performed by an access and mobility management function (AMF) in a wireless communication system, the method comprising (3GPP: fig 6.10.2-1, “The procedure for Authorization and security with DE-to-Network relay using Remote DE network primary authentication is depicted in Figure 6.10.2-1”):
receiving, from a relay user equipment (UE) for a UE-network relay communication, a relay key request message including an identifier of a remote UE for the UE-network relay communication (3GPP: fig 6.10.2-1, page 43-44 “The Relay UE sends a NAS Relay Authorization request message to its serving AMF. The Relay UE includes the Remote UE's SUCI in the message.”);
identifying whether the relay UE is authorized to provide a UE-network relay service (3GPP: fig 6.10.2-1, page 43-44, “The Relay UE's AMF checks that the Relay UE is authorized to act as a Relay based on subscription information obtained during Relay UE's registration”);
identifying an authentication server function (AUSF) related to the remote UE, based on the identifier of the remote UE (3GPP: fig 6.10.2-1, “The Relay UE's AMF initiates Remote UE authentication with Remote UE's AUSF according to existing primary authentication procedures. The authentication messages are exchanged transparently via the Relay UE.”);
transmitting, to the AUSF, an authentication request message including the identifier of the remote UE (3GPP: fig 6.10.2-1, step 4 “authentication req. with remote UE SUCI”);
generating, a proximity-based services (ProSe) session encryption key established between the remote UE and the relay UE (3GPP: fig 6.10.2-1, step 10-11, “Relay UE's AMF derives a PCS link root key Krelay and its Krelay ID from KAMF as performed by Remote UE in step 9.”); and
transmitting, to the relay UE, the ProSe session encryption key (3GPP: fig 6.10.2-1, step 12, “Relay UE's AMF sends a NAS Relay Authorization response message to the Relay UE. The Relay UE's AMF includes the PCS link root key Krelay and its Krelay ID in the message. The Relay UE stores the key and its id and associates them with the PCS link with Remote UE.”).
3GPP does not explicitly discloses receiving, receiving, from the AUSF, a second encryption key for security of direct communication between UEs, wherein the second encryption key is generated based on a first encryption key between the remote UE and the AUSF, and that the (ProSe) session encryption key is generated based on the second encryption key.
However, in the related art, Shi teaches receiving, from the AUSF, an encryption key for security of direct communication between UEs (Shi: para[167-170], “The AMF may trigger the remote WTRU authentication procedure with the remote WTRU's home AUSF. AMF may perform remote WTRU's primary authentication procedure via the relay. The AMF may receive from the remote WTRU's AUSF a response message indicating successful authentication and authorization of the remote WTRU including a remote WTRU's identity (e.g., Subscriber Permanent Identity (SUPI)) and anchor key (e.g., KAUSF/KSEAF).”) and generated (ProSe) session encryption key based on the received encryption key (Shi: para[166-170], “The AMF may derive a PC5 root key and ID (e.g., Krelay and Krelay ID) based on a master key (e.g., KAMF) derived from the anchor key. The AMF may store the received remote WTRU identity (e.g., SUPI) as part of the relay's WTRU context….The AMF may send to the relay a response message including the PC5 root key and ID (e.g., Krelay and Krelay ID), The AMF response message may include a core network the remote WTRU identity (e.g., GPSI)…… The relay may use Krelay to proceed with establishing a secure PC5 link as described herein. Upon successfully establishing a secure PC5 link, the relay may proceed with connectivity signaling with the network and completion of PC5 link establishment as described herein.”)
Therefore, it would have been obvious to one of ordinary skill in the art to implement the 3GPP relay authorization procedure using the key derivation approach taught by Shi because Shi teaches that, upon successful remote UE primary authentication, the AMF receives anchor key material (e.g., KAUSF/KSEAF) from the AUSF and derives the PC5/relay key. Applying Shi’s derivation method to 3GPP would ensure that the ProSe/PC5 key is cryptographically bound to successful primary authentication in accordance with the 5G hierarchical key structure, thereby improving secure UE-to-UE relay communication (Shi: para [13]).
3GPP in view of Shi does not explicitly disclose that the encryption key is generated based on a first encryption key between the remote UE and the AUSF.
However, in the related art, Wu teaches an encryption key generated based on a first encryption key between the remote UE and the AUSF (Wu: para[152-161], “207. The AUSF generates an anchor key based on the intermediate key…. the AUSF generates the anchor key based on the intermediate key in the following manner. First, the AUSF generates an EMSK′ based on the intermediate key: EMSK′=PRF(IK.sub.2′∥CK.sub.2′), where EMSK′ is an extended master session key, (IK.sub.2′, CK.sub.2′) is the intermediate key, IK.sub.2′ is the intermediate integrity key, CK.sub.2′ is the intermediate cipher key, and ∥ means concatenation, indicating that characters on both sides of the symbol are connected in series…. Then, the AUSF generates the anchor key based on the following formula: anchor key=KDF(EMSK′, ANT), where anchor key is the anchor key, and ANT is the access type identifier….The AUSF sends the anchor key to the AMF (or the SEAF). Correspondingly, the AMF (or the SEAF) receives the anchor key sent by the AUSF.”)
Therefore, It would have been obvious to one of ordinary skill in the art to incorporate the anchor key generation process of Wu into the modified 3GPP relay authentication architecture, because it will ensure that direct UE-to-UE communication keys are cryptographically bound to successful primary authentication, improving security consistency and scalability within the 5G core key architecture (Wu, para [03])
Furthermore, Shi also teaches the hardware components of claim 8 such an access and mobility management function (AMF) in a wireless communication system, the AMF comprising: a transceiver; and a controller configured to (Shi : para [68-72], “The gNBs 180a, 180b, 180c may each include one or more transceivers for communicating with the WTRUs 102a, 102b, 102c over the air interface 116….he CN 115 shown in FIG. 1D may include at least one AMF 182a, 182b, at least one UPF 184a,184b,”).
As per claims 2 and 9, 3GPP in view of Shi and Wu teaches the independent claim 1. 3GPP further discloses wherein the identifier of the remote UE is a subscription concealed identifier (SUCI) of the remote UE (3GPP: fig 6.5.210.2-1, page 43-44 “The Relay UE includes the Remote UE's SUCI in the message.”).
As per claims 3 and 10, 3GPP in view of Shi and Wu teaches the independent claim 1. 3GPP solution #1 discloses wherein the second encryption key shared between the remote UE and the AUSF is generated based on an authentication procedure for the remote UE (3GPP solution #1: 6.1.2-1, step 4 “On receiving the SUPI from UDM, the AUSF generates the REAR Key for Remote UE communication via UE-to- Network relay. REAR key will be used for deriving the ProSe key KNR_Prose. Input to the Key Derivation Function for deriving the REAR key is as follows: REAR Key= KDF (LatestKAusF, SUPI of the Remote UE, Relay UE ID bound to SUPI of relay/TempID of relay, other possible parameters). The generated key is 256 bits in which, the 128 bits MSB of key is the REAR Key and the other 128 bits is the REAR Key ID. The purpose of REAR Key ID is to identify the REAR key.”).
Therefore, It would have been obvious to one of ordinary skill in the art to implement the relay authentication procedure of Solution #10 using the REAR key derivation mechanism taught in Solution #1 because both solutions operate within the same 5G ProSe relay security architecture and rely on Kausf-based key hierarchy. Incorporating the REAR key derivation ensures that direct UE-to-UE communication keys are cryptographically bound to successful primary authentication, thereby providing secure and authenticated relay communication.
Claims 5-7, and 12, 13, 15 are rejected under 35 U.S.C. 103 as being unpatentable over (3rd Generation Partnership Project; Technical Specification Group Services and System Aspects: Study on security aspects of enhancement for proximity based; Hereinafter “3GPP”) (solution #10) in view of solution #1 of the 3GPP, and Wu et al. (U.S. Pub. 20190253889 A1; Hereinafter “Wu”).
As per claims 5 and 12, 3GPP teaches a method performed by an authentication server function (AUSF) in a wireless communication system, the method comprising (3GPP: 6.10.2-1, “Procedure for Authorization and security with LIE-to-Network relay using Remote UE network primary authentication”):
receiving, from an access and mobility management function (AMF), an authentication request message including an identifier of a remote user equipment (UE) for a UE-network relay communication (3GPP: 6.10.2-1., “The Relay UE's AMF initiates Remote UE authentication with Remote UE's AUSF according to existing primary authentication procedures. The authentication messages are exchanged transparently via the Relay UE.”);
acquiring an authentication vector for the remote UE from a unified data management (UDM), based on the identifier of the remote UE (3GPP: fig. 6.10.2-1, step 5-6. “get req (SUCI)..get Resp(AV)”);
performing an authentication procedure for the remote UE, based on the authentication vector (3GPP: fig. 6.10.2-1, step 7-8 “authentication via the AMF/SEAF serving the relay UE”).
transmitting, to the AMF, encryption key for security of direct communication between UEs (3GPP: fig. 6.10.2-1, In the 5G primary authentication architecture, the AUSF returns authentication results toward the AMF/SEAF serving the relay UE as part of the authentication completion procedure ).
3GPP, solution #10 does not disclose generating an encryption key shared between the remote UE and the AUSF, based on the authentication procedure for the remote UE, wherein the AUSF is related to the remote UE and is identified based on the identifier of the remote UE; generating, based on a first encryption key shared between the remote UE and the AUSF, a second encryption key for security of direct communication between UEs
However, in solution #1, 3GPP teaches the AUSF generating an encryption key shared between the remote UE and the AUSF, based on the authentication procedure for the remote UE, wherein the AUSF is related to the remote UE and is identified based on the identifier of the remote UE (3GPP: 6.1.2-1, step 4 “On receiving the SUPI from UDM, the AUSF generates the REAR Key for Remote UE communication via UE-to- Network relay. REAR key will be used for deriving the ProSe key KNR_Prose. Input to the Key Derivation Function for deriving the REAR key is as follows: REAR Key= KDF (LatestKAusF, SUPI of the Remote UE, Relay UE ID bound to SUPI of relay/TempID of relay, other possible parameters). The generated key is 256 bits in which, the 128 bits MSB of key is the REAR Key and the other 128 bits is the REAR Key ID. The purpose of REAR Key ID is to identify the REAR key.”).
Therefore, It would have been obvious to one of ordinary skill in the art to implement the relay authentication procedure of Solution #10 using the REAR key derivation mechanism taught in Solution #1 because both solutions operate within the same 5G ProSe relay security architecture and rely on Kausf-based key hierarchy. Incorporating the REAR key derivation ensures that direct UE-to-UE communication keys are cryptographically bound to successful primary authentication, thereby providing secure and authenticated relay communication.
3 GPP does not explicitly disclose generating, based on a first encryption key shared between the remote UE and the AUSF, a second encryption key for security of direct communication between UEs.
However, in the related art, Wu teaches an encryption key generated based on a first encryption key between the remote UE and the AUSF (Wu: para[152-161], “207. The AUSF generates an anchor key based on the intermediate key…. the AUSF generates the anchor key based on the intermediate key in the following manner. First, the AUSF generates an EMSK′ based on the intermediate key: EMSK′=PRF(IK.sub.2′∥CK.sub.2′), where EMSK′ is an extended master session key, (IK.sub.2′, CK.sub.2′) is the intermediate key, IK.sub.2′ is the intermediate integrity key, CK.sub.2′ is the intermediate cipher key, and ∥ means concatenation, indicating that characters on both sides of the symbol are connected in series…. Then, the AUSF generates the anchor key based on the following formula: anchor key=KDF(EMSK′, ANT), where anchor key is the anchor key, and ANT is the access type identifier….The AUSF sends the anchor key to the AMF (or the SEAF). Correspondingly, the AMF (or the SEAF) receives the anchor key sent by the AUSF.”)
Therefore, It would have been obvious to one of ordinary skill in the art to incorporate the anchor key generation process of Wu into the modified 3GPP relay authentication architecture, because it will ensure that direct UE-to-UE communication keys are cryptographically bound to successful primary authentication, improving security consistency and scalability within the 5G core key architecture (Wu, para [03])
As per claims 6 and 13, 3GPP in view of Wu teaches wherein the identifier of the remote UE is a subscription concealed identifier (SUCI) of the remote UE (3GPP: fig 6.10.2-1, page 43-44 “The Relay UE includes the Remote UE's SUCI in the message.”).
As per claims 7 and 15, 3GPP in view of Wu teaches the independent claim 5. 3GPP solution #1 teaches wherein the second encryption key for security of the direct communication between UEs is used to generate a proximity-based services (ProSe) session encryption key established between the remote UE and a relay UE for the UE-network relay communication (3GPP solution #1: 6.1.2-1, step 4 “On receiving the SUPI from UDM, the AUSF generates the REAR Key for Remote UE communication via UE-to- Network relay. REAR key will be used for deriving the ProSe key KNR_Prose. Input to the Key Derivation Function for deriving the REAR key is as follows: REAR Key= KDF (LatestKAusF, SUPI of the Remote UE, Relay UE ID bound to SUPI of relay/TempID of relay, other possible parameters). The generated key is 256 bits in which, the 128 bits MSB of key is the REAR Key and the other 128 bits is the REAR Key ID. The purpose of REAR Key ID is to identify the REAR key.”).
Therefore, It would have been obvious to one of ordinary skill in the art to implement the relay authentication procedure of Solution #10 using the REAR key derivation mechanism taught in Solution #1 because both solutions operate within the same 5G ProSe relay security architecture and rely on Kausf-based key hierarchy. Incorporating the REAR key derivation ensures that direct UE-to-UE communication keys are cryptographically bound to successful primary authentication, thereby providing secure and authenticated relay communication.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to LYDIA L NOEL whose telephone number is (571)272-1628. The examiner can normally be reached Monday - Friday 9:00 - 5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Alexander Lagor can be reached on (571)-270-5143. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/L.L.N./Examiner, Art Unit 2437
/BENJAMIN E LANIER/ Primary Examiner, Art Unit 2437