ESTABLISHING A SECRET SHARED BETWEEN A FIRST COMMUNICATIONS DEVICE AND AT LEAST ONE SECOND COMMUNICATIONS DEVICE

DETAILED ACTION This office action has been issued in response to communications received on 11/06/2025. Claims 1-18 are presented for examination. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Arguments Applicant’s Remarks regarding the objection to claims 1, 7 and 13, filed 11/06/2025, have been considered, but are found unpersuasive. The preamble of claims 1, 7 and 13 discloses that they are directed to establishing a secret shared between a first communications device and a second communications device, however claims 1, 7 and 13 do not go on in the body of the claim to explain how that secret would be derived. While Claims 1, 7 and 13 do disclose that the shared secret can be derived from the first and second data representations, claims 1, 7 and 13 do not disclose actually deriving the shared secret. Instead the first data representation, from which the shared secret can be derived, is received from the first communications device and a second data representation, from which the shared secret can be derived, is sent to the second communications device. What is missing is a step of actually deriving/establishing the shared secret. Accordingly, the objection is maintained. Applicant’s remarks regarding the rejection of the claims under 103 have been considered, but are found unpersuasive. Applicant argues on pages 8-9 of the Remarks that Kent does not disclose the claim 1 step of “acquiring a first data representation, using a signal from one of a motion sensor sensing motion which the first communications device is subjected to, a microphone sensing an audio signal emitted by the first communications device, a camera sensing information displayed by the first communications device, and an optical receiver sensing optical data transmitted by the first communications device” because “the sensed signal itself provides data from which the shared secret can be derived, i.e., the signal is an entropy source for generating the secret, not merely a transmission medium for conveying it”, however the Examiner respectfully disagrees. Applicant’s Specification does not mention that the signal is an entropy source – entropy is not mentioned in Applicant’s Specification. Applicant’s Specification does disclose that “the first data representation is coded into the audio signal” (para. [0022]), which description fits Kent’s description of how the “digital data may be encoded into and decoded from these sound waves” (para. [0040]). The claims do not specify how signal is used to acquire the first data representation – only that it is used. Applicant is free to amend the claims to further specify how the signal itself is used to generate the first data representation. Applicant further argues that Kent does not teach the claim 1 limitation of “acquiring a first data representation, using a signal from one of a motion sensor sensing motion which the first communications device is subjected to, a microphone sensing an audio signal emitted by the first communications device, a camera sensing information displayed by the first communications device, and an optical receiver sensing optical data transmitted by the first communications device” because Kent’s “invitation code 300” is “generated by the communication server 420” and merely transmitted as a ‘sound save 200” for delivery to another device, however the Examiner respectfully disagrees. Applicant seems to be getting the limitations and mapping confused here. The examiner mapped the message received by the server from a microphone as sound wave signals from the first mobile device as the “first data representation” (paras. [0005], [0040], [0048], [0106], [0109]), so that would not apply to messages transmitted from the server to other devices. Applicant argues on pages 9-11 of the Remarks, filed 11/06/2025, that Larmo is not combinable with Kent because “Larmo’s approach would therefore replace Kent’s fundamental server-based invitation code architecture with a local key derivation mechanism”, however the Examiner respectfully disagrees. In response to applicant's argument that Larmo’s method of exchanging keys without a server would replace Kent’s method of exchanging keys using a server, the test for obviousness is not whether the features of a secondary reference may be bodily incorporated into the structure of the primary reference; nor is it that the claimed invention must be expressly suggested in any one or all of the references. Rather, the test is what the combined teachings of the references would have suggested to those of ordinary skill in the art. See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981). Larmo is not being offered to teach how the data representations or secret can be exchanged. The physical structure of Larmo is not being bodily incorporated into the structure of Kent to replace anything including how a server is used to exchange data with two mobile devices. The only thing that Larmo is cited as adding to Kent is functionality showing that the shared secret key can be derived from the first data representation. Larmo and Kent are both directed to the same problem of generating a shared key between two mobile devices using motion data of the two mobile devices. Larmo just shows that the first data representation (i.e. the movement or sound data for any physical, chemical or environmental condition of the two mobile devices) can also be used to generate the authentication key (paras. [0023], [0033], [0040]). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to integrate Larmo’s method of generating the authentication key for secure communication between the mobile devices using the data detected from the physical condition of the mobile devices with the system of Kent in order to increase the security of the system by making the authentication key vary depending upon the type and manner of the physical condition detected by the mobile devices seeking to establish secure communication. The remaining arguments fail to comply with 37 C.F.R. § 1.111(b) because they amount to a general allegation that the claims define a patentable invention without specifically pointing out how the language of the claims patentably distinguishes them from the references. Accordingly, the rejection of the claims under 35 USC 103 is sustained. Objections Claims 1, 7 and 13 are objected to for the following informalities: the claims disclose in the preamble that they are directed to establishing a shared secret between the first and second communications device, however no such secret is generated within the body of the claims? Appropriate clarification/correction is required. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention. In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. Claims 1-18 are rejected under 35 U.S.C. 103 as being unpatentable over Kent (US 2012/0214416) in view of Larmo (US 2014/0181926). Regarding claim 1, Kent discloses the limitations of claim 1 substantially as follows: A method performed by a computing device to establish a secret shared between a first communications device and at least one second communications device (paras. [0080]-[0081], [0086]-[0087], [0109], [0116], [0175], Fig. 4: server (i.e. computing device) establishes the sharing of an invitation code/key (i.e. shared secrets) between two or more mobile devices) the method comprising: acquiring a first data representation, using a signal from one of a motion sensor sensing motion which the first communications device is subjected to, a microphone sensing an audio signal emitted by the first communications device, a camera sensing information displayed by the first communications device, and an optical receiver sensing optical data transmitted by the first communications device (paras. [0005], [0040], [0048], [0106], [0109], Fig. 4: server acquires message from a microphone as sound wave signals from a first mobile device or a GPS motion sensor detecting bump motion data of mobile devices); generating from the first data representation a second data representation from which the shared secret can be derived (paras. [0061]-[0062], [0079], [0087], [0106], [0109], Fig. 4: using the data from the message the server received in the sound wave signal to generate an encrypted message response comprising an invitation code and key, which can be decrypted to derive the invitation code and key); and providing the second data representation to the second communications device using one of an audio speaker, a display, and an optical transmitter (paras. [0063], [0086], [0106], [0109], [0116], [0175], Fig. 4: server multicast the encrypted message as a sound wave signal containing the invitation code and unique key to additional (i.e. second) mobile device, which mobile devices receive the data using a microphone). Kent does not explicitly disclose the remaining limitations of claim 1 as follows: acquiring a first data representation from which the shared secret can be derived, However, in the same field of endeavor Larmo discloses the limitations of claim 1 as follows: establish a secret shared between a first communications device and at least one second communications device (paras. [0023], [0028]-[0029], [0031], [0033], [0040]: derive the authentication key for both mobile devices (i.e. shared key) from the data for any physical, chemical or environmental condition of two mobile devices such as movement or sound (i.e. first data representation) and establish secure communication between the two mobile devices using the authentication key) acquiring a first data representation from which the shared secret can be derived (paras. [0023], [0029], [0031], [0033], [0040]: acquiring data for any physical, chemical or environmental condition of two mobile devices such as movement or sound (i.e. first data representation) and using the data of the condition to generate an authentication key based on the characteristics of the data), Kent is combinable with Larmo because both are from the same field of endeavor of establishing secure communication between two mobile devices based upon a condition for the two devices such as motion or audio data. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to integrate Larmo’s method of generating the authentication key for secure communication between the mobile devices using the data detected from the physical condition of the mobile devices with the system of Kent in order to increase the security of the system by making the authentication key vary depending upon the type and manner of the physical condition detected by the mobile devices seeking to establish secure communication. Regarding claims 2, 8 and 14, Kent and Larmo disclose the limitations of the method of claim 1, the computing device of claim 7 and the computer program product of claim 13. Kent discloses the limitations of claims 2, 8 and 14 as follows: provide the second data representation to a group of second communications devices using at least one of the audio speaker, the display, and the optical transmitter, establishing the secret shared between the first communications device and the group of second communications devices (Kent, paras. [0081], [0086]-[0087], [0109], [0116], [0175], Fig. 4: server multicast the encrypted message as a sound wave signal containing the invitation code and key to additional (i.e. group of second) mobile devices, which mobile devices receive the data using a microphone, where the key and invitation code are used to establish a group of mobile devices in which secure communication occurs between the mobile devices). Regarding claims 3, 9 and 15, Kent and Larmo disclose the limitations of the method of claim 1, the computing device of claim 7 and the computer program product of claim 13. Larmo discloses the limitations of claims 3, 9 and 15 as follows: derive the shared secret from the first data representation; and establish communication with the first communications device and/or the second communications device using the derived shared secret (paras. [0023], [0028]-[0029], [0031], [0033], [0040]: derive the authentication key for both mobile devices (i.e. shared key) from the data for any physical, chemical or environmental condition of two mobile devices such as movement or sound (i.e. first data representation) and establish secure communication between the two mobile devices using the authentication key). The same motivation to combine utilized in claims 1, 7 and 13 is equally applicable to the instant claims. Regarding claims 4, 10 and 16, Kent and Larmo disclose the limitations of the method of claim 1, the computing device of claim 7 and the computer program product of claim 13. Kent and Larmo disclose the limitations of claims 4, 10 and 16 as follows: wherein: the first data representation is acquired from the motion sensor sensing motion which both the computing device and the first communications device are subjected to (see also Larmo, paras. [0028]-[0029]: acquiring data from any physical or mechanical condition of the mobile devices such as a shared pattern of movement using an accelerometer); the operation to provide the second data representation to the second communications device comprises to provide the second data representation coded for output through the one of the audio speaker, the display, and the optical transmitter (Kent, paras. [0063], [0086], [0106], [0109]-[0110], [0116], [0175], Fig. 4: server multicast the encrypted message as a sound wave signal containing the invitation code and unique key to additional (i.e. second) mobile device, which mobile devices receive the data using a microphone). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to integrate Larmo’s method of acquiring data from any physical or mechanical condition of the mobile devices to generate the key, such as a shared pattern of movement of the mobile devices, with the system of Kent in order to strengthen the security of the authentication key generated for secure communication between the mobile devices by enabling the authentication key to be more complex by enabling it to be generated in different ways depending upon the type of physical or mechanical condition detected by the mobile devices. Regarding claims 5, 11 and 17, Kent and Larmo disclose the limitations of the method of claim 1, the computing device of claim 7 and the computer program product of claim 13. Kent discloses the limitations of claims 5, 11 and 17 as follows: wherein: the first data representation is acquired from the microphone sensing an audio signal emitted by the first communications device (paras. [0005], [0040], [0048], [0106], [0109], Fig. 4: server acquires message from a microphone as sound wave signals from a first mobile device or a GPS motion sensor detecting bump motion data of mobile devices); the providing of the second data representation to the second communications device comprises providing the second data representation coded for output through the display or the optical transmitter (Kent, paras. [0084], [0116], [0148]: message transmitted from server to additional mobile device(s) comprises encrypted sound wave signal that may be displayed on the mobile device). Regarding claims 6, 12 and 18, Kent and Larmo disclose the limitations of the method of claim 1, the computing device of claim 7 and the computer program product of claim 13. Kent discloses the limitations of claims 6, 12 and 18 as follows: the first data representation is acquired from the camera sensing information displayed by the first communications device or from the optical receiver sensing optical data transmitted by the first communications device (Kent, paras. [0071], [0084]: acquiring information for authentication to be sent to server in message which is displayed on the mobile device to be captured by a camera of the second mobile device and sent to server) (see also Larmo, paras. [0024], [0028]-[0029]: acquiring data from any physical or mechanical condition of the mobile devices, where the mobile devices may be digital cameras); and the operation to provide the second data representation to the second communications device comprises to provide the second data representation coded for output through the audio speaker (Kent, paras. [0063], [0086], [0106], [0109]-[0110], [0116], [0175], Fig. 4: server multicast the encrypted message as a sound wave signal containing the invitation code and unique key to additional (i.e. second) mobile device, which mobile devices receive the data using a microphone). Regarding claim 7, Kent discloses the limitation substantially as follows: A computing device operative to establish a secret shared between a first communications device and at least one second communications device (paras. [0080]-[0081], [0086]-[0087], [0109], [0116], [0175], Fig. 4: server (i.e. computing device) establishes the sharing of an invitation code/key (i.e. shared secrets) between two or more mobile devices), the computing device comprising: at least one interface, wherein the at least one interface is connected to at least one of an an audio speaker, a display, and an optical transmitter, wherein the at least one interface is further connected to at least one of a motion sensor sensing motion which the first communications device is subjected to, a microphone sensing an audio signal emitted by the first communications device, a camera sensing information displayed by the first communications device, and an optical receiver sensing optical data transmitted by the first communications device (paras. [0040], [0048], [0067], [0116], [0175]: microphones and speakers of sending and receiving devices); at least one processor operatively connected to the at least one interface; at least one memory storing instructions executable by the at least one processor to perform operations to: acquire a first data representation, using a signal from one of the motion sensor sensing motion which the first communications device is subjected to, the microphone sensing an audio signal emitted by the first communications device, the camera sensing information displayed by the first communications device, and an optical receiver sensing optical data transmitted by the first communications device (paras. [0005], [0040], [0048], [0106], [0109], Fig. 4: server acquires message from a microphone as sound wave signals from a first mobile device or a GPS motion sensor detecting bump motion data of mobile devices); generate from the first data representation a second data representation from which the shared secret can be derived (paras. [0061]-[0062], [0079], [0087], [0106], [0109], Fig. 4: using the data from the message the server received in the sound wave signal to generate an encrypted message response comprising an invitation code and key, which can be decrypted to derive the invitation code and key); and provide the second data representation to the second communications device using one of the audio speaker, the display, and the optical transmitter(paras. [0063], [0086], [0106], [0109], [0116], [0175], Fig. 4: server multicast the encrypted message as a sound wave signal containing the invitation code and unique key to additional (i.e. second) mobile device, which mobile devices receive the data using a microphone). Kent does not explicitly disclose the remaining limitations of claim 7 as follows: acquiring a first data representation from which the shared secret can be derived, However, in the same field of endeavor Larmo discloses the limitations of claim 7 as follows: establish a secret shared between a first communications device and at least one second communications device (paras. [0023], [0028]-[0029], [0031], [0033], [0040]: derive the authentication key for both mobile devices (i.e. shared key) from the data for any physical, chemical or environmental condition of two mobile devices such as movement or sound (i.e. first data representation) and establish secure communication between the two mobile devices using the authentication key) acquiring a first data representation from which the shared secret can be derived (paras. [0023], [0029], [0031], [0033], [0040]: acquiring data for any physical, chemical or environmental condition of two mobile devices such as movement or sound (i.e. first data representation) and using the data of the condition to generate an authentication key based on the characteristics of the data), Kent is combinable with Larmo because both are from the same field of endeavor of establishing secure communication between two mobile devices based upon a condition for the two devices such as motion or audio data. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to integrate Larmo’s method of generating the authentication key for secure communication between the mobile devices using the data detected from the physical condition of the mobile devices with the system of Kent in order to increase the security of the system by making the authentication key vary depending upon the type and manner of the physical condition detected by the mobile devices seeking to establish secure communication. Regarding claim 13, Kent discloses the limitation substantially as follows: A computer program product comprising a non-transitory medium storing instructions executable by at least one processor of a computing device to perform operations to establish a secret shared between a first communications device and at least one second communications device (paras. [0080]-[0081], [0086]-[0087], [0109], [0116], [0175], Fig. 4: server (i.e. computing device) establishes the sharing of an invitation code/key (i.e. shared secrets) between two or more mobile devices), the operations comprising to: acquire a first data representation, using a signal from one of a motion sensor sensing motion which the first communications device is subjected to, a microphone sensing an audio signal emitted by the first communications device, a camera sensing information displayed by the first communications device, and an optical receiver sensing optical data transmitted by the first communications device (paras. [0005], [0040], [0048], [0106], [0109], Fig. 4: server acquires message from a microphone as sound wave signals from a first mobile device or a GPS motion sensor detecting bump motion data of mobile devices); generate from the first data representation a second data representation from which the shared secret can be derived (paras. [0061]-[0062], [0079], [0087], [0106], [0109], Fig. 4: using the data from the message the server received in the sound wave signal to generate an encrypted message response comprising an invitation code and key, which can be decrypted to derive the invitation code and key); and provide the second data representation to the second communications device using one of an audio speaker, a display, and an optical transmitter (paras. [0063], [0086], [0106], [0109], [0116], [0175], Fig. 4: server multicast the encrypted message as a sound wave signal containing the invitation code and unique key to additional (i.e. second) mobile device, which mobile devices receive the data using a microphone). Kent does not explicitly disclose the remaining limitations of claim 13 as follows: acquire a first data representation from which the shared secret can be derived, However, in the same field of endeavor Larmo discloses the limitations of claim 13 as follows: establish a secret shared between a first communications device and at least one second communications device (paras. [0023], [0028]-[0029], [0031], [0033], [0040]: derive the authentication key for both mobile devices (i.e. shared key) from the data for any physical, chemical or environmental condition of two mobile devices such as movement or sound (i.e. first data representation) and establish secure communication between the two mobile devices using the authentication key) acquire a first data representation from which the shared secret can be derived (paras. [0023], [0029], [0031], [0033], [0040]: acquiring data for any physical, chemical or environmental condition of two mobile devices such as movement or sound (i.e. first data representation) and using the data of the condition to generate an authentication key based on the characteristics of the data), Kent is combinable with Larmo because both are from the same field of endeavor of establishing secure communication between two mobile devices based upon a condition for the two devices such as motion or audio data. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to integrate Larmo’s method of generating the authentication key for secure communication between the mobile devices using the data detected from the physical condition of the mobile devices with the system of Kent in order to increase the security of the system by making the authentication key vary depending upon the type and manner of the physical condition detected by the mobile devices seeking to establish secure communication. Prior art not relied upon but applied/considered includes: 1) Novicov (US 2015/0215292) teaches Displaying of a visual trait on the connected mobile devices that is based on the shared secret key unique to the pairwise connection between the mobile devices (para. [0038]); and 2) Lord (US 2015/0215295) teaches using an optical sensor to create authenticated sessions between mobile devices (paras. [0048]-[0049]). Conclusion For the above reasons, claims 1-18 are rejected. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHARON S LYNCH whose telephone number is (571)272-4583. The examiner can normally be reached on 10AM-6PM. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi T Arani can be reached on 571-272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /SHARON S LYNCH/Primary Examiner, Art Unit 2438