Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is in response to the claims filed 1/23/2024. Claims 1-14 are pending. Claims 1 (a method) and 8 (a machine).
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 8-14 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because the asserted machine (apparatus) does not require any physical elements and may be interpreted as software per-se. Although the term ‘processor’ is included, the Webster dictionary notes that processors may be software compilers. As claim 8 may be comprised solely of non-physical elements, claim 8 may be none of a process, machine, manufacture, or composition of matter.
Claims 9-14 are rejected due to their dependency on claim 8.
Claims 1-14 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The claim(s) recite(s) a mathematical algorithm, see MPEP 2106.04(a)(2).A. Hashing and other mathematical signature methods on input data are mathematical algorithms. This judicial exception is not integrated into a practical application because no application is required. The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because there are no elements beyond performance of the mathematical algorithm.
Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.
The following is a quotation of the first paragraph of pre-AIA 35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.
Claims 1-14 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA 35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention.
Claims 1 and 8 require: “calculating, by the processor, a first signature according to a hash-based post-quantum cryptography (PQC) algorithm and the signing data bound to the first random nonce to obtain a first verification time;”
Applicant’s specification does not appear to define a mechanism by which a nonce and PQC algorithm might be signed to determine a verification time. More specifically, the claim is not limited to any particular PQC algorithm or way of actually applying a ‘nonce’ to a PQC algorithm or a method for determining a verification time.
2163.II.A.3.(a).ii: “original claims … The written description requirement for a claimed genus may be satisfied through sufficient description of a representative number of species by actual reduction to practice (see i)(A) above).”
In Applicant’s specification there is no description with regard to how the nonce is applied and the ‘verification time’ is calculated yet the scope of almost any PQC algorithm (Applicant’s specification ¶ 28) is asserted. To support a reduction to practice of a generic method applicable to all PQC algorithms, some representative description of its application to elements that are common to all PQC algorithms appears necessary.
Claims 2-7 and 9-14 are rejected due to their dependency on claims 1 and 8.
Claims 6 and 12 require “normal distribution” which implicate Applicant’s ¶ 29, “the normal verification time range for the signing data in the verification process.” Applicant’s specification does not appear to disclose a method for determining the “normal ... time range”.
Multiple input variables and different metrics for ‘normal’ make the calculation non-trivial when no method calculation is undefined.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(d):
(d) REFERENCE IN DEPENDENT FORMS.—Subject to subsection (e), a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.
The following is a quotation of pre-AIA 35 U.S.C. 112, fourth paragraph:
Subject to the following paragraph [i.e., the fifth paragraph of pre-AIA 35 U.S.C. 112], a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.
Claims 2 and 9 rejected under 35 U.S.C. 112(d) or pre-AIA 35 U.S.C. 112, 4th paragraph, as being of improper dependent form for failing to further limit the subject matter of the claim upon which it depends, or for failing to include all the limitations of the claim upon which it depends. Claims 2 and 9 require “in response to the first verification time not meeting the QoS condition”; whereas claims 1 and 8 require “adopt … in response to the first verification time meeting the QoS.” Thus, claims 2 and 9 require non-performance of, and change the scope of, independent claims 1 and 8. Applicant may cancel the claim(s), amend the claim(s) to place the claim(s) in proper dependent form, rewrite the claim(s) in independent form, or present a sufficient showing that the dependent claim(s) complies with the statutory requirements.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Misoczki et al., US 2019/0319800.
As to claims 1 and 8, Misoczki discloses a method/machine comprising:
generating, by a processor of an apparatus, a first random nonce; (“Techniques described herein change the manner in which the parameter r is produced by introducing a random nonce of 8-bytes in the first 8 bytes of the padding buffer.” Misoczki ¶ 67)
binding, by the processor, the first random nonce to signing data; (“at operation 925 the message representative M′ is generated using the parameter r determined at operation 920, and as described above in Table 2.” Misoczki ¶ 71. See table 2.)
calculating, by the processor, a first signature according to a hash-based post-quantum cryptography (PQC) algorithm (WOTS/XMSS, see Misoczki ¶ 52) and the signing data bound to the first random nonce (“signature may be generated at operation 935. For example, the candidate nonce may be selected and the transmitted signature generated based, at least in part, on the message representative determined based, at least in part, on the value of the parameter r determined from the selected nonce.” Misoczki ¶ 72) to obtain a first verification time; (“At operation 930 it is determined whether the message representative satisfies a target threshold” Misoczki ¶ 72. See Misoczki ¶ 74)
determining, by the processor, whether the first verification time meets a quality of service (QoS) condition; and (“At operation 930 it is determined whether the message representative satisfies a target threshold” Misoczki ¶ 72. See Misoczki ¶ 74)
adopting, by the processor, the first signature for a verification process in response to the first verification time meeting the QoS condition. (Misoczki Figure 9, steps 935, 940, 945, and associated disclosure)
Misoczki does not disclose that a signature is generated before determining if the threshold is met, as claimed: “calculating, by the processor, a first signature… to obtain a first verification time;”
However, reordering the steps to perform the signature prior to testing the threshold would have been an obvious modification as it does not change the principle of operation of the device and the sequence would require its performance later; see MPEP 2144.03(IV and VI). A person of ordinary skill in the art before the effective filing date of the claimed invention would have modified Misoczki by reordering the steps to fully perform the signature in the message generation step of 925, thereby completing the message generation step while the data is held in memory and determining other output characteristics based on the input variables such as signature length.
As to claims 2 and 9, Misoczki discloses a method/machine of claims 1 and 8 and further discloses:
generating, by the processor, a second random nonce in response to the first verification time not meeting the QoS condition, wherein the first random nonce is different from the second random nonce; (“At operation 915 a candidate nonce may be generated,” Misoczki ¶ 71. “Techniques described herein change the manner in which the parameter r is produced by introducing a random nonce of 8-bytes in the first 8 bytes of the padding buffer.” Misoczki ¶ 67)
binding, by the processor, the second random nonce to the signing data; (“at operation 925 the message representative M′ is generated using the parameter r determined at operation 920, and as described above in Table 2.” Misoczki ¶ 71. See table 2.)
calculating, by the processor, a second signature according to the hash-based PQC algorithm (WOTS/XMSS, see Misoczki ¶ 52) and the signing data bound to the second random nonce (“signature may be generated at operation 935. For example, the candidate nonce may be selected and the transmitted signature generated based, at least in part, on the message representative determined based, at least in part, on the value of the parameter r determined from the selected nonce.” Misoczki ¶ 72) to obtain a second verification time; (“At operation 930 it is determined whether the message representative satisfies a target threshold” Misoczki ¶ 72. See Misoczki ¶ 74)
determining, by the processor, whether the second verification time meets the QoS condition; and (“At operation 930 it is determined whether the message representative satisfies a target threshold” Misoczki ¶ 72. See Misoczki ¶ 74)
adopting, by the processor, the second signature for the verification process in response to the second verification time meeting the QoS condition. (Misoczki Figure 9, steps 935, 940, 945, and associated disclosure).
As to claims 3 and 10, Misoczki discloses a method/machine of claims 1 and 8 and further discloses:
wherein the calculating of the first signature comprises:
generating, by the processor, a hash value according to the hash-based PQC algorithm (WOTS/XMSS, see Misoczki ¶ 52) and the signing data bound to the first random nonce; and (“signature may be generated at operation 935. For example, the candidate nonce may be selected and the transmitted signature generated based, at least in part, on the message representative determined based, at least in part, on the value of the parameter r determined from the selected nonce.” Misoczki ¶ 72)
signing, by the processor, the hash value according to a private key to generate the first signature. (“the XMSS signature algorithm is a hash-based signature scheme that uses the WOTS one-time signature algorithm as a building-block. The most computationally expensive step in XMSS signature verification is the WOTS signature verification. The WOTS algorithm utilizes a private key composed by L=67 chunks of 32 bytes each. The WOTS public key is generated by applying the WOTS hash chain exactly N=15 times over each of the L private key chunks.” Misoczki ¶ 61).
As to claims 4 and 11, Misoczki discloses a method/machine of claims 1 and 8 and further discloses:
wherein the QoS condition comprises a target time range. (“The threshold, T, may be selected based, at least in part, on balancing a respective number of hash-based signature operations, i.e., hash function operations and/or chain function operations, between a signer device and a verifier device and based, at least in part, on a latency associated with generating and identifying an appropriate nonce configured to achieve the threshold, T, for a given message, M. In some examples the target threshold T may be set to allocate a minimum of 60% of the computational cost to the signature generation process, such that a maximum of 40% of the computational cost is allocated to the signature verification process.” Misoczki ¶ 74)
As to claims 5 and 12, Misoczki discloses a method/machine of claims 4 and 11 and further discloses:
determining, by the processor, that the first verification time meets the QoS condition in response to the first verification time being within the target time range; or determining, by the processor, that the first verification time does not meet the QoS condition in response to the first verification time being over or less than the target time range. (“The threshold, T, may be selected based, at least in part, on balancing a respective number of hash-based signature operations, i.e., hash function operations and/or chain function operations, between a signer device and a verifier device and based, at least in part, on a latency associated with generating and identifying an appropriate nonce configured to achieve the threshold, T, for a given message, M. In some examples the target threshold T may be set to allocate a minimum of 60% of the computational cost to the signature generation process, such that a maximum of 40% of the computational cost is allocated to the signature verification process.” Misoczki ¶ 74).
As to claims 6 and 13, Misoczki discloses a method/machine of claims 4 and 11 and further discloses:
wherein the target time range is over a normal distribution or less than the normal distribution. (note Applicant’s specification ¶ 29, last sentence) (“The threshold, T, may be selected based, at least in part, on balancing a respective number of hash-based signature operations, i.e., hash function operations and/or chain function operations, between a signer device and a verifier device and based, at least in part, on a latency associated with generating and identifying an appropriate nonce configured to achieve the threshold, T, for a given message, M. In some examples the target threshold T may be set to allocate a minimum of 60% of the computational cost to the signature generation process, such that a maximum of 40% of the computational cost is allocated to the signature verification process.” Misoczki ¶ 74).
As to claims 7 and 14, Misoczki discloses a method/machine of claims 4 and 11 and further discloses:
wherein the hash-based PQC algorithm comprises an extended Merkle signature scheme (XMSS), a Leighton-Micali signature (LMS) or a SPHINCS+. (“As aforesaid, hash-based cryptography is based on cryptographic systems like Winternitz schemes, Lamport signatures, Merkle Signatures, extended Merkle signature scheme (XMSS), and SPHINCs scheme, etc.” Misoczki ¶ 30. “The Leighton/Micali signature (LMS) scheme” Misoczki ¶ 21).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See PTO-892, particularly:
Yoon et al., US 2022/0100873, discloses using quantum resistant algorithms to perform a secure boot.
Chalkias, US 2019/0319798, discloses using quantum resistant algorithms in a blockchain.
Perin et al., Tuning the Winternitz hash-based digital signature scheme, discloses tuning quantum resistant algorithms.
Aumasson et al., SPHINCS+, discloses a SPHINCS hash definition.
McGrew et al., RFC 8554 - Leighton-Micali Hash-Based Signatures, discloses the LMHB hash standard.
Huelsing et al., RFC 8391 – XMSS: eXtended Merkle Signature Scheme, discloses XMSS.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL W CHAO whose telephone number is (571)272-5165. The examiner can normally be reached M, W-F 8-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Rupal Dharia can be reached at (571) 272-3880. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MICHAEL W CHAO/Primary Examiner, Art Unit 2492