Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This action is in response to the application filed on 02/27/2024.
Claims 1-5 are pending.
Examiner’s Note
Please note that Examiner cites particular columns and line numbers in the references as applied to the claims below for the convenience of the applicant. Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and figures may apply as well. It is respectfully requested that, in preparing responses, the applicant fully consider the references in entirely as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the examiner.
Specification
The disclosure is objected to because of the following informalities:
The title of the invention is not descriptive. A new title is required that is clearly indicative of the invention to which the claims are directed.
The following title is suggested: Distributing update data of software for an in-vehicle device.
Appropriate correction is required.
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
Claim(s) 1-5 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by USPN 20200177561 to Kruger.
Per claim 1:
Kruger discloses:
1. A distribution server that distributes update data of software for an in-vehicle device to vehicles via a wireless communication network (Kruger discloses an environment in which over-the-air software updates for components of a vehicle, the environment 100 includes a vehicle 106, a packaging server 104, and a communication gateway server 102, see Fig. 1 and Paragraphs [0019-0021, 0041-0045]), the distribution server comprising a processor configured to:
distribute the update data encrypted with a common key to the vehicles (Kruger discloses distributing encrypted update data to a vehicle Paragraph [0023, 0034] “the communication gateway server 102 and the packaging server 104 communicate via any suitable wired or wireless networking technology… packaging server 104 may be encrypted using TLS, SSL, or any other cryptographic protocol… vehicle 106 includes an over-the-air (OTA) updater device 108, one or more updatable components 110, and a download data store 214”); and
transmit the common key encrypted by a session key method to each of the vehicles (Kruger discloses transmitting a random key for decryption after validation Paragraph [0030, 0039] “the validation module 204 may generate validation tokens to be transmitted to OTA updater devices 10… decryption module 230 causes the OTA updater device 108 to perform actions for decrypting software updates using the symmetric keys regenerated by the key management module 228… vehicle ID data store 232 for later use in registering the OTA updater device 108 and/or regenerating symmetric keys”).
Per claim 2:
Kruger discloses:
2. The distribution server according to claim 1, wherein the processor uses a different key as the common key for each distribution of the update data (Kruger discloses a new random key associated with each encrypted software update package, Paragraph [0029, 0031, 0039] “a first computing device (or set of computing devices) may provide the key generation module 208… vehicle data store 206 may also store partial secret information and/or validation information associated with a given OTA updater device 108 or vehicle 106… vehicle ID data store 232 for later use in registering the OTA updater device 108 and/or regenerating symmetric keys”).
Per claim 3:
Kruger discloses:
3. The distribution server according to claim 1, wherein the processor distributes the update data via a content distribution network (Kruger discloses disclose transmitting update packages for delivery, Paragraph [0022] “over-the-air updater device 108 communicates with the communication gateway server 102 via a wireless network 114. The wireless network 114 may include one or more types of wireless communication technology, including but not limited to a 2G wireless network, a 3G wireless network, a 4G wireless network, an LTE wireless network, a Wi-MAX wireless network, a Wi-Fi wireless network, a satellite-based wireless network, or any suitable network capable of wirelessly transmitting software updates”).
Per claim 4:
Kruger discloses:
4. The distribution server according to claim 1, wherein:
the processor encrypts the common key using an encryption key shared with each of the vehicles via key exchange by the session key method (Paragraph [0066] “the set of package identifiers not only uniquely identifies the software update to be packaged, but also uniquely identifies the encryption session being used to encrypt the software update package”); and
the processor executes the key exchange with a digital signature (Kruger discloses using signed validation tokens with private key sharing, Paragraph [0077-0078] “verifying the signature, the communication gateway server 102 may also re-compute the validation token from the stored random key (P2) to ensure that the value transmitted by the OTA updater device 108 matches what was expected, thus proving that the OTA updater device 108 not only is the OTA updater device 108 that is expected”).
Per claim 5:
Kruger discloses:
5. The distribution server according to claim 1, wherein the processor encrypts the common key by the session key method using an encryption key shared by using a DHE method or an ECDHE method (Since this appears to be MARKUSH type language requiring at a minimum just one from the list, Kruger teaches Paragraph [0070,0071] “a Diffie-Hellman (i.e., DHE) technique may be used to generate the symmetric key… Using the full secret (Fsecret) as described herein helps address this technical problem in deploying Diffie-Hellman techniques in exchanging symmetric keys for over-the-air software updates… full secret (Fsecret) does not need to be shared beforehand, but instead can be dynamically reconstructed by the OTA updater device 108 and the packaging server 102… symmetric key encryption algorithm may be used to encrypt the software update using the symmetric key”).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Related cited arts:
Hu, Qiang, and Feng Luo. "Review of secure communication approaches for in-vehicle network." International Journal of Automotive Technology 19.5 (2018): pp. 879-894.
Mahmud, Syed Masud, Shobhit Shanker, and Irina Hossain. "Secure software upload in an intelligent vehicle via wireless communication links." IEEE Proceedings. Intelligent Vehicles Symposium, 2005. IEEE, 2005. pp. 588-593.
Mahmud, Syed Masud, and Shobhit Shanker. "In-vehicle secure wireless personal area network (SWPAN)." IEEE Transactions on Vehicular Technology 55.3 (2006): pp. 1051-1061.
US 20240267221 discloses a data communication system includes a center device that distributes update data to a master device, and a master device that installs the update data downloaded from the center device in an electronic control unit to be reprogrammed. The center device generates a common key for encrypting the update data; encrypts the update data with the common key; encrypts the common key; stores the common key encrypted in a campaign notification; places the update data encrypted with the common key in a content delivery network (CDN); and transmits the campaign notification. The master device acquires the common key from the campaign notification; decrypts the encrypted common key to extract the common key; downloads and acquires encrypted update data from the CDN; performs an exclusive OR operation; and transfers the decrypted update data to the electronic control unit, and installs the update data in the electronic control unit.
US 11750399 discloses this disclosure describes a cyber-security protocol for validating messages being exchanged between two devices of an autonomous vehicle. The protocol includes the independent generation of multiple encryption or session keys by both devices. The encryption keys are generated based on a random number provided by each device. In some embodiments, the random numbers can be accompanied by a shared secret key installed on both devices that can help prevent an unauthorized device from creating a shared set of encryption keys with one of the devices. Including a hash generated using one of the encryption keys and a message sequence counter value in each message can help prevent the injection of previously transmitted messages as a means of disturbing operation of the autonomous vehicle.
US 20230040468 discloses a computer-implemented method for providing a system-specific secret to a computing system having a plurality of computing components is disclosed. The method includes storing permanently a component-specific import key as part of a computing component and storing the component-specific import key in a manufacturing-side storage system. Upon a request for the system-specific secret for a computing system, the method includes identifying the computing component comprised in the computing system, retrieving a record relating to the identified computing component, determining the system-specific secret protected by a hardware security module and determining a system-specific auxiliary key. Furthermore, the method includes encrypting the system-specific auxiliary key with the retrieved component-specific import key, thereby creating a auxiliary key bundle, encrypting the system-specific secret and storing the auxiliary key bundle and a system record in a storage medium of the computing system.
US 20220131709 discloses a device can (i) store public keys Ss and Sn for a network and (ii) record private key sd. A network can record a corresponding private keys ss and sn. The device can (i) generate a device ephemeral PKI key pair (Ed, ed) and (ii) send public key Ed to the network. The device can receive an ephemeral public key Es from the network. The device can calculate values for A: an elliptic curve point addition over Ss, Sn, and Es, and B: (sd+ed) mod n. The device can input values for X and Y into an elliptic curve Diffie Hellman key exchange (ECDH) in order to determine a mutually derived shared secret X5, where the network can also derive shared secret X5. The device can (i) use X5 to derive a key K2 and (ii) decrypt a ciphertext from the network using key K2.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Satish Rampuria whose telephone number is 571-272-3732. The examiner can normally be reached on Monday-Friday from 8:30 AM to 5:00 PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Chat Do, can be reached at telephone number 571-272-3721. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from Patent Center and the Private Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from Patent Center or Private PAIR. Status information for unpublished applications is available through Patent Center and Private PAIR for authorized users only. Should you have questions about access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) Form at https://www.uspto.gov/patents/uspto-automated- interview-request-air-form.
/Satish Rampuria/Primary Examiner, Art Unit 2193