DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant's arguments filed have been fully considered but they are not persuasive. The applicant argues that the prior art on record does not teach/suggest all of the limitations of the independent claim(s). Specifically, the applicant argues that nix does not decrypt a resumption message to obtain a resumption secret. The applicant understands Nix to as a database lookup approach, which is fundamentally different from decrypting a message to obtain a secret. Additionally, the applicant argues that the prior art does not disclose wherein the resumption secret is based on at least a portion of a shared secret that was obtained using a post-quantum cipher. The applicant mentions that Nix’s inclusion of a PSK-ID is an identifier that corresponds to or identifies the PSK, but is not based on at least portion of the shared secret. The applicant also argues that a hash corresponds to the PSK in Nix, but does not contain a portion of it; the PSK-ID is generated by a hashing mechanism, not by the post-quantum cipher itself, therefore the resumption secret is not based on a portion of a shared secret obtained using post quantum cipher.
However, the Examiner respectfully disagrees. As currently presented, the claim language mentions “decrypting, by the first computing system, the resumption message to obtain a resumption secret”. The claim does not definitively mention that the resumption secret must be directly embedded within the encrypted payload of the message; the decryption alone mush produce the resumption secret; there cannot be any intermediary steps (lookup) between decryption and obtaining the secret; and that the secret must be the plaintext output of the decryption. Nix does perform decryption in the session resumption process. The applicant’s fails to mention that in Nix, the PSK-ID is encrypted with the symmetric ciphering key. A sent resumption message includes the PSK-ID and a MAC value. Server must process, and decrypt this message to extract the PSK-ID, which enables obtaining the PSK (resumption secret). Additionally, the hash function uses the PSK input and provides PSK-ID as output. This output is based on the PSK (including a portion of it ). As currently presented, the claim language does not explicitly or definitively mention contains a portion of or includes a copy of a portion of the shared secret. Rather, it mentions “based on” a portion of the shared secret, which as mentioned above is disclosed in Nix. Additionally, as currently mentioned, the claim language does not explicitly mention that the resumption secret must be generated by the post quantum cipher. The claim language mentions that the resumption secret is based on at least a portion of a shared secret that was obtained using a post quantum cipher. The shared secret disclosed in Nix was obtained using post quantum cipher (KEM), and the resumption secret (PSK-ID) is based on that shared secret.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-2, 11, & 17-18 are rejected under 35 U.S.C 103 as being unpatentable over Nix (US 2023/0308424), hereon referred to as Nix.
In regards to claims 1, 11 & 17, Nix discloses receiving, by a first computing system, a resumption message from a second computing system (To securely resume a first session between device and a network. Device can generate a message for server, where the message could comprise a second "Client Hello 2" message..... the message from device to server can comprise the identity of the PSK, which is PSK-IO 231-1 stored, the device extensions selected, the second random number random, and the tag value. The message can also include the fifth symmetric ciphertext symm. The inclusion of the tag value increases security compared to conventional technology, since server can verify the tag value before deciding how to respond to the message... Server can receive the message as second "Client Hello" in order to conduct a resumed session; Paragraphs 0206; 0215-0220; Figs.1-3); decrypting, by the first computing system, the resumption message to obtain a resumption secret, wherein the resumption secret is based on at least a portion of a shared secret that was obtained using a post-quantum cipher during a prior handshake sequence between the first computing system and the second computing system (where device and server support zero round trip time resumption (0-RTT), server can decrypt the fifth symmetric ciphertext symm-C5 . For these embodiments, server can use the third symmetric ciphering key S3 252b generated by server to decrypt the fifth symmetric ciphertext symm-C5 from message into a plaintext value for device application data.... server can use the received PSK-IO 231-1 from the message to securely query the network database for the corresponding PSK... the fifth symmetric ciphertext symm-C5 can include a second device ephemeral public key ePK-2.device and associated KEM parameters for the second device ephemeral public key. An updated or new device ephemeral public key ePK-2.device in a system may be preferred for forward secrecy, such that a third shared secret key could be generated using the second device ephemeral public key ePK-2.device; The PSK would be considered "pre-shared" before a second "Client Hello 2" message in (i) a secure session resumption or (ii) a secure session resumption; Paragraphs 0187; 0215-0225; Figs.1-3); encrypting, by the first computing system, one or more messages using a session key based on the resumption secret (Server could process the "Client Finished" message and then both device and server could transmit and receive in messages encrypted and authenticated application data. The encrypted and authenticated application data can be generated using at least the PSK; Paragraphs 0235; 0275; Figs.1-3); and sending, by the first computing system, the encrypted one or more messages to the second computing system (Server could process the "Client Finished" message and then both device and server could transmit and receive in messages encrypted and authenticated application data. The encrypted and authenticated application data can be generated using at least the PSK; Paragraphs 0235; 0275 Figs. 1-3).
Any interpretations of differences between the claim(s) and the prior art are only minor in nature, design elements and could not establish novelty or an inventive step. It would be obvious to an ordinary skill in the art, that before the filing date of the invention, any minor differences of the claim are still functionally addressed in the prior art, which discloses the same object matter and same type of solution as the instant application, as currently presented.
In regards to claims 2 & 18, Nix discloses wherein encrypting, by the first computing system, the one or more messages based on the resumption secret comprises: obtaining, by the first computing system, a primary secret from the resumption secret; and encrypting, by the first computing system, the one or more messages using a session key obtained using the primary secret ( a first secure session established using the messages “Client Hello 1” 202 through “Server Finished 1” 233 could be used to establish a PSK shared between device 101 and server 111, where the PSK can be used to secure resumption or continuation of the first secure session; exemplary steps for the nodes and exemplary message flows between the nodes after a first session; device 101 could read the identity of a “pre-shared” secret key PSK-ID 231-1 stored in memory 101m of device 101 during the first session; Paragraphs 0187; 0204-2012).
Claims 3-5, 9-10, 12-13 & 19-20 are rejected under 35 U.S.C 103 as being unpatentable over Nix, in view of MIROSLAV MITEV ET AL: "Multi-factor Physical Layer Security Authentication in Short Blocklength Communication", ARXIV.ORG, CORNELL UNIVERSITY LIBRARY, 201 OLIN LIBRARY CORNELL UNIVERSITY ITHACA, NY 14853, 24 February 2021 (2021-02-24), and hereon referred to as Mitev [Provided by Examiner].
In regards to claims 3 & 19, Nix does not disclose wherein obtaining, by the first computing system, the primary secret comprises: hashing, by the first computing system, the resumption secret; and extracting, by the first computing system, a portion of the hashed output as the primary secret. However, in an analogous art Mitev discloses wherein obtaining, by the first computing system, the primary secret comprises: hashing, by the first computing system, the resumption secret; and extracting, by the first computing system, a portion of the hashed output as the primary secret (During the process of connecting the node with the server, the resumption protocol includes hashing, extracting elements as part of the primary secret; Pg.7-11 Fig.9-11).
At the time before the effective filing date of the invention, it would have been obvious to the one with ordinary skill in the art to combine the teachings disclosed by Nix, with the teachings disclosed by Mitev regarding hashing, by the first computing system, the resumption secret; and extracting, by the first computing system, a portion of the hashed output as the primary secret. The suggestion/motivation of the combination would have been to provide lightweight, security primitives and protocols for device authentication; (Mitev; Pg.1).
In regards to claims 4 & 12, Mitev discloses wherein the shared secret was obtained by hashing a first value together with a second value, wherein the first value was obtained using the post-quantum cipher (During the process of connecting the node with the server, the shared secret includes hashing post-quantum values; Pg.7-11 Fig.9-11).
In regards to claims 5 & 13, Mitev discloses wherein the second value was not obtained using the post-quantum cipher (During the process of connecting the node with the server, the shared secret includes hashing post-quantum values; Pg.7-11 Fig.9-11).
In regards to claims 9 & 20, the combination of Nix and Mitev discloses wherein the prior handshake sequence comprises: receiving, by the first computing system and from the second computing system, a public key obtained using a post-quantum cipher; generating, by the first computing system and based on the public key, the shared secret and a keyshare; sending, by the first computing system, the keyshare to the second computing system; and receiving, by the first computing system and from the second computing system, one or more messages encrypted by the second computing system using the shared secret, wherein the second computing system obtained the shared secret using the keyshare and a private key corresponding to the public key (The elements presented in the claim(s) do not contain any additional features, do not present any inventive step or novelty not addressed/presented in the combination of Nix and Mitev discloses. Examiner takes official notice, that these elements are commonly known, minor design details that are derivable from the prior art and are well known, and obvious to an ordinary skill in the art. The additional features of these claims represent normal design options, which the skilled person would implement the combination of Nix and Mitev discloses, depending on the circumstances, without exercising any inventive activity).
In regards to claim 10, the combination of Nix and Mitev discloses wherein the first computing system does not receive the public key from the second computing system again when resuming the communication session (The elements presented in the claim(s) do not contain any additional features, do not present any inventive step or novelty not addressed/presented in the combination of Nix and Mitev discloses. Examiner takes official notice, that these elements are commonly known, minor design details that are derivable from the prior art and are well known, and obvious to an ordinary skill in the art. The additional features of these claims represent normal design options, which the skilled person would implement the combination of Nix and Mitev discloses, depending on the circumstances, without exercising any inventive activity).
Allowable Subject Matter
Claims 6-8 and 14-16 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Conclusion
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHARIF E ULLAH whose telephone number is (571)272-5453. The examiner can normally be reached Mon-Fri 7:00-5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached at 571-272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SHARIF E ULLAH/Primary Examiner, Art Unit 2495