PREVENTION OF AUTHENTICATION ABUSE FOR WIRELESS CLIENTS

§102 §103

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Information Disclosure Statement The information disclosure statements (IDSs) submitted on March 27, 2024 and May 14, 2025 were filed in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. Claim Rejections - 35 USC § 102 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention. Claims 1-2, 10-11, and 16-17 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Non-patent Literature entitled, “A Novel WLAN Client Puzzle against DoS Attack Based on Pattern Matching” (hereinafter “Ordi”) Regarding claim 1, Ordi teaches: A method, comprising: receiving, at an AP and from a first client device, a first probe request (p. 1:Right Column, “Client puzzles, also known as proofs of work, have been shown to be a promising tool to thwart DoS attacks on network protocols, particularly on authentication protocols. A puzzle is issued by the server in reply to each request when the server is under attack.”); transmitting, by the AP and to the first client device, a first probe response comprising a first time-lock puzzle (p. 1:RC, “A puzzle is issued by the server in reply”); receiving, at the AP and from the first client device, a first authentication request comprising a first solution for the first time-lock puzzle (pp. 1-2, “After receiving a puzzle, the client has to solve it in order to convince the server to grant access to its resources”); and in response to determining that the first solution is correct, facilitating authentication of the first client device (p. 4, Figure 1, e.g., “Successful 4-way handshake”; p. 6, When the pattern sent by the STA passes the verification step, the AP will send an authentication response frame back to the STA and allocates the required resources.). Regarding claim 2, Ordi teaches: generating, by the AP, the first time- lock puzzle based on one or more characteristics of the first client device (p. 4, “(iii) The server has to find out some information, such as CPU-power, from the clients in order to calculate the precise puzzle parameters. Attaining this information from a heterogeneous environment of clients, such as in WLANs, is almost impossible.”). Regarding claim 10, Ordi teaches: One or more non-transitory computer-readable media comprising computer- executable instructions that, when executed by one or more processors of a processing system, cause the processing system to perform an operation (inherent) comprising: receiving, at an AP and from a first client device, a first probe request (p. 1:Right Column, “Client puzzles, also known as proofs of work, have been shown to be a promising tool to thwart DoS attacks on network protocols, particularly on authentication protocols. A puzzle is issued by the server in reply to each request when the server is under attack.”); transmitting, by the AP and to the first client device, a first probe response comprising a first time-lock puzzle (p. 1:RC, “A puzzle is issued by the server in reply”); receiving, at the AP and from the first client device, a first authentication request comprising a first solution for the first time-lock puzzle (pp. 1-2, “After receiving a puzzle, the client has to solve it in order to convince the server to grant access to its resources”); and in response to determining that the first solution is correct, facilitating authentication of the first client device (p. 4, Figure 1, e.g., “Successful 4-way handshake”; p. 6, When the pattern sent by the STA passes the verification step, the AP will send an authentication response frame back to the STA and allocates the required resources.). Regarding claim 11, Ordi teaches: generating, by the AP, the first time- lock puzzle based on one or more characteristics of the first client device (p. 4, “(iii) The server has to find out some information, such as CPU-power, from the clients in order to calculate the precise puzzle parameters. Attaining this information from a heterogeneous environment of clients, such as in WLANs, is almost impossible.”). Regarding claim 16, Ordi teaches: A system comprising: one or more computer processors; and logic encoded in one or more non-transitory media, the logic collectively executable by operation of the one or more computer processors to perform an operation (inherent) comprising: receiving, at an AP and from a first client device, a first probe request (p. 1:Right Column, “Client puzzles, also known as proofs of work, have been shown to be a promising tool to thwart DoS attacks on network protocols, particularly on authentication protocols. A puzzle is issued by the server in reply to each request when the server is under attack.”); transmitting, by the AP and to the first client device, a first probe response comprising a first time-lock puzzle (p. 1:RC, “A puzzle is issued by the server in reply”); receiving, at the AP and from the first client device, a first authentication request comprising a first solution for the first time-lock puzzle (pp. 1-2, “After receiving a puzzle, the client has to solve it in order to convince the server to grant access to its resources”); and in response to determining that the first solution is correct, facilitating authentication of the first client device (p. 4, Figure 1, e.g., “Successful 4-way handshake”; p. 6, When the pattern sent by the STA passes the verification step, the AP will send an authentication response frame back to the STA and allocates the required resources.). Regarding claim 17, Ordi teaches: generating, by the AP, the first time- lock puzzle based on one or more characteristics of the first client device (p. 4, “(iii) The server has to find out some information, such as CPU-power, from the clients in order to calculate the precise puzzle parameters.”). Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention. Claims 3-4, 12, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Ordi and further in view of U.S. Publication No. 2011/0231913 (hereinafter “Feng”) Regarding claim 3, Ordi does not specifically teach: wherein: the one or more characteristics of the first client device indicate that the first client device is an unknown device, one or more characteristics of a second client device indicate that the second client device is a known device, and generating the first time-lock puzzle comprises generating a problem that consumes additional resources to solve, as compared to a second time-lock puzzle generated for the second client device. However, in the same field of endeavor, Feng teaches: wherein: the one or more characteristics of the first client device indicate that the first client device is an unknown device ([0034] The reputation component is any variable based on repute or recognized reliability. In one embodiment, the reputation component may be the reputation of the source Internet Protocol address the client is using as determined by other network entities that have interacted with it previously. In another embodiment, the reputation component may be the reputation of the client itself as determined by other clients.), one or more characteristics of a second client device indicate that the second client device is a known device ([0035] One of the reasons spammers have turned to webmail is the widespread use of blocklists on mail servers. Since the IP addresses of many compromised machines are well-known, mail servers can be easily configured to block mail from them. In order to leverage this protection, network services can query a number of distributed IP address blocklists to determine the reputation of a client based on its address. Specifically, the presence of a client machine in any of these databases can be used to substantially increase the difficulty of the puzzle the client must solve before allowing access to a service.), and generating the first time-lock puzzle comprises generating a problem that consumes additional resources to solve, as compared to a second time-lock puzzle generated for the second client device ([0029] Computational puzzles are parameterized by a difficulty variable. The invention assigns the computational puzzle difficulty based on at least one component selected from the group of components comprising of: time component, location component, reputation component, usage component, content component, and social networking component.). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Ordi to include the feature of reputation based complexity enhancement and a combination of Ordi with Feng renders the claim prima facie obvious within the described scope of the prior art and any indicated differences within the level of one of ordinary skill in the art (e.g., telecommunications engineer) according to a combination of known prior art elements with known methods to yield predictable results. MPEP 2143(I)(A) (e.g., adjusting the puzzle difficulty based on reputation). Regarding claim 4, Ordi does not specifically teach: wherein the one or more characteristics of the first client device indicate that the first client device is an known device, one or more characteristics of a second client device indicate that the second client device is an unknown device, and generating the first time-lock puzzle comprises generating a problem that consumes fewer resources to solve, as compared to a second time-lock puzzle generated for the second client device. However, in the same field of endeavor, Feng teaches: wherein the one or more characteristics of the first client device indicate that the first client device is an known device ([0040] The social networking component is any variable based on social involvement. In one embodiment, the social networking component may be based on whether the client is in the social network of the eventual recipient of the content and the social distance the client is away from the recipient. In another embodiment, the social networking component may be the reputation of the client in the social network of the recipient as determined by the recipient and the recipient's peers. In yet another embodiment, the social networking component may be based on whether the eventual recipient of the content of the request or message of the client has previously communicated with the client in the past.), one or more characteristics of a second client device indicate that the second client device is an unknown device ([0034] The reputation component is any variable based on repute or recognized reliability. In one embodiment, the reputation component may be the reputation of the source Internet Protocol address the client is using as determined by other network entities that have interacted with it previously. In another embodiment, the reputation component may be the reputation of the client itself as determined by other clients.), and generating the first time-lock puzzle comprises generating a problem that consumes fewer resources to solve, as compared to a second time-lock puzzle generated for the second client device ([0041] Turning to webmail services, most spam is sent using email addresses that the recipient has never communicated with in the past or e-mail addresses that are not within the recipient's social network. Using social network connectivity and prior communication history to determine puzzle difficulty can reduce unnecessary computation for legitimate webmail clients.). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Ordi to include the feature of reputation based complexity enhancement and a combination of Ordi with Feng renders the claim prima facie obvious within the described scope of the prior art and any indicated differences within the level of one of ordinary skill in the art (e.g., telecommunications engineer) according to a combination of known prior art elements with known methods to yield predictable results. MPEP 2143(I)(A) (e.g., adjusting the puzzle difficulty based on reputation). Regarding claim 12, Ordi does not specifically teach: wherein: the one or more characteristics of the first client device indicate that the first client device is an unknown device, one or more characteristics of a second client device indicate that the second client device is a known device, and generating the first time-lock puzzle comprises generating a problem that consumes additional resources to solve, as compared to a second time-lock puzzle generated for the second client device. However, in the same field of endeavor, Feng teaches: wherein: the one or more characteristics of the first client device indicate that the first client device is an unknown device ([0034] The reputation component is any variable based on repute or recognized reliability. In one embodiment, the reputation component may be the reputation of the source Internet Protocol address the client is using as determined by other network entities that have interacted with it previously. In another embodiment, the reputation component may be the reputation of the client itself as determined by other clients.), one or more characteristics of a second client device indicate that the second client device is a known device ([0035] One of the reasons spammers have turned to webmail is the widespread use of blocklists on mail servers. Since the IP addresses of many compromised machines are well-known, mail servers can be easily configured to block mail from them. In order to leverage this protection, network services can query a number of distributed IP address blocklists to determine the reputation of a client based on its address. Specifically, the presence of a client machine in any of these databases can be used to substantially increase the difficulty of the puzzle the client must solve before allowing access to a service.), and generating the first time-lock puzzle comprises generating a problem that consumes additional resources to solve, as compared to a second time-lock puzzle generated for the second client device ([0029] Computational puzzles are parameterized by a difficulty variable. The invention assigns the computational puzzle difficulty based on at least one component selected from the group of components comprising of: time component, location component, reputation component, usage component, content component, and social networking component.). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Ordi to include the feature of reputation based complexity enhancement and a combination of Ordi with Feng renders the claim prima facie obvious within the described scope of the prior art and any indicated differences within the level of one of ordinary skill in the art (e.g., telecommunications engineer) according to a combination of known prior art elements with known methods to yield predictable results. MPEP 2143(I)(A) (e.g., adjusting the puzzle difficulty based on reputation). Regarding claim 18, Ordi does not specifically teach: wherein: the one or more characteristics of the first client device indicate that the first client device is an unknown device, one or more characteristics of a second client device indicate that the second client device is a known device, and generating the first time-lock puzzle comprises generating a problem that consumes additional resources to solve, as compared to a second time-lock puzzle generated for the second client device. However, in the same field of endeavor, Feng teaches: wherein: the one or more characteristics of the first client device indicate that the first client device is an unknown device ([0034] The reputation component is any variable based on repute or recognized reliability. In one embodiment, the reputation component may be the reputation of the source Internet Protocol address the client is using as determined by other network entities that have interacted with it previously. In another embodiment, the reputation component may be the reputation of the client itself as determined by other clients.), one or more characteristics of a second client device indicate that the second client device is a known device ([0035] One of the reasons spammers have turned to webmail is the widespread use of blocklists on mail servers. Since the IP addresses of many compromised machines are well-known, mail servers can be easily configured to block mail from them. In order to leverage this protection, network services can query a number of distributed IP address blocklists to determine the reputation of a client based on its address. Specifically, the presence of a client machine in any of these databases can be used to substantially increase the difficulty of the puzzle the client must solve before allowing access to a service.), and generating the first time-lock puzzle comprises generating a problem that consumes additional resources to solve, as compared to a second time-lock puzzle generated for the second client device ([0029] Computational puzzles are parameterized by a difficulty variable. The invention assigns the computational puzzle difficulty based on at least one component selected from the group of components comprising of: time component, location component, reputation component, usage component, content component, and social networking component.). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Ordi to include the feature of reputation based complexity enhancement and a combination of Ordi with Feng renders the claim prima facie obvious within the described scope of the prior art and any indicated differences within the level of one of ordinary skill in the art (e.g., telecommunications engineer) according to a combination of known prior art elements with known methods to yield predictable results. MPEP 2143(I)(A) (e.g., adjusting the puzzle difficulty based on reputation). Claims 5-9, 13-15, 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Ordi and Feng and further in view of U.S. Patent No. 9,807,092 (hereinafter “Gutzmann”) Regarding claim 5, the combination of Ordi and Feng does not specifically teach: wherein the one or more characteristics of the first client device indicate that the first client device has failed to solve at least one time-lock puzzle provided by the AP, and generating the first time-lock puzzle comprises generating a problem that consumes additional resources to solve, as compared to a second time-lock puzzle generated for a second client device. However, in the same field of endeavor, Gutzmann teaches: wherein the one or more characteristics of the first client device indicate that the first client device has failed to solve at least one time-lock puzzle provided by the AP (13:46-53, Now, the first of three tamper detection checks are performed. These are described more fully in “D. Method for Detecting Tampering of Puzzle Parameters”. As these tamper detection checks are passed (418, 420, 422), and a solution is verified (425), the request is passed through this protocol for normal processing (435). If any of the checks fail, processing is directed to 432. The puzzle state is set to TAMPERED (FIG. 7, 705); 14:10-22, At this point in the protocol, the state of the puzzle has been determined as one of the states in FIG. 7. Now, the attacker score for the device is adjusted according to the method detailed in “C. Method for Adjusting a Device's “attacker Score” Based on Its Protocol Behavior”. In general, where the puzzle state is TAMPERED the attacker score for the device will be increased, and for a state of NEW_VALID_SOLUTION it will be decreased, and for MISSING or VALID_RESUBMITTED_SOLUTION no change will be made. System operators may determine other score adjustments, however, effectuated through the management server (FIG. 1, 110, and FIG. 2, 207).), and generating the first time-lock puzzle comprises generating a problem that consumes additional resources to solve, as compared to a second time-lock puzzle generated for a second client device (24:1-7, The method for limiting the request rates of devices is based on the difficulty of the puzzle assigned to a requestor by the server. In turn, the puzzle difficulty is a function of the device's current attacker score.). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Ordi to include the feature of wrong-answer based complexity enhancement and a combination of Ordi and Feng with Gutzmann renders the claim prima facie obvious within the described scope of the prior art and any indicated differences within the level of one of ordinary skill in the art (e.g., telecommunications engineer) according to a combination of known prior art elements with known methods to yield predictable results. MPEP 2143(I)(A) (e.g., adjusting the puzzle difficulty based on wrong answers). Regarding claim 6, the combination of Ordi and Feng does not specifically teach: in response to determining that the first client device has been authenticated, transmitting, from the AP and to the first client device, a token to bypass at least one time-lock puzzle for a future association. However, in the same field of endeavor, Gutzmann teaches: in response to determining that the first client device has been authenticated, transmitting, from the AP and to the first client device, a token to bypass at least one time-lock puzzle for a future association (16:3-8, The puzzle-issuer-verifier, having now received a verified and valid solution to a challenge by a requesting device in an “allowed” state, prepares a set of transaction authorization codes (“TAC”) to return to the requesting device. The TACs comprise a time value and four groups of elements as follows; See also, Whitelisting, Figs. 5-6). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Ordi to include the feature of transmitting a token to bypass authentication and a combination of Ordi and Feng with Gutzmann renders the claim prima facie obvious within the described scope of the prior art and any indicated differences within the level of one of ordinary skill in the art (e.g., telecommunications engineer) according to a combination of known prior art elements with known methods to yield predictable results. MPEP 2143(I)(A) (e.g., transmitting a token to bypass authentication). Regarding claim 7, the combination of Ordi and Feng does not explicitly teach: receiving, at the AP and from the first client device, the token; and authenticating, by the AP, the first client device based on the token. However, in the same field of endeavor, Gutzmann teaches: receiving, at the AP and from the first client device, the token; and authenticating, by the AP, the first client device based on the token (Figs. 10A-10H, e.g., Steps 10045-46). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Ordi to include the feature of transmitting a token to bypass authentication and a combination of Ordi and Feng with Gutzmann renders the claim prima facie obvious within the described scope of the prior art and any indicated differences within the level of one of ordinary skill in the art (e.g., telecommunications engineer) according to a combination of known prior art elements with known methods to yield predictable results. MPEP 2143(I)(A) (e.g., transmitting a token to bypass authentication). Regarding claim 8, the combination of Ordi and Feng does not explicitly teach: receiving, at the AP and from the first client device, the token; determining, by the AP, that the token has expired; and transmitting, by the AP and to the first client device, a second probe response comprising a second time-lock puzzle. However, in the same field of endeavor, Gutzmann teaches: receiving, at the AP and from the first client device, the token; determining, by the AP, that the token has expired; and transmitting, by the AP and to the first client device, a second probe response comprising a second time-lock puzzle (Figs. 10A-10H, e.g., Steps 10006, 10055). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Ordi to include the feature of transmitting a token to bypass authentication and a combination of Ordi and Feng with Gutzmann renders the claim prima facie obvious within the described scope of the prior art and any indicated differences within the level of one of ordinary skill in the art (e.g., telecommunications engineer) according to a combination of known prior art elements with known methods to yield predictable results. MPEP 2143(I)(A) (e.g., transmitting a token to bypass authentication). Regarding claim 9, the combination of Ordi and Feng does not explicitly teach: receiving, at the AP and from a second client device, a second probe request; transmitting, by the AP and to the second client device, a second probe response comprising a second time-lock puzzle; receiving, at the AP and from the second client device, a second authentication request comprising a second solution for the second time-lock puzzle; and in response to determining that the second solution was received after the second time-lock puzzle expired, declining authentication of the first client device. However, in the same field of endeavor, Gutzmann teaches: receiving, at the AP and from a second client device (e.g., Figs. 3A-3C, “the operation of the proof-of-work protocol of the present systems and methods when deployed as web service for multiple subscribers”), a second probe request (FIG. 10A, Step 10002, 10014); transmitting, by the AP and to the second client device, a second probe response comprising a second time-lock puzzle (Step 10028); receiving, at the AP and from the second client device, a second authentication request comprising a second solution for the second time-lock puzzle (Step 10031); and in response to determining that the second solution was received after the second time-lock puzzle expired, declining authentication of the first client device (Step 10035, 10036, 10008). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Ordi to include the feature of a timer-expiration rejection and a combination of Ordi and Feng with Gutzmann renders the claim prima facie obvious within the described scope of the prior art and any indicated differences within the level of one of ordinary skill in the art (e.g., telecommunications engineer) according to a combination of known prior art elements with known methods to yield predictable results. MPEP 2143(I)(A) (e.g., time expiration rejection). Regarding claim 13, the combination of Ordi and Feng does not specifically teach: wherein the one or more characteristics of the first client device indicate that the first client device has failed to solve at least one time-lock puzzle provided by the AP, and generating the first time-lock puzzle comprises generating a problem that consumes additional resources to solve, as compared to a second time-lock puzzle generated for a second client device. However, in the same field of endeavor, Gutzmann teaches: wherein the one or more characteristics of the first client device indicate that the first client device has failed to solve at least one time-lock puzzle provided by the AP (13:46-53, Now, the first of three tamper detection checks are performed. These are described more fully in “D. Method for Detecting Tampering of Puzzle Parameters”. As these tamper detection checks are passed (418, 420, 422), and a solution is verified (425), the request is passed through this protocol for normal processing (435). If any of the checks fail, processing is directed to 432. The puzzle state is set to TAMPERED (FIG. 7, 705); 14:10-22, At this point in the protocol, the state of the puzzle has been determined as one of the states in FIG. 7. Now, the attacker score for the device is adjusted according to the method detailed in “C. Method for Adjusting a Device's “attacker Score” Based on Its Protocol Behavior”. In general, where the puzzle state is TAMPERED the attacker score for the device will be increased, and for a state of NEW_VALID_SOLUTION it will be decreased, and for MISSING or VALID_RESUBMITTED_SOLUTION no change will be made. System operators may determine other score adjustments, however, effectuated through the management server (FIG. 1, 110, and FIG. 2, 207).), and generating the first time-lock puzzle comprises generating a problem that consumes additional resources to solve, as compared to a second time-lock puzzle generated for a second client device (24:1-7, The method for limiting the request rates of devices is based on the difficulty of the puzzle assigned to a requestor by the server. In turn, the puzzle difficulty is a function of the device's current attacker score.). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Ordi to include the feature of wrong-answer based complexity enhancement and a combination of Ordi and Feng with Gutzmann renders the claim prima facie obvious within the described scope of the prior art and any indicated differences within the level of one of ordinary skill in the art (e.g., telecommunications engineer) according to a combination of known prior art elements with known methods to yield predictable results. MPEP 2143(I)(A) (e.g., adjusting the puzzle difficulty based on wrong answers). Regarding claim 14, the combination of Ordi and Feng does not specifically teach: in response to determining that the first client device has been authenticated, transmitting, from the AP and to the first client device, a token to bypass at least one time-lock puzzle for a future association. However, in the same field of endeavor, Gutzmann teaches: in response to determining that the first client device has been authenticated, transmitting, from the AP and to the first client device, a token to bypass at least one time-lock puzzle for a future association (16:3-8, The puzzle-issuer-verifier, having now received a verified and valid solution to a challenge by a requesting device in an “allowed” state, prepares a set of transaction authorization codes (“TAC”) to return to the requesting device. The TACs comprise a time value and four groups of elements as follows; See also, Whitelisting, Figs. 5-6). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Ordi to include the feature of transmitting a token to bypass authentication and a combination of Ordi and Feng with Gutzmann renders the claim prima facie obvious within the described scope of the prior art and any indicated differences within the level of one of ordinary skill in the art (e.g., telecommunications engineer) according to a combination of known prior art elements with known methods to yield predictable results. MPEP 2143(I)(A) (e.g., transmitting a token to bypass authentication). Regarding claim 15, the combination of Ordi and Feng does not explicitly teach: receiving, at the AP and from the first client device, the token; and authenticating, by the AP, the first client device based on the token. However, in the same field of endeavor, Gutzmann teaches: receiving, at the AP and from the first client device, the token; and authenticating, by the AP, the first client device based on the token (Figs. 10A-10H, e.g., Steps 10045-46). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Ordi to include the feature of transmitting a token to bypass authentication and a combination of Ordi and Feng with Gutzmann renders the claim prima facie obvious within the described scope of the prior art and any indicated differences within the level of one of ordinary skill in the art (e.g., telecommunications engineer) according to a combination of known prior art elements with known methods to yield predictable results. MPEP 2143(I)(A) (e.g., transmitting a token to bypass authentication). Regarding claim 19, the combination of Ordi and Feng does not specifically teach: wherein the one or more characteristics of the first client device indicate that the first client device has failed to solve at least one time-lock puzzle provided by the AP, and generating the first time-lock puzzle comprises generating a problem that consumes additional resources to solve, as compared to a second time-lock puzzle generated for a second client device. However, in the same field of endeavor, Gutzmann teaches: wherein the one or more characteristics of the first client device indicate that the first client device has failed to solve at least one time-lock puzzle provided by the AP (13:46-53, Now, the first of three tamper detection checks are performed. These are described more fully in “D. Method for Detecting Tampering of Puzzle Parameters”. As these tamper detection checks are passed (418, 420, 422), and a solution is verified (425), the request is passed through this protocol for normal processing (435). If any of the checks fail, processing is directed to 432. The puzzle state is set to TAMPERED (FIG. 7, 705); 14:10-22, At this point in the protocol, the state of the puzzle has been determined as one of the states in FIG. 7. Now, the attacker score for the device is adjusted according to the method detailed in “C. Method for Adjusting a Device's “attacker Score” Based on Its Protocol Behavior”. In general, where the puzzle state is TAMPERED the attacker score for the device will be increased, and for a state of NEW_VALID_SOLUTION it will be decreased, and for MISSING or VALID_RESUBMITTED_SOLUTION no change will be made. System operators may determine other score adjustments, however, effectuated through the management server (FIG. 1, 110, and FIG. 2, 207).), and generating the first time-lock puzzle comprises generating a problem that consumes additional resources to solve, as compared to a second time-lock puzzle generated for a second client device (24:1-7, The method for limiting the request rates of devices is based on the difficulty of the puzzle assigned to a requestor by the server. In turn, the puzzle difficulty is a function of the device's current attacker score.). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Ordi to include the feature of wrong-answer based complexity enhancement and a combination of Ordi and Feng with Gutzmann renders the claim prima facie obvious within the described scope of the prior art and any indicated differences within the level of one of ordinary skill in the art (e.g., telecommunications engineer) according to a combination of known prior art elements with known methods to yield predictable results. MPEP 2143(I)(A) (e.g., adjusting the puzzle difficulty based on wrong answers). Regarding claim 20, the combination of Ordi and Feng does not specifically teach: in response to determining that the first client device has been authenticated, transmitting, from the AP and to the first client device, a token to bypass at least one time-lock puzzle for a future association. However, in the same field of endeavor, Gutzmann teaches: in response to determining that the first client device has been authenticated, transmitting, from the AP and to the first client device, a token to bypass at least one time-lock puzzle for a future association (16:3-8, The puzzle-issuer-verifier, having now received a verified and valid solution to a challenge by a requesting device in an “allowed” state, prepares a set of transaction authorization codes (“TAC”) to return to the requesting device. The TACs comprise a time value and four groups of elements as follows; See also, Whitelisting, Figs. 5-6). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Ordi to include the feature of transmitting a token to bypass authentication and a combination of Ordi and Feng with Gutzmann renders the claim prima facie obvious within the described scope of the prior art and any indicated differences within the level of one of ordinary skill in the art (e.g., telecommunications engineer) according to a combination of known prior art elements with known methods to yield predictable results. MPEP 2143(I)(A) (e.g., transmitting a token to bypass authentication). Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. European Publication No. EP1631037A1 (Nakagawa) related to mitigating DoS attacks in a service discovery system Non-patent Literature entitled, “Time-lock puzzles and timed-release Crypto” Any inquiry concerning this communication or earlier communications from the examiner should be directed to JUSTIN BARRY whose telephone number is (571)272-0201. The examiner can normally be reached 8:00am EST to 5:00pm EST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jinsong HU can be reached at (571) 272-3965. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /JAB/ Examiner, Art Unit 2643 /JINSONG HU/ Supervisory Patent Examiner, Art Unit 2643