Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is in response to the claims filed 10/10/2025. Claims 1, 2, 4-9, and 11-14 are pending. Claims 1 (a method) and 8 (a machine).
Response to Arguments
Applicant's arguments filed 10/10/2025 have been fully considered but they are not persuasive.
Applicant’s remarks with regard to the § 101 abstract idea rejection on pages 9-10 of the response are not persuasive. The claims are directed to the performance of a mathematical algorithm. The performance of the mathematical algorithm concludes with “adopting, by the processor, the first signature for a verification process”. No verification is performed, no permissions are requested or received, nothing is done with the output of the mathematical algorithm. As the claim has no application the claim could not constitute a practical application. Since the performance of the claim results in no beneficial outcome, the claim could not constitute significantly more than performance of the math itself, which is all that is done.
Applicant’s remarks with regard to the 112(a) rejection of the claims for appearing to not have written description support for: “(PQC) algorithm the signing data bound to the first random nonce to obtain a first verification time”.
Applicant’s claims and specification are directed to inputting a nonce into a “PQC algorithm” and determining a “verification time”. There is no discussion as to how the nonce is input nor how the “verification time” is determined. Note that the verification is not required to be performed.
A total absence of description is likely insufficient to support the asserted novelty of a claim; see remarks filed 10/10/2025, page 15, ¶ 1.
Applicant’s remarks with regard to the 112(d) rejection are not persuasive. A dependent claim must include each and every limitation of the parent claim. Where, as in dependent claims 2 and 9, an alternative is set forth that presupposes the non-performance of a limitation in the parent claim the dependent claim fails to further limit the parent.
As to the remarks directed to the § 103 rejection in view of Misoczki et al., US 2019/0319800; “Applicant respectfully submits that the "message representative M' is obviously different from the "first verification time" as recited in amended Claim 1.
This argument is not persuasive. The threshold of Misoczky is a computational threshold for verification:
(“At operation 930 it is determined whether the message representative satisfies a target threshold” Misoczki ¶ 72. See Misoczki ¶ 74: “In some examples the target threshold T may be set to allocate a minimum of 60% of the computational cost to the signature generation process, such that a maximum of 40% of the computational cost is allocated to the signature verification process.”)
Although Applicant terms it “verification time” it is actually a computational complexity for verification, as described in Misoczki. In Misoczki, there is a tradeoff between signature computational cost and verification computational cost, Misoczki ¶ 74. Misoczki discloses the determination of an appropriate (threshold) for verification cost, as claimed.
While Misoczki does generate a signature after checking the computation cost See Misoczki Fig. 9), it is obvious that the signature could be performed first. See modification provided below.
For at least the above reasons, Applicant’s remarks are not persuasive.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1, 2, 4-9, and 11-14 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The claim(s) recite(s) a mathematical algorithm, see MPEP 2106.04(a)(2).A. Hashing and other mathematical signature methods on input data are mathematical algorithms. This judicial exception is not integrated into a practical application because no application is required. Furthermore, the recitation of a “processor” is a mere instruction to apply the abstract idea and does not integrate the abstract idea into a practical application, see MPEP 2106.05(f). The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the further recitation of a ‘processor’ is merely a statement to “apply it” and does not constitute “significantly more” than the abstract idea itself, see MPEP 2106.05.A.
Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.
The following is a quotation of the first paragraph of pre-AIA 35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.
Claims 1, 2, 4-9, and 11-14 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA 35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention.
Claims 1 and 8 require: “
generating, by the processor, a hash value according to a hash-based post-quantum cryptography (PQC) and the signing data bound to the first random nonce;
signing, by the processor, the hash value according to a private key to generate the first signature:
deriving, by the processor, a first verification time corresponding to the first signature”
Applicant’s specification does not appear to define a mechanism by which a nonce and PQC algorithm might be signed to determine a verification time. More specifically, the claim is not limited to any particular PQC algorithm or way of actually applying a ‘nonce’ to a PQC algorithm or a method for determining a verification time.
2163.II.A.3.(a).ii: “original claims … The written description requirement for a claimed genus may be satisfied through sufficient description of a representative number of species by actual reduction to practice (see i)(A) above).”
In Applicant’s specification there is no description with regard to how the nonce is applied and the ‘verification time’ is calculated yet the scope of almost any PQC algorithm (Applicant’s specification ¶ 28) is asserted. To support a reduction to practice of a generic method applicable to all PQC algorithms, some representative description of its application to elements that are common to all PQC algorithms appears necessary.
Claims 2-7 and 9-14 are rejected due to their dependency on claims 1 and 8.
In more detail, Misoczki discloses how to calculate a computational cost of signing/verification in the XMSS signature scheme. (See Misoczki ¶¶ 61-62 discussing calculations. And Misoczki ¶¶ 57-69 generally.)
Conversely, Applicant claims not only XMSS, but any unlisted PQC algorithm: “the hash-based PQC algorithm may comprise extended Merkle signature scheme (XMSS), Leighton-Micali signature (LMS) or SPHINCS+, but the invention should not be limited thereto.” Applicant’s specification ¶ 28.
Applicant’s specification opines that cost may be determined by: “the verification apparatus 100 may derive the verification time corresponding to the signature. That is, the verification apparatus 100 may know how many times of hush function needs to be performed for the verification corresponding to the signature.” Applicant’s specification ¶ 26.
Unlike Misoczki, the present Application provides no discussion on determining the “how many times of hush function needs to be performed” in not only XMSS but any PQC algorithm more generally, including at least XMSS, LMS, and SPHINCS+ (claim 7).
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(d):
(d) REFERENCE IN DEPENDENT FORMS.—Subject to subsection (e), a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.
The following is a quotation of pre-AIA 35 U.S.C. 112, fourth paragraph:
Subject to the following paragraph [i.e., the fifth paragraph of pre-AIA 35 U.S.C. 112], a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.
Claims 2 and 9 are rejected under 35 U.S.C. 112(d) or pre-AIA 35 U.S.C. 112, 4th paragraph, as being of improper dependent form for failing to further limit the subject matter of the claim upon which it depends, or for failing to include all the limitations of the claim upon which it depends.
Claims 2 and 9 require “in response to the first verification time not meeting the QoS condition”; whereas claims 1 and 8 require “adopt … in response to the first verification time meeting the QoS.” Thus, claims 2 and 9 require non-performance of, and change the scope of, independent claims 1 and 8. Applicant may cancel the claim(s), amend the claim(s) to place the claim(s) in proper dependent form, rewrite the claim(s) in independent form, or present a sufficient showing that the dependent claim(s) complies with the statutory requirements.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1, 2, 4-9, and 11-14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Misoczki et al., US 2019/0319800.
As to claims 1 and 8, Misoczki discloses a method/machine comprising:
generating, by a processor of an apparatus, a first random nonce; (“Techniques described herein change the manner in which the parameter r is produced by introducing a random nonce of 8-bytes in the first 8 bytes of the padding buffer.” Misoczki ¶ 67)
binding, by the processor, the first random nonce to signing data; (“at operation 925 the message representative M′ is generated using the parameter r determined at operation 920, and as described above in Table 2.” Misoczki ¶ 71. See table 2.)
whether the message representative satisfies a target threshold” Misoczki ¶ 72. See Misoczki ¶ 74)
generating, by the processor, a hash value according to a hash-based post-quantum cryptography (PQC) (WOTS/XMSS, see Misoczki ¶ 52) and the signing data bound to the first random nonce; and (“signature may be generated at operation 935. For example, the candidate nonce may be selected and the transmitted signature generated based, at least in part, on the message representative determined based, at least in part, on the value of the parameter r determined from the selected nonce.” Misoczki ¶ 72)
signing, by the processor, the hash value according to a private key to generate the first signature (“the XMSS signature algorithm is a hash-based signature scheme that uses the WOTS one-time signature algorithm as a building-block. The most computationally expensive step in XMSS signature verification is the WOTS signature verification. The WOTS algorithm utilizes a private key composed by L=67 chunks of 32 bytes each. The WOTS public key is generated by applying the WOTS hash chain exactly N=15 times over each of the L private key chunks.” Misoczki ¶ 61).
Deriving, by the processor, a first verification time corresponding to the first signature; (“At operation 930 it is determined whether the message representative satisfies a target threshold” Misoczki ¶ 72. See Misoczki ¶ 74: “In some examples the target threshold T may be set to allocate a minimum of 60% of the computational cost to the signature generation process, such that a maximum of 40% of the computational cost is allocated to the signature verification process.” See Misoczki ¶¶ 61-62 discussing calculations.)
determining, by the processor, whether the first verification time meets a quality of service (QoS) condition; and (“At operation 930 it is determined whether the message representative satisfies a target threshold” Misoczki ¶ 72. See Misoczki ¶ 74)
adopting, by the processor, the first signature for a verification process in response to the first verification time meeting the QoS condition. (Misoczki Figure 9, steps 935, 940, 945, and associated disclosure)
Misoczki does not disclose that a signature is generated before determining if the threshold is met, as claimed: “calculating, by the processor, a first signature… to obtain a first verification time;”
However, reordering the steps to perform the signature prior to testing the threshold would have been an obvious modification as it does not change the principle of operation of the device and the sequence would require its performance later; see MPEP 2144.03(IV and VI). A person of ordinary skill in the art before the effective filing date of the claimed invention would have modified Misoczki by reordering the steps to fully perform the signature in the message generation step of 925, thereby completing the message generation step while the data is held in memory and determining other output characteristics based on the input variables such as signature length.
As to claims 2 and 9, Misoczki discloses a method/machine of claims 1 and 8 and further discloses:
Wherein in response to the first verification time not meeting the QoS condition, the method further comprises: generating, by the processor, a second random nonce
binding, by the processor, the second random nonce to the signing data; (“at operation 925 the message representative M′ is generated using the parameter r determined at operation 920, and as described above in Table 2.” Misoczki ¶ 71. See table 2.)
calculating, by the processor, a second signature according to the hash-based PQC algorithm (WOTS/XMSS, see Misoczki ¶ 52) and the signing data bound to the second random nonce (“signature may be generated at operation 935. For example, the candidate nonce may be selected and the transmitted signature generated based, at least in part, on the message representative determined based, at least in part, on the value of the parameter r determined from the selected nonce.” Misoczki ¶ 72) to obtain a second verification time; (“At operation 930 it is determined whether the message representative satisfies a target threshold” Misoczki ¶ 72. See Misoczki ¶ 74)
determining, by the processor, whether the second verification time meets the QoS condition; and (“At operation 930 it is determined whether the message representative satisfies a target threshold” Misoczki ¶ 72. See Misoczki ¶ 74)
adopting, by the processor, the second signature for the verification process in response to the second verification time meeting the QoS condition. (Misoczki Figure 9, steps 935, 940, 945, and associated disclosure).
As to claims 4 and 11, Misoczki discloses a method/machine of claims 1 and 8 and further discloses:
wherein the QoS condition comprises a target time range. (“The threshold, T, may be selected based, at least in part, on balancing a respective number of hash-based signature operations, i.e., hash function operations and/or chain function operations, between a signer device and a verifier device and based, at least in part, on a latency associated with generating and identifying an appropriate nonce configured to achieve the threshold, T, for a given message, M. In some examples the target threshold T may be set to allocate a minimum of 60% of the computational cost to the signature generation process, such that a maximum of 40% of the computational cost is allocated to the signature verification process.” Misoczki ¶ 74)
As to claims 5 and 12, Misoczki discloses a method/machine of claims 4 and 11 and further discloses:
determining, by the processor, that the first verification time meets the QoS condition in response to the first verification time being within the target time range; or determining, by the processor, that the first verification time does not meet the QoS condition in response to the first verification time being over or less than the target time range. (“The threshold, T, may be selected based, at least in part, on balancing a respective number of hash-based signature operations, i.e., hash function operations and/or chain function operations, between a signer device and a verifier device and based, at least in part, on a latency associated with generating and identifying an appropriate nonce configured to achieve the threshold, T, for a given message, M. In some examples the target threshold T may be set to allocate a minimum of 60% of the computational cost to the signature generation process, such that a maximum of 40% of the computational cost is allocated to the signature verification process.” Misoczki ¶ 74).
As to claims 6 and 13, Misoczki discloses a method/machine of claims 4 and 11 and further discloses:
wherein the target time range is over a normal distribution or less than the normal distribution, and wherein the normal distribution means that a normal verification time range for the signing data in a verification process. (note Applicant’s specification ¶ 29, last sentence) (“The threshold, T, may be selected based, at least in part, on balancing a respective number of hash-based signature operations, i.e., hash function operations and/or chain function operations, between a signer device and a verifier device and based, at least in part, on a latency associated with generating and identifying an appropriate nonce configured to achieve the threshold, T, for a given message, M. In some examples the target threshold T may be set to allocate a minimum of 60% of the computational cost to the signature generation process, such that a maximum of 40% of the computational cost is allocated to the signature verification process.” Misoczki ¶ 74).
As to claims 7 and 14, Misoczki discloses a method/machine of claims 4 and 11 and further discloses:
wherein the hash-based PQC algorithm comprises an extended Merkle signature scheme (XMSS), a Leighton-Micali signature (LMS) or a SPHINCS+. (“As aforesaid, hash-based cryptography is based on cryptographic systems like Winternitz schemes, Lamport signatures, Merkle Signatures, extended Merkle signature scheme (XMSS), and SPHINCs scheme, etc.” Misoczki ¶ 30. “The Leighton/Micali signature (LMS) scheme” Misoczki ¶ 21).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See PTO-892, particularly:
Suresh et al., US 2019/0319797, discloses costs associated with LMS signature generation and verification.
Ghosh et al., US 2022/0131708, discloses costs associated with LMS signature generation and verification.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL W CHAO whose telephone number is (571)272-5165. The examiner can normally be reached M, W-F 8-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Rupal Dharia can be reached at (571) 272-3880. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MICHAEL W CHAO/ Primary Examiner, Art Unit 2492
Prosecution Insights