Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This office action is in response to the communication filed on 7/28/2025.
Response to Arguments
Applicant’s arguments have been considered but are moot because the new ground of rejection necessitated by the amendments.
Regarding claim 21, the amendments to claim 21 do not incorporate all of the limitations of claim 1 (e.g. does not include that the controller comprises encryption circuitry which comprises the engines). As such the rejection of claim 21 has been maintained.
All objections and rejections not set forth below have been withdrawn.
Claims 1-10, 12-16, 18-23 have been examined.
Information Disclosure Statement
The information disclosure statements (IDS) submitted on 7/28/2025 and 9/3/2025 are in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statements are being considered by the examiner.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.
Claim 21 is rejected under 35 U.S.C. 102(a)(1)as being anticipated by Jung et al. (US Patent Application Publication Number 2022/0014351) hereinafter referred to as Jung.
Regarding claim 21, Jung disclosed a method of managing data security in a storage device, the method comprising:
determining, among a plurality of security levels, which security level data in the storage device is associated with (Jung Fig. 4 and Paragraphs 0058-0059 for example); and
encrypting the data with a corresponding cryptographic algorithm of a plurality of cryptographic algorithms based on the security level associated with the data by a controller of the storage device (Jung Fig. 4 and Paragraphs 0058-0059 for example),
wherein the plurality of cryptographic algorithms comprises at least two different types of cryptographic algorithms that have different cryptographic strengths (Jung Fig. 4 and Paragraphs 0058-0059 for example), and
wherein each of the plurality of security level is associated with a respective one of the plurality of cryptographic algorithms, a higher security level corresponding to a cryptographic algorithm with a higher cryptographic strength (Jung Fig. 4 and Paragraphs 0058-0059 for example),
wherein encrypting the data with the corresponding cryptographic algorithm of the plurality of cryptographic algorithms based on the security level associated with the data comprises at least one of:
encrypting first data with a first type of cryptographic algorithm, or
encrypting second data with a second type of cryptographic algorithm,
wherein the first data is associated with a first security level, and the second data is associated with a second security level that is higher than the first security level, and wherein the second type of cryptographic algorithm has a greater encryption strength than the first type of cryptographic algorithm (Jung Fig. 4 and Paragraphs 0058-0059 for example).
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1, 2, 6, 8-10, 12, 13, 18, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Jung et al. (US Patent Application Publication Number 2022/0014351) hereinafter referred to as Jung, and further in view of Cox et al. (US Patent Application Publication Number 2007/0088959) hereinafter referred to as Cox.
Regarding claim 1, Jung disclosed a storage device (Jung Fig. 4 for example) comprising:
at least one memory device (Jung Fig. 4 for example); and
a controller coupled to the at least one memory device (Jung Fig. 4 for example),
wherein the controller comprises an encryption process including
a first encryption engine configured to encrypt first data with a first type of cryptographic algorithm (Jung Fig. 4 and Paragraphs 0058-0059 for example), and
a second encryption engine configured to encrypt second data with a second type of cryptographic algorithm (Jung Fig. 4 and Paragraphs 0058-0059 for example),
wherein the first data is associated with a first security level, and the second data is associated with a second security level that is higher than the first security level, and wherein the second type of cryptographic algorithm has a greater encryption strength than the first type of cryptographic algorithm (Jung Fig. 4 and Paragraphs 0058-0059 for example).
Jung did not explicitly teach that the encryption process was performed by encryption circuitry.
Cox taught a chipset security offload engine including a security engine preferably implemented at least in part with dedicated tamper-resistant encryption hardware, which provides benefits in terms of improved security compared to operating algorithms in software (Cox Paragraph 0024). Cox further taught that each supported encryption algorithm may include dedicated tamper resistant cryptographic hardware modules for executing the algorithm (Cox Paragraph 0033).
It would have been obvious to the person having ordinary skill in the art before the effective filing date of the invention to have employed the teachings of Cox in the encryption system of Jung by implementing each encryption algorithm in its own dedicated hardware module. This would have been obvious because the person having ordinary skill in the art would have been motivated to improve security relative to software implementations as well as to protect the encryption system against tampering.
Regarding claim 2, Jung and Cox taught a first ratio between the encrypted first data and the first data is smaller than a second ratio between the encrypted second data and the second data (Jung Fig. 4 and Paragraphs 0058-0059 for example).
Regarding claim 6, Jung and Cox taught that the controller is configured to store at least one of the encrypted first data or the encrypted second data in the at least one memory device (Jung Fig. 4 and Paragraphs 0058-0059 for example).
Regarding claim 8, Jung and Cox taught that the controller is configured to control an operation for the encrypted second data in the at least one memory device (Jung Fig. 4 and Paragraphs 0058-0059 and 0069 for example).
Regarding claim 9, Jung and Cox taught that the operation for the encrypted second data comprises at least one of: a computation between a first portion of the encrypted second data and a second portion of the encrypted second data, or a computation between the encrypted second data and another data encrypted using the second type of cryptographic algorithm (Jung Fig. 4 and Paragraphs 0031, 0058-0059 and 0074 for example).
Regarding claim 10, Jung and Cox taught that the controller is configured to transmit at least one of the encrypted first data or the encrypted second data to an external device (Jung Fig. 4 and Paragraphs 0058-0059 and 0074 for example).
Regarding claim 12, Jung and Cox taught that the controller is configured to determine which security level data is associated with and encrypt the data based on the determined security level associated with the data (Jung Fig. 4 and Paragraphs 0058-0059 and 0074 for example).
Regarding claim 13, Jung and Cox taught that the controller is configured to: encrypt the first data using the first type of cryptographic algorithm in response to determining that the first data is associated with the first security level, and encrypt the second data using the second type of cryptographic algorithm in response to determining that the second data is associated with the second security level (Jung Fig. 4 and Paragraphs 0058-0059 for example).
Regarding claim 18, Jung disclosed a storage device comprising:
at least one memory device (Jung Fig. 4 and Paragraphs 0058-0059 for example); and
a controller coupled to the at least one memory device (Jung Fig. 4 and Paragraphs 0058-0059 for example) and configured to:
determine, among a plurality of security levels, which security level data is associated with (Jung Fig. 4 and Paragraphs 0058-0059 for example); and
encrypt the data with a corresponding cryptographic algorithm of a plurality of cryptographic algorithms based on the security level associated with the data (Jung Fig. 4 and Paragraphs 0058-0059 for example),
wherein the plurality of cryptographic algorithms comprise at least two different types of cryptographic algorithms that have different cryptographic strengths (Jung Fig. 4 and Paragraphs 0058-0059 for example), and
wherein each of the plurality of security level is associated with a respective one of the plurality of cryptographic algorithms, a higher security level corresponding to a cryptographic algorithm with a higher cryptographic strength (Jung Fig. 4 and Paragraphs 0058-0059 for example),
wherein the controller comprises an encryption process that includes at least a first encryption engine configured to encrypt first data with a first type of cryptographic algorithm, and a second encryption engine configured to encrypt second data with a second type of encryption algorithm, wherein the first data is associated with a first security level, and the second data is associated with a second security level that is higher than the first security level, and wherein the second type of cryptographic algorithm has a greater encryption strength than the first cryptographic algorithm (Jung Fig. 4 and Paragraphs 0058-0059 for example).
Jung did not explicitly teach that the encryption process was performed by encryption circuitry.
Cox taught a chipset security offload engine including a security engine preferably implemented at least in part with dedicated tamper-resistant encryption hardware, which provides benefits in terms of improved security compared to operating algorithms in software (Cox Paragraph 0024). Cox further taught that each supported encryption algorithm may include dedicated tamper resistant cryptographic hardware modules for executing the algorithm (Cox Paragraph 0033).
It would have been obvious to the person having ordinary skill in the art before the effective filing date of the invention to have employed the teachings of Cox in the encryption system of Jung by implementing each encryption algorithm in its own dedicated hardware module. This would have been obvious because the person having ordinary skill in the art would have been motivated to improve security relative to software implementations as well as to protect the encryption system against tampering.
Regarding claim 19, Jung and Cox taught that the controller is configured to perform at least one of: storing the encrypted data in the at least one memory device, transmitting the encrypted data to a host device, conducting computation on the encrypted data to generate an encrypted result, or transmitting the encrypted result to the host device (Jung Fig. 4 and Paragraphs 0058-0059 for example).
Claims 3-4 are rejected under 35 U.S.C. 103 as being unpatentable over Jung and Cox, and further in view of Liao et al. (US Patent Application Publication Number 2022/0385447) hereinafter referred to as Liao.
Regarding claim 3, while Jung and Cox taught that wherein the first type of cryptographic algorithm comprises an Advanced Encryption Standard (AES) algorithm (Jung Fig. 4 and Paragraphs 0058-0059 for example), but did not explicitly teach that the second type of cryptographic algorithm (the FHE) comprises a post-quantum cryptography (PQC) algorithm.
Liao taught a lattice based encryption system for post-quantum cryptography which is fully homomorphic encryption (Liao entire document - note the description of the system in Paragraphs 0002-0003).
It would have been obvious to the person having ordinary skill in the art to have employed the teachings of Liao in the fully homomorphic encryption of Jung and Cox by utilizing the FHE of Liao for performing the FHE. This would have been obvious because the person having ordinary skill in the art would have been motivated to ensure that the FHE was post-quantum allowing efficient computation on ciphertext without compromising the security of a single bit of data.
Regarding claim 4, Jung, Cox and Liao taught that the second type of cryptographic algorithm comprises a post-quantum cryptography (PQC) algorithm with fully homomorphic encryption (FHE) (Liao entire document - note the description of the system in Paragraphs 0002-0003).
It would have been obvious to the person having ordinary skill in the art to have employed the teachings of Liao in the fully homomorphic encryption of Jung and Cox by utilizing the FHE of Liao for performing the FHE. This would have been obvious because the person having ordinary skill in the art would have been motivated to ensure that the FHE was post-quantum allowing efficient computation on ciphertext without compromising the security of a single bit of data.
Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Jung and Cox, and further in view of "Guidelines on cryptographic algorithms usage and key management" hereinafter referred to as PSSG.
Regarding claim 5, while Jung and Cox taught a plurality of security levels, Jung did not explicitly teach the controller is configured to encrypt third data with the first type of cryptographic algorithm, and the third data is associated with a third security level that is smaller than the first security level, and wherein the controller is configured to encrypt the first data with a first key and encrypt the third data with a second key, and a size of the second key is smaller than a size of the first key.
PSSG taught that security levels can be implemented by varying key sizes and that higher key sizes give a higher security level than do smaller key sizes (See PSSG Section 3.1.4).
It would have been obvious to the person having ordinary skill in the art to have employed the teachings of PSSG in the data security system of Jung and Cox by implementing various levels of security via encryption with different key sizes (AES 128 vs AES 192 vs AES 256 for example). This would have been obvious because the person having ordinary skill in the art would have been motivated to provide various levels of security for the data as needed.
Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over Jung and Cox, and further in view of Mullen et al. (US Patent Application Publication Number 2002/0131599) hereinafter referred to as Mullen.
Regarding claim 7, Jung and Cox did not explicitly disclose that a size of the first data is greater than a size of the second data. However, the first data is either greater than, smaller than, or equal in size to the second data, and as such all three would have been obvious.
Further, Mullen taught that when encrypting data, to conserve resources simpler less secure encryption can be performed for the majority of the data while stronger encryption can be performed on only the small limited amounts of particularly sensitive data (Mullen Paragraphs 0010-0011 for example).
It would have been obvious to the person having ordinary skill in the art before the effective filing date of the invention to have employed the teachings of Mullen in the encryption system of Jung and Cox by limiting the expensive higher security encryption to only small amounts of particularly sensitive data. This would have been obvious because the person having ordinary skill in the art would have been motivated to limit the resources used to secure the data.
Claims 14, 15, 16, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Jung and Cox, and further in view of Smith et al. (US Patent Application Publication Number 2016/02488096) hereinafter referred to as Smith.
Regarding claim 14, while Jung and Cox disclosed determining security levels of the data to be stored, Jung did not disclose doing so based on a security label for the data, the security label for the data corresponding to the security level associated with the data.
Smith taught, in a data security environment, data can be tagged with its respective security level and that the tags can then be used to determine security level for processing the data (Smith Paragraphs 0033, 0041, 0051 for example).
It would have been obvious to the person having ordinary skill in the art before the effective filing date of the invention to have employed the teachings of Smith in the data security system of Jung and Cox by tagging the data with its appropriate security level and then utilizing the tag to determine the security level for processing the data. This would have been obvious because the person having ordinary skill in the art would have been motivated to ensure proper security levels are being applied to the data.
Regarding claim 15, Jung, Cox and Smith taught that the controller is configured to determine the security label for the data by receiving the security label for the data from a host device (Smith Paragraphs 0033, 0041, 0051 for example).
It would have been obvious to the person having ordinary skill in the art before the effective filing date of the invention to have employed the teachings of Smith in the data security system of Jung and Cox by tagging the data with its appropriate security level and then utilizing the tag to determine the security level for processing the data. This would have been obvious because the person having ordinary skill in the art would have been motivated to ensure proper security levels are being applied to the data.
Regarding claim 16, Jung, Cox and Smith taught that the controller is configured to determine the security label for the data based on one or more characteristics of the data (Smith Paragraphs 0033, 0041, 0051 for example).
It would have been obvious to the person having ordinary skill in the art before the effective filing date of the invention to have employed the teachings of Smith in the data security system of Jung and Cox by tagging the data with its appropriate security level and then utilizing the tag to determine the security level for processing the data. This would have been obvious because the person having ordinary skill in the art would have been motivated to ensure proper security levels are being applied to the data.
Regarding claim 20, Jung, Cox and Smith taught that the controller is configured to determine which security level the data is associated with based on a security label for the data, the security label for the data corresponding to the security level associated with the data, and wherein the controller is configured to determine the security label for the data based on at least one of: receiving the security label for the data from a host device, or determining the security label for the data based on one or more characteristics of the data(Smith Paragraphs 0033, 0041, 0051 for example).
It would have been obvious to the person having ordinary skill in the art before the effective filing date of the invention to have employed the teachings of Smith in the data security system of Jung and Cox by tagging the data with its appropriate security level and then utilizing the tag to determine the security level for processing the data. This would have been obvious because the person having ordinary skill in the art would have been motivated to ensure proper security levels are being applied to the data.
Claims 22-23 are rejected under 35 U.S.C. 103 as being unpatentable over Jung and Cox, and further in view of Wang et al. (US Patent Application publication Number 2022/0318090) hereinafter referred to as Wang.
Regarding claim 22, Jung and Cox did not disclose that the controller comprises an Error Correction Code (ECC) circuitry including one or more first ECC decodes and one or more second ECC decoders, and
wherein a second ECC decoder of the one or more second ECC decoders has a greater decoding capability than a first ECC decoder of the one or more first ECC decoders.
Wang taught a memory controller including ECC circuits and specifically that the controller comprises an Error Correction Code (ECC) circuitry including one or more first ECC decodes and one or more second ECC decoders, and
wherein a second ECC decoder of the one or more second ECC decoders has a greater decoding capability than a first ECC decoder of the one or more first ECC decoders (Wang Paragraph 0101 for example).
It would have been obvious to the person having ordinary skill in the art before the effective filing date of the invention to have employed the teachings of Wang in the data storage system of Jung and Cox by implementing ECC as taught by Wang in the storage controller. This would have been obvious because the person having ordinary skill in the art would have been motivated to allow the system to detect and correct errors in the stored data. Furthermore, it would have been obvious to the person having ordinary skill in the art before the effective filing date of the invention to have employed the teachings of Wang in the system of Jung and Cox by having different ECC circuits with different ECC strength. This would have been obvious because the person having ordinary skill in the art would have been motivated to balance the ECC abilities with cost by utilizing the low cost weaker ECC and in the event of the weaker ECC failing then attempting the higher cost stronger ECC.
Regarding claim 23, Jung, Cox, and Wang taught that the one or more first ECC decoders comprises one or more bit-flipping-based lite LDPC decoders, and the one or more second ECC decoders comprises one or more min-sum (MS) low-density parity-check (LDPC) decoders (Wang Paragraph 0101 for example).
It would have been obvious to the person having ordinary skill in the art before the effective filing date of the invention to have employed the teachings of Wang in the data storage system of Jung and Cox by implementing ECC as taught by Wang in the storage controller. This would have been obvious because the person having ordinary skill in the art would have been motivated to allow the system to detect and correct errors in the stored data. Furthermore, it would have been obvious to the person having ordinary skill in the art before the effective filing date of the invention to have employed the teachings of Wang in the system of Jung and Cox by having different ECC circuits with different ECC strength. This would have been obvious because the person having ordinary skill in the art would have been motivated to balance the ECC abilities with cost by utilizing the low cost weaker ECC and in the event of the weaker ECC failing then attempting the higher cost stronger ECC.
Conclusion
Claims 1-10, 12-16, 18-23 have been rejected.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MATTHEW T HENNING whose telephone number is (571)272-3790. The examiner can normally be reached Monday-Friday 9AM-3PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, William Korzuch can be reached at (571)272-7589. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MATTHEW T HENNING/ Primary Examiner, Art Unit 2491