Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Amendment
This office action is responsive to amendment filed on 11/26/2025. Claims 1,9 and 15 are amended. Claims 1-20 are pending examination.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more.
Claim(s) 1 is drawn to a circuit, claim 9 is drawn to a method, and claim 15 is drawn to a system. As such, claims 1,9, and 17 are drawn to one of the statutory categories of invention.
Claims 1-20 are directed to the abstract idea of encrypting data and storing encryption metadata, which falls within the “certain Methods or Organizing Human Activity” category of abstract ideas, specifically methods of managing data and interaction between system. This claim encompasses mathematical concepts related to encryption algorithms.
Step 2A, Prong Two: the claims do not integrate the abstract idea into a practical application. The recitation of a “processor” and “one or more circuits” in the claim 1 amount to mere generic computer components performing generic computer functions. The claims do not recite any improvement to computer functionality, nor do the solve a technical problem in a non-conventional way. The processor and the circuit merely invoked as tools to perform the abstract of encryption with metadata storage. The claims do not provide any specific implementation details that would show how the professor operates differently or achieves a technical improvement beyond conventional operations. The use of API to trigger encryption is a conventional software function.
The recited elements such as processor, circuits, API, encryption algorithms, salts, keys and metadata are well understood, routine and conventional activities in the field of data encryption and computer security. The claims use generic computer components to perform conventional encryption and store conventional metadata about the encryption.
Step 2B: the claims do not amount to significantly more than abstract idea itself. When considered both individually and as an ordered combination, the claim elements do not provide an inventive concept sufficient to transform the abstract idea into patent eligible subject matter.
Dependent claims further describe the abstract idea of encrypting data and storing metadata. The dependent claims do not include additional elements that integrate the abstract idea into a practical application or that provide significantly more than the abstract idea. Therefore, the dependent claims are also not patent eligible.
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
Claims 1-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by RFC 4880 (Network Working Group Request for comments: 4880) published November 2007 (referred to hereinafter as RFC).
As to claim 1, RFC teaches a processor, comprising:
one or more circuits to perform an application programming interface (API) to:
cause at least a portion of a neural network parameter file to be encrypted using one or more encryption algorithms identified from a plurality of encryption algorithms based, at least in part, on one or more encryption algorithm indicators (see sections 5.1, 5.3, 3.7.2.1, session key encryption octets to specify which encryption algorithm (IDEA, 3DES, CAST5, AES et) was used; and
provide the one or more encryption algorithm indicators as metadata with the encrypted at least a portion of the neural network parameter file (see sections 5.1 and 5.3, algorithm identifiers are stored in octets within the packet structure. This IS metadata describing how the data was encrypted).
As to claim 2, t RFC teaches the processor according to claim 1, wherein the one or more encryption algorithm indicators are to identify one or more salts (see sections, 3.7.1.2 and 3.7.1.3 (salted S2K (octets 2-9, 8-octet salt value and iterated -salted S2K explicitly store salt identifiers with encrypted data).
As to claim 3, RFC teaches the processor according to claim 1, wherein performing the API is to further cause a mapping of encryption algorithm identifiers to salts to be generated (section 3.7.2.1, the S2K specifier structure creates a mapping. Algorithm octet then 2Ktype then Salt value).
As to claim 4, RFC teaches the processor according to claim 1, wherein the one or more encryption algorithm indicators comprise one or more opaque identifiers associated with one or more encryption algorithms (see section 9.2, algorithm identifiers are numeric octets (0-255) that act as opaque references to specific algorithms (e.g. 1=IDEA, 2=3DES, 7= AES-128).
As to claim 5, RFC teaches the processor according to claim 1, wherein the one or more encryption algorithm indicators identify one or more salts usable to encrypt the information (see sections, 3.7.2.1 and 3.7.1.3 (salted S2K (octets 2-9, 8-octet salt value) and iterated -salted S2K explicitly store salt identifiers with encrypted data).
.
As to claim 6, RFC teaches the processor according to claim 1, wherein the one or more encryption algorithm indicators identify cryptographic information usable to encrypt the information, and wherein the cryptographic information is inaccessible outside of software to use the information (see 5.5.3, secret key encryption where MPIs are encrypted and only accessible through proper decryption).
As to claim 7, RFC teaches the processor according to claim 1, wherein performing the API is to cause the information to be encrypted such that, to decrypt the information, at least both cryptographic information accessible to a user and cryptographic information inaccessible outside of software to use the information are to be used (see section 5.3, symmetric -key ESK uses passphrase (user accessible) +S2K algorithm (software-internal) for dual layer encryption).
As to claim 8, RFC teaches the processor according to claim 1, wherein performing the API is to further cause the information to be encrypted using at least both a key of a user and an encryption algorithm identified by the one or more encryption algorithm indicators (see sections 5.1 and 5.3, Explicitly describes encrypting with user’s key and storing algorithm identifiers).
Claims 9- 20 do not teach anything above and beyond the limitations claims 1-8 and rejected for similar reasons.
Response to Arguments
Applicant’s arguments with respect to claim rejections under 35 USC § 103 (Issa 2024/0007280/ EP 2080314) have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
Applicant's arguments filed regarding claim rejections under 35 USC § 1011 § 1 have been fully considered but they are not persuasive.
The applicant argues the following:
Argument 1: specific practical application of encrypting neural network parameters files.
Response, the claims do not recite any specific application to neural networks that would make this practical application under Alice Step 2. The claims simple state “neural network parameters file” as data being encrypted. There is no neural network specific technical problem is solved. The claims do not address any unique challenges of encrypting neural networks.
Argument 2: API support for encryption algorithm selection enhances security which is equivalent to improvement to computer technology.
Response: Providing an API is not a technical improvement, but just a conventional interface. The claims say the API causes encryption to happen, but do not explain specific technical mechanism regarding that. RFC 4800 (2007) already provides this functionality. Furthermore, enhanced security through algorithm selection is not a technical innovation. Allowing users to choose from multiple algorithms is a standard practice in every type of encryption.
Argument 3: providing indicator as a metadata adds ‘significantly more” and avoids preconfigured identifiers.
Response: RFC 4880 (2007) does provide indicators as metadata. And avoiding preconfigured identifiers is not technical improvement. The claims are too generic to provide improvement. The claims recite one or more processor (any processor); one or more algorithms (any algorithm); metadata (any metadata format); API (any interface). This is the definition of conventional, generic computer components performing conventional functions.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SARGON N NANO whose telephone number is (571)272-4007. The examiner can normally be reached 7:30 AM-3:30 PM. M.S.T..
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Nicholas Taylor can be reached at 571 272 3889. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SARGON N NANO/Primary Examiner, Art Unit 2443