Prosecution Insights
Last updated: July 17, 2026
Application No. 18/338,111

MICROARCHITECTURES FOR SECURE COMPUTING SYSTEMS

Final Rejection §103
Filed
Jun 20, 2023
Examiner
THIAW, CATHERINE B
Art Unit
2407
Tech Center
2400 — Computer Networks
Assignee
Qualcomm Incorporated
OA Round
3 (Final)
77%
Grant Probability
Favorable
4-5
OA Rounds
2m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 77% — above average
77%
Career Allowance Rate
412 granted / 535 resolved
+19.0% vs TC avg
Strong +37% interview lift
Without
With
+36.7%
Interview Lift
resolved cases with interview
Typical timeline
3y 2m
Avg Prosecution
3 currently pending
Career history
538
Total Applications
across all art units

Statute-Specific Performance

§101
3.0%
-37.0% vs TC avg
§103
85.2%
+45.2% vs TC avg
§102
2.7%
-37.3% vs TC avg
§112
4.6%
-35.4% vs TC avg
Black line = Tech Center average estimate • Based on career data from 535 resolved cases

Office Action

§103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . The present Office Action is responsive to communications received 1/28/206. Claims 1, 3-18, 20-32 are pending. Claims 2 and 19 were cancelled. Response to Arguments Applicant’s arguments received 1/28/2026 are considered and are respectfully addressed as follows: Regarding the rejection under 112b, the amendments overcome the rejection; the rejection is withdrawn. Regarding the prior art rejection, Applicant’s arguments with respect to the pending claims have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1, 3-9, 11, 13-18, 20-23 and 27-32 are rejected under 35 U.S.C. 103 as being unpatentable over US 20210367766 to De Hoogh, hereinafter, De Hoogh, in view of US 20190332390 to Kaminski et al., hereinafter Kaminski and further in view of CN 114143413 A to Zhan et al., hereinafter Zhan. Regarding claim 1, De Hoogh discloses: An apparatus ([0243], Fig. 4) for secure processing comprising: a memory comprising instructions ([0243], Fig. 4 Memory 440); and a processor coupled to the memory ([0243], see Fig. 4 Processor 430) and configured to: obtain a first instruction associated with a security operation ([0002] - [0006]: a computation, involving sensitive data, such as cryptographic operations, on at least a set of values.); based on the first instruction associated with the security operation: execute, by first one or more computation modules of a plurality of computation modules, the security operation (Fig. 4. [0244], computation branch unit (module) 431 executes computation); and execute, by second one or more computation modules of the plurality of computation modules, first one or more dummy operations in parallel with the security operation ([0244], module 432 executes a dummy computation at 456, in parallel to module 431); obtain a second instruction associated with a general operation ([0248] one or more pairs of respective operations of first parallel computation branch unit 431 and second parallel computation branch unit 432 may be performed or Fig. 4, 435, 461: averaging computation unit and inverse function), and based on the second instruction associated with the general operation: execute, by third one or more computation modules of the plurality of computation modules, the general operation ([0248]); and execute, by fourth one or more computation modules of the plurality of computation modules, second one or more dummy operations in parallel with executing the general operation ([0248] one or more operations of the respective computations 451-460 may be performed). De Hoogh does not teach: the security operation comprises performing operations on data using a security information asset and wherein the general operation does not perform operations on data using security information assets. In an analogous art, Kaminski discloses a device comprising a series of parallel processors, each including a general processor, a security processor (SCS), a safety processor (SMS) and a neural network engine (CNN) (Fig. 4A). Kaminski disclose a security operation performing operations on data using a security information asset ([0062]: general processor using public key cryptography to protect communications said processors and other components, internal or external or [0060]: SMS cryptography to ensure safety operations) and wherein the general operation does not perform operations on data using security information assets ([0042] SCS authorize firmware updates, limiting access to memory …, securing the security of the plurality of parallel processors). It would have been obvious to a skilled artisan before the application was effectively filed to modify De Hoogh to implement a plurality of parallel processors, performing cryptographic functions on communications and other functions such as software updates, and teach the limitation because it would isolate faults in a particular type of processor and would promote computation efficiency (Kaminski [0006]). De Hoogh in view of Kaminski teach wherein the first instruction and the second instruction are configured with an identical Hamming weight instruction aspect in an instruction set of the processor ([0246]: the obfuscation computations, their inverses, the dummy computations, and/or the functional computations are comprised of similar or even identical parts, e.g., with similarly-shaped or identically-shaped circuits); De Hoogh in view of Kaminski fail to teach: the first instruction and the second instruction are configured with an identical Hamming weight instruction aspect in an instruction set of the processor. In an analogous art, Zhan discloses a dual circuit for performing cryptographic operations (Abstract, Fig. 4), Zhan discloses implementing a Hamming weight (HW) on both circuits such that the HW of each input and output is constant (p.12: “for two circuits (SM4 circuit and complementary SM4 ), the output of wheel is complementary, so the HW (each input) +HW (each output) result is constant, this means that the complementary SM4circuit has a characteristic of constant HW when processing data”), therefore teaching: the first instruction and the second instruction are configured with an identical Hamming weight instruction aspect in an instruction set of the processor. It would have been obvious to a skilled artisan before the application was effectively filed to modify De Hoogh/Kaminski by implementing Hamming weight in the first and second instruction because such design would resist differential power attack (DPA) and differential fault attack (DFA) (Zhan, last paragraph in p.6). Regarding claim 3, De Hoogh in view of Kaminski and Zhan discloses the apparatus of claim 1, wherein the security operation comprises at least one or more of a number theoretic transform (NTT) computation, a matrix-vector (A*y) multiplication, an elliptic curve digital signature algorithm (ECDSA), elliptic curve point multiplication, security hash algorithms (SHA), McEliece cryptography, bit flipping key encapsulation (BIKE), Hamming quasi-cycling (HQC) encryption, hash-based message authentication code (HMAC), or random number generator (RNG) seeding. (De Hoogh [0144], Protecting hash functions may be important, as they may be applied to secret data. In fact, hash functions may be part of a keyed design, such as if the hash function is used in HMAC). Regarding claim 4, De Hoogh in view of Kaminski and Zhan discloses the apparatus of claim 1, wherein the second one or more dummy operations comprises an additional security operation, wherein execution of the additional security operation is automatically triggered by a microarchitecture of the processor to be executed in parallel with the general operation while no additional instructions associated with security operations are being executed by the processor. (De Hoogh [0245] the dummy operation is part of a chain of computations to obfuscate data) Regarding claim 5, De Hoogh in view of Kaminski and Zhan discloses the apparatus of claim 1, wherein the first one or more computation modules and the second one or more computation modules used during execution of the first instruction share one or more computation modules in common with the third one or more computation modules and fourth one or more computation modules used during execution of the second instruction. (De Hoogh [0248][0251], see FIG. 4., modules 435, 461). Regarding claim 6, De Hoogh in view of Kaminski and Zhan discloses the apparatus of claim 1, wherein the first instruction and the second instruction are configured with a common instruction format (De Hoogh [0248]: respective parallel computation branches may pairwise perform similarly-structured computations on their respective inputs). Regarding claim 7, De Hoogh in view of Kaminski and Zhan discloses the apparatus of claim 1, wherein the first instruction and the second instruction share at least one or more of a pattern of repeated bits in each instruction, identical instruction length, similar instruction fetch timing or similar instruction processing timing (De Hoogh [0175], first and second operations performed during partially overlapping time intervals). Regarding claim 8, De Hoogh in view of Kaminski and Zhan discloses the apparatus of claim 1, wherein executing one or more of the security operation, the general operation, the first one or more dummy operations, or the second one or more dummy operations comprises extending execution of a respective operation by one or more dummy cycles. (Se Hoogh [0244] obfuscation extended by dummy operations). Regarding claim 9, De Hoogh in view of Kaminski and Zhan discloses the apparatus of claim 1, wherein a number of the one or more dummy cycles is variable for each instruction ((De Hoogh [0245] the dummy operation is part of a chain of computations to obfuscate data, [0248] one or more operations of the respective computations 451-460 may be performed). Regarding claim 11, De Hoogh in view of Kaminski and Zhan discloses the apparatus of claim 8, wherein the one or more dummy cycles includes one or more of dummy cycles before the respective operation or dummy cycles after the respective operation (De Hoogh [0248] one or more operations of the respective computations 451-460 may be performed). Regarding claim 13, De Hoogh in view of Kaminski and Zhan discloses the apparatus of claim 1, wherein one or more of the first one or more dummy operations or the second one or more dummy operations executes with dummy inputs. (De Hoogh Fig. 4, 457 operation includes dummy operation 456 as input). Regarding claim 14, De Hoogh in view of Kaminski and Zhan discloses the apparatus of claim 1, wherein one or more of the first one or more dummy operations or the second one or more dummy operations is a redundant operation and wherein an output of the redundant operation is discarded (De Hoogh [0149] redundant operations with no output or useless output suggesting discarding the useless output). Regarding claim 15, De Hoogh in view of Kaminski and Zhan discloses the apparatus of claim 1, wherein the first instruction and the second instruction are associated with at least one or more of a boot, a reboot, or an update (Kaminski [0060]: SMS processors use cryptography to ensure corrected booting and [0042]: SCS processors operations associated with startups and updates). It would have been obvious to a skilled artisan to have the first and second instruction associated with a boot, reboot or update because it would ensure a correct booting of the different type of processors (Kaminski [0060]). Regarding claim 16, De Hoogh in view of Kaminski and Zhan discloses the apparatus of claim 1, wherein the first one or more computation modules of the plurality of computation modules executing the security operation and the third one or more computation modules of the plurality of computation modules executing the general operation share one or more common computation modules (De Hoogh [0248], Fig. 4, 433). Regarding claim 17, De Hoogh in view of Kaminski and Zhan discloses the apparatus of claim 1, wherein the first one or more computation modules of the plurality of computation modules executing the security operation and the third one or more computation modules of the plurality of computation modules executing the general operation are different (De Hoogh [0248] one or more pairs of respective operations of first parallel computation branch unit 431 and second parallel computation branch unit 432 may be performed). Regarding claim 18, the claim recites substantially the same content as claim 1 and is rejected substantially as set forth for rejecting in claim 1. Regarding claim 20, the claim recites substantially the same content as claim 5 and is rejected substantially as set forth for rejecting in claim 5. Regarding claim 21, the claim recites substantially the same content as claim 7 and is rejected substantially as set forth for rejecting in claim 7. Regarding claim 22, the claim recites substantially the same content as claim 8 and is rejected substantially as set forth for rejecting in claim 8. Regarding claim 23, the claim recites substantially the same content as claim 9 and is rejected substantially as set forth for rejecting in claim 9. Regarding claim 27, the claim recites substantially the same content as claim 13 and is rejected substantially as set forth for rejecting in claim 13. Regarding claim 28, the claim recites substantially the same content as claim 14 and is rejected substantially as set forth for rejecting in claim 14. Regarding claim 29, the claim recites substantially the same content as claim 16 and is rejected substantially as set forth for rejecting in claim 16. Regarding claim 30, the claim recites substantially the same content as claim 17 and is rejected substantially as set forth for rejecting in claim 17. Regarding claim 31, the claim recites substantially the same content as claim 1 and is rejected substantially as set forth for rejecting in claim 1. Regarding claim 32, the claim recites substantially the same content as claim 6 and is rejected substantially as set forth for rejecting in claim 6. Claims 12, 26 are rejected under 35 U.S.C. 103 as being unpatentable over De Hoogh, Kaminski and Zhan, in view of US 20080019503 to Dupaquis et al., hereinafter, Dupaquis. Regarding claim 12, De Hoogh in view of Kaminski and Zhan discloses the apparatus of claim 1. De Hoogh in view of Kaminski does not disclose wherein one or more of the first one or more dummy operations or the second one or more dummy operations comprises a correctness check configured to determine whether an external perturbation occurred during the correctness check. In an analogous art of masking encryption using dummy operations (Abstract), Dupaquis discloses one or more of the first one or more dummy operations or the second one or more dummy operations comprises a correctness check configured to determine whether an external perturbation occurred during the correctness check ([0015]: … loop of the round has been processed with a dummy subkey, then the incorrect result will be stored in a dummy location of the memory. The correct result will be used in the next round, whereas the dummy results may be overwritten). It would have been obvious to a skilled artisan before the application was effectively filed to modify De Hoogh/Kaminski/Zhan by Dupaquis to perform a correctness check as claimed because it would be “leveling the entropy seen by an attacker so that the true round subkey used in that S-box operation cannot be ascertained externally. (Dupaquis. [0010])). Regarding claim 26, the claim recites substantially the same content as claim 12 and is rejected substantially as set forth for rejecting in claim 12. Allowable Subject Matter Claims 10, 24 and 25 are allowable over the prior art of the record. Regarding claims 10 and substantially claim 24, De Hoogh in view of Kaminski and Zhan discloses the apparatus of claim 1, the method of claim 18 but fails to teach Wherein: a third operation associated with a particular instruction is executed at a first time with a first input data and extended by a first number of dummy cycles; and a fourth operation associated with the particular instruction is executed at a second time, different from the first time, with second input data identical to the first input data, wherein fourth operation associated with the particular instruction is extended by a second number of dummy cycles, different from the first number of dummy cycles, at the second time, wherein the first number of dummy cycles and the second number of dummy cycles are determined by a microarchitectural runtime execution feature of the processor. Regarding claim 25, De Hoogh in view of Kaminski and Zhan discloses the method of claim 23, but fails to teach: wherein the one or more dummy cycles includes one or more of dummy cycles before the respective operation or dummy cycles after the respective operation. Therefore, claims 10 and 24 are allowable. Claims 10, 24 and 25 are being objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: Kim et al 20210264061 discloses implementing a S-box preventing a side channel attack by uniformly adjusting Hamming weights of output data. Kocher et al WO 9967919 discloses counterattacking power attacks by shifting a byte with a Hamming weight of 5 which will take a significantly different amount of power than shifting a byte of Hamming weight 4. J. A. Ambrose, S. Parameswaran, and A. Ignjatovic, “MUTE-AES: A multiprocessor architecture to prevent power analysis based side channel attack of the AES algorithm,” in Proc. IEEE/ACM ICCAD, Nov. 2008, pp. 678–684 discloses preventing side channel attacks using Hamming weight among other measures. Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to CATHERINE B THIAW whose telephone number is (571)270-1138. The examiner can normally be reached Monday-Thursday 7am-5pm with Flex. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. CATHERINE B. THIAW Supervisory Patent Examiner Art Unit 2407 /Catherine Thiaw/Supervisory Patent Examiner, Art Unit 2407 6/28/2026
Read full office action

Prosecution Timeline

Show 4 earlier events
Aug 11, 2025
Examiner Interview Summary
Aug 25, 2025
Response Filed
Oct 28, 2025
Non-Final Rejection mailed — §103
Jan 20, 2026
Interview Requested
Jan 27, 2026
Examiner Interview Summary
Jan 27, 2026
Applicant Interview (Telephonic)
Jan 28, 2026
Response Filed
Jul 01, 2026
Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12664260
SYSTEM AND METHOD FOR AUTOMATED INTEGRATION OF ENDPOINT DETECTION AND RESPONSE (EDR) DATA TO OPEN EXTENDED DETECTION AND RESPONSE (XDR) FRAMEWORK
3y 4m to grant Granted Jun 23, 2026
Patent 12657292
SYSTEM AND METHOD FOR AUTOMATICALLY GENERATING PLAYBOOK AND VERIFYING VALIDITY OF PLAYBOOK BASED ON ARTIFICIAL INTELLIGENCE
2y 7m to grant Granted Jun 16, 2026
Patent 12632561
Vulnerability Chain Mapping Using Graph Modeling
2y 11m to grant Granted May 19, 2026
Patent 12596844
SYSTEMS AND METHODS FOR SECURE AGGREGATING AND REPORTING OF MONITORED DATA
3y 10m to grant Granted Apr 07, 2026
Patent 12572654
CYBER THREAT INFORMATION PROCESSING APPARATUS, CYBER THREAT INFORMATION PROCESSING METHOD, AND STORAGE MEDIUM STORING CYBER THREAT INFORMATION PROCESSING PROGRAM
2y 10m to grant Granted Mar 10, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

4-5
Expected OA Rounds
77%
Grant Probability
99%
With Interview (+36.7%)
3y 2m (~2m remaining)
Median Time to Grant
High
PTA Risk
Based on 535 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month