DETAILED ACTION
This action is in response to the amendment filed on November 14, 2025. Claim 1-3, 5-7, and 11-12 have been amended. Claim 10 has been previously canceled. Claims 1-9 and 11-12 are pending. Of such, Claims 1-9 and 11 represent a system and claim 12 represents a method directed to secure identifier exchange in an optical network.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Objections
The objections to the claims have been withdrawn in view of the amendments to the claims.
Claim Rejections - 35 USC § 112
The rejection to the claims have been withdrawn in view of the amendments to the claims.
Response to Arguments
Applicant’s arguments, see Remarks, filed November 14, 2025, with respect to the rejection(s) of claim(s) 1-9 and 11-12 under 35 USC 102 and 103 have been fully considered and are persuasive. Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made in view of Lou, Zhang, Hu, and ITU.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-4 and 11-12 are rejected under 35 U.S.C. 103 as being unpatentable over Lou et al. (CN 109274489), hereinafter referred to as Lou, in view of Zhang, Jian-ying (CN 106817352), hereinafter referred to as Zhang.
Regarding Claim 1, Luo discloses:
An optical line terminal (OLT), configured to communicate in a point-to-multipoint optical network with at least one optical network units (ONUs) (On Page 2, in the description, Lou discloses “passive optical network is a typical point-to-multipoint structure, optical line terminal (Optical Line Terminal (OLT) and multiple optical network unit (Optical Network Units, ONUs)”); the OLT comprising: at least one memory including computer program code; and at least one processor configured to execute the computer program code to cause the OLT to perform, receiving, from a respective ONU, at least one identifier encrypted according to a preconfigured encryption algorithm and a preconfigured key (On page 6, in the description, Lou discloses “Step 104…generation information mONU = (ONU-ID, OLT-ID, r2, t2, R-ID). wherein the R-ID field includes the ONU-ID register value Registration. Then the information mONU is encrypted.” Further on page 3, in the summary of invention, Lou discloses “registration stage… OLT is optical network unit ONU private key generating part, and the part of private key by the secure channel to the optical network unit ONU” wherein the private key part generation teaches on a preconfigured key); wherein the at least one identifier is characteristic for the respective ONU (On page 3, in the summary of invention, Lou discloses “optical network unit ONU of unique identity identification is composed of two parts: the sequence number SN of the optical network unit ONU and an optical line terminal OLT ONU-ID;”) Decrypting the at least one received identifier according to the preconfigured encryption algorithm and the preconfigured key (On page 7, in the description, Lou discloses “step 105: OLT after receiving the Registration information using partial private key and decrypt the received information”);
However, Lou does not explicitly disclose further deriving a key from a set of pre-configured shared keys.
Zhang discloses:
wherein the OLT and a respective ONU share a set of pre-configured shared keys (On page 7, In the first embodiment, Zhang discloses “the OLT and the ONU can preset a plurality of encryption keys, when the subsequent negotiation, only need to negotiate an encryption key corresponding to the key index.”); and determining at least one shared key from the set of pre-configured shared keys based on the at least one decrypted identifier (On page 3, in the invention contents, Zhang discloses “determining a key index; inquiring the encryption key according to the key index;”).
One in ordinary skill in the art of cryptography would have been motivated, before the effective filing date of the claimed invention to modify Lou’s approach by utilizing Zhang’s approach of deriving a shared key from the shared keys as the motivation would be to improve the security of the broadcasted message by utilizing an encryption key obtained from a key index that is utilized by both the ONU and OLT thus reducing the complexity of the system (Zhang, Second Embodiment, Page 9)
Regarding Claim 2, the combination of Luo and Zhang disclose:
The optical line terminal, OLT, according to claim 1, wherein the at least one identifier comprises a registration identifier characteristic for the respective ONU (On page 3, in the summary of invention, Lou discloses “optical network unit ONU of unique identity identification is composed of two parts: the sequence number SN of the optical network unit ONU and an optical line terminal OLT ONU-ID;”).
Regarding Claim 3, the combination of Luo and Zhang disclose:
The optical line terminal, OLT, according to claim 2, wherein the OLT is further caused to perform determining a master session key based on the registration identifier (On page 7, in the description, Lou discloses “step 106, OLT and ONU respectively generate a master session key, the process comprising: calculating SKONU=H (Port, OLT-ID, KOLT, R-ID), SKONU is main session key”).
Regarding Claim 4, the combination of Luo and Zhang disclose:
The optical line terminal, OLT, according to claim 1, wherein the at least one identifier comprises a serial number characteristic for the respective ONU (On page 4, in the summary of invention, Lou discloses “optical network unit ONU Serial-Number-ONU information by the serial number of the optical network unit ONU (Serial Number) authenticator sent to optical line terminal OLT”).
Regarding Claim 11, Luo discloses:
An optical network unit (ONU), configured to communicate in a point-to-multipoint optical network with an optical network terminal (OLT) (On Page 2, in the description, Lou discloses “passive optical network is a typical point-to-multipoint structure, optical line terminal (Optical Line Terminal (OLT) and multiple optical network unit (Optical Network Units, ONUs)”); the ONU comprising: at least one memory including computer program code; at least one processor configured to execute the computer program code to cause the ONU to perform: encrypting at least one identifier according to a preconfigured encryption algorithm and a preconfigured key (On page 6, in the description, Lou discloses “Step 104…generation information mONU = (ONU-ID, OLT-ID, r2, t2, R-ID). wherein the R-ID field includes the ONU-ID register value Registration. Then the information mONU is encrypted.” Further on page 3, in the summary of invention, Lou discloses “registration stage… OLT is optical network unit ONU private key generating part, and the part of private key by the secure channel to the optical network unit ONU” wherein the private key part generation teaches on a preconfigured key), wherein the at least one identifier is a characteristic for the ONU (On page 3, in the summary of invention, Lou discloses “optical network unit ONU of unique identity identification is composed of two parts: the sequence number SN of the optical network unit ONU and an optical line terminal OLT ONU-ID;”); sending the encrypted at least one identifier to the OLT (On page 6, in the description, Lou discloses “step 104…Finally, the ONU transmits Registration information package sent to the OLT.”);
However, Lou does not explicitly disclose further deriving a key from a set of pre-configured shared keys.
Zhang discloses:
wherein the OLT and a respective ONU share a set of pre-configured shared keys (On page 7, In the first embodiment, Zhang discloses “the OLT and the ONU can preset a plurality of encryption keys, when the subsequent negotiation, only need to negotiate an encryption key corresponding to the key index.”); and determining at least one shared key from the set of pre-configured shared keys based on the at least one decrypted identifier (On page 3, in the invention contents, Zhang discloses “determining a key index; inquiring the encryption key according to the key index;”).
One in ordinary skill in the art of cryptography would have been motivated, before the effective filing date of the claimed invention to modify Lou’s approach by utilizing Zhang’s approach of deriving a shared key from the shared keys as the motivation would be to improve the security of the broadcasted message by utilizing an encryption key obtained from a key index that is utilized by both the ONU and OLT thus reducing the complexity of the system (Zhang, Second Embodiment, Page 9)
Regarding Claim 12, Luo discloses:
A method comprising: encrypting at least one identifier according to a preconfigured encryption algorithm and a preconfigured key by an optical network unit, ONU (On page 6, in the description, Lou discloses “Step 104…generation information mONU = (ONU-ID, OLT-ID, r2, t2, R-ID). wherein the R-ID field includes the ONU-ID register value Registration. Then the information mONU is encrypted.” Further on page 3, in the summary of invention, Lou discloses “registration stage… OLT is optical network unit ONU private key generating part, and the part of private key by the secure channel to the optical network unit ONU” wherein the private key part generation teaches on a preconfigured key), configured to communicate in a point-to-multipoint optical network with an optical network terminal, OLT (On Page 2, in the description, Lou discloses “passive optical network is a typical point-to-multipoint structure, optical line terminal (Optical Line Terminal (OLT) and multiple optical network unit (Optical Network Units, ONUs)”); and wherein the at least one identifier is characteristic for the ONU (On page 3, in the summary of invention, Lou discloses “optical network unit ONU of unique identity identification is composed of two parts: the sequence number SN of the optical network unit ONU and an optical line terminal OLT ONU-ID;”); by the OLT, receiving the encrypted at least one identifier from the ONU (On page 7, in the description, Lou discloses “step 105: OLT after receiving the Registration information using partial private key and decrypt the received information”); and decrypting the received identifier according to the preconfigured encryption algorithm and the preconfigured key (On page 7, in the description, Lou discloses “step 105: OLT after receiving the Registration information using partial private key and decrypt the received information”);
However, Lou does not explicitly disclose further deriving a key from a set of pre-configured shared keys.
Zhang discloses:
wherein the OLT and the ONU share a set of pre-configured shared keys (On page 7, In the first embodiment, Zhang discloses “the OLT and the ONU can preset a plurality of encryption keys, when the subsequent negotiation, only need to negotiate an encryption key corresponding to the key index.”); and determining, by the OLT , at least one shared key based on the at least on decrypted identifier and determining, by the ONU, the at least one shared key from the set of pre-configured shared keys based on the at least one identifier (On page 3, in the invention contents, Zhang discloses “determining a key index; inquiring the encryption key according to the key index;”).
One in ordinary skill in the art of cryptography would have been motivated, before the effective filing date of the claimed invention to modify Lou’s approach by utilizing Zhang’s approach of deriving a shared key from the shared keys as the motivation would be to improve the security of the broadcasted message by utilizing an encryption key obtained from a key index that is utilized by both the ONU and OLT thus reducing the complexity of the system (Zhang, Second Embodiment, Page 9)
Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Lou et al. (CN 109274489), hereinafter referred to as Lou, in view of Zhang, Jian-ying (CN 106817352), hereinafter referred to as Zhang, in further view of ITU (NPL: 10-Gigabit-capable passive optical networks (XG-PON): Transmission convergence (TC) layer specification), hereinafter referred to as ITU.
Regarding Claim 5, Luo and Zhang disclose the limitations of claim 4.
However, Lou does not explicitly disclose further deriving a key from the master key.
ITU discloses:
wherein the OLT is further caused to perform determining one or more shared keys based on the decrypted serial number and a master session key. (On page 86, section 15.3.3, ITU discloses “The session key (SK) binds the MSK to the context of the security association between the OLT and ONU. The SK, which is used for subsequent key derivations, is obtained using the following formula:SK = AES-CMAC (MSK, (SN | PON-TAG| 0x53657373696f6e4b), 128) (15-3) where the information message, which is 24 bytes long, is a concatenation of three elements: the ONU serial number (SN) as reported in octets 5 to 12 of the upstream Serial_Number_ONU PLOAM message (clause 11.3.4.1), the PON-TAG as reported in octets 26 to 33 of the downstream Profile PLOAM message (clause 11.3.3.1), and an ASCII representation of the string "SessionK".”)
One in ordinary skill in the art of cryptography would have been motivated, before the effective filing date of the claimed invention to modify Lou’s approach by utilizing ITU’s approach of deriving a session key from the master key as the motivation would be the creation of a master session key (MSK) allows the system to secure the subsequent key derivation between the OLT and the ONU (ITU, page 115)
Claims 6-9 are rejected under 35 U.S.C. 103 as being unpatentable over Lou et al. (CN 109274489), hereinafter referred to as Lou, in view of Zhang, Jian-ying (CN 106817352), hereinafter referred to as Zhang, in further view of Hu et al (WO 2022062948), hereinafter referred to as Hu.
Regarding Claim 6, Luo and Zhang disclose the limitations of claim 1.
However, Lou does not explicitly disclose configuring encryption algorithms to be used between the OLT and the ONUs.
Hu discloses:
The optical line terminal, OLT, according to claim 1, wherein the preconfigured key and the preconfigured encryption algorithm are identical for the ONUs and the OLT within the point-multipoint network (On page 6, in the detailed description, Hu discloses “the OLT first obtains algorithms supported by the ONU, such as one or more algorithms such as a key algorithm, a hash algorithm, and a signature algorithm. The OLT can obtain the algorithms supported by the ONU in various ways, such as preconfiguring the algorithms supported by the ONU on the OLT”).
One in ordinary skill in the art of cryptography would have been motivated, before the effective filing date of the claimed invention to modify Lou’s approach by utilizing Hu’s approach of having the ability to configure which encryption algorithm to utilize as the motivation would be to ensure the ONU and the OLT have the capability of using the same encryption algorithm when performing the authentication. (Hu, Page 6)
Regarding Claim 7, Luo and Zhang disclose the limitations of claim 1.
However, Lou does not explicitly disclose configuring encryption algorithms to be used between the OLT and the ONUs.
Hu discloses:
The optical line terminal, OLT, according to claim 1, wherein the preconfigured encryption algorithm and/or the preconfigured key are configurable for the OLT and the respective ONUs (On page 6, in the detailed description, Hu discloses “The first key algorithm may be information preset on the OLT, or may be selected and determined by the OLT according to its own algorithm capability and the ONU's algorithm capability.”)
One in ordinary skill in the art of cryptography would have been motivated, before the effective filing date of the claimed invention to modify Lou’s approach by utilizing Hu’s approach of having the ability to configure which encryption algorithm to utilize as the motivation would be to ensure the ONU and the OLT have the capability of using the same encryption algorithm when performing the authentication. (Hu, Page 6)
Regarding Claim 8, Luo, Zhang and Hu disclose the limitations of claim 7.
However, Lou does not explicitly disclose configuring encryption algorithms to be used between the OLT and the ONUs.
Hu discloses:
The optical line terminal, OLT, according to claim 7, wherein the OLT is further caused to, for a respective ONU, select a preconfigured encryption algorithm and/or a preconfigured key; and to provide the selected preconfigured encryption algorithm and/or the selected preconfigured key to the respective ONU (On page 6, in the detailed description, Hu discloses “The first key algorithm may be information preset on the OLT, or may be selected and determined by the OLT according to its own algorithm capability and the ONU's algorithm capability…. In addition, the OLT may also send one or more of the following information in the first message, such as a set of key parameters used by the OLT, a hash algorithm and a signature algorithm determined by the OLT, and the like.”)
One in ordinary skill in the art of cryptography would have been motivated, before the effective filing date of the claimed invention to modify Lou’s approach by utilizing Hu’s approach of having the ability to configure which encryption algorithm to utilize as the motivation would be to ensure the ONU and the OLT have the capability of using the same encryption algorithm when performing the authentication. (Hu, Page 6)
Regarding Claim 9, Luo, Zhang, and Hu disclose the limitations of claim 8.
However, Lou does not explicitly disclose configuring encryption algorithms to be used between the OLT and the ONUs.
Hu discloses:
The optical line terminal, OLT, according to claim 8, wherein the OLT is further caused to, provide, to the respective ONU, an encryption reference indicative for the selected preconfigured encryption algorithm and/or a key reference indicative for the selected preconfigured key. (On page 6, in the detailed description, Hu discloses “The first key algorithm may be information preset on the OLT, or may be selected and determined by the OLT according to its own algorithm capability and the ONU's algorithm capability…. In addition, the OLT may also send one or more of the following information in the first message, such as a set of key parameters used by the OLT, a hash algorithm and a signature algorithm determined by the OLT, and the like.”)
One in ordinary skill in the art of cryptography would have been motivated, before the effective filing date of the claimed invention to modify Lou’s approach by utilizing Hu’s approach of having the ability to configure which encryption algorithm to utilize as the motivation would be to ensure the ONU and the OLT have the capability of using the same encryption algorithm when performing the authentication. (Hu, Page 6)
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Li et al. (CN 116800442) discloses a method for authentication between an optical line terminal and an optical network unit.
Zhang et al. (WO 2011127731) discloses a registration activation method between an optical line terminal and an optical network unit.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHADI H KOBROSLI whose telephone number is (571)272-1952. The examiner can normally be reached M-F 9am-5pm ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Rupal Dharia can be reached at 571-272-3880. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SHADI H KOBROSLI/Examiner, Art Unit 2492 /RUPAL DHARIA/Supervisory Patent Examiner, Art Unit 2492