DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Amendment
Claims 1-20 are currently pending and have been considered below. Claims 1, 10 and 19 are independent claims.
Response to Arguments
Applicant’s arguments with respect to claim(s) 1-20 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-5, 7-14 and 16-20 are rejected under 35 U.S.C. 103 as being unpatentable over Griffin (US Publication No. 2023/0291572 A1) in view of Liu (US Publication No. 2022/0166771 A1) in further view of Anderson (US Publication No. 20010018739 A1).
Regarding Claim 1:
Griffin discloses:
A method comprising steps of: obtaining a signed document where the signed document has previously been signed using a classical encryption algorithm, (Griffin, [0042-0045], such as SignedData and NamedKey EncryptedData, the QSDS message processing system 100 may incorporate additional asymmetric cryptography (e.g. Signcryption, X9.73, ISO/IEC 29150), digital signatures (e.g. RSA, X9.31, DSA, FIPS 186-4, ECDSA, X9.62) and/or known encryption algorithms (e.g. AES 256, FIPS 197), keyed hash message authentication code (HMAC) algorithm (FIPS 198 1)) using hash algorithms, [0043], the signing party computing system 104 may generate and transmit to the QSDS message processing computing system 102 any data type that identifies a hash of the document to-be-signed);
encrypting the hash of the signed document to obtain a digital signature, wherein the encrypting utilizes a private key associated with a Post-Quantum Cryptography (PQC) algorithm , (Griffin, [0042], the QSDS message processing system 100 may incorporate additional asymmetric cryptography (e.g. Signcryption, X9.73, ISO/IEC 29150), digital signatures (e.g. RSA, X9.31, DSA, FIPS 186-4, ECDSA, X9.62) and/or known encryption algorithms (e.g. AES 256, FIPS 197), keyed hash message authentication code (HMAC) algorithm (FIPS 198 1)) using hash algorithms (e.g., SHA 256, FIPS 180 4) or suitable key derivation algorithms (e.g. SHA 256, FIPS 180 4).);
Griffin does not disclose:
the digital signature constituting a PQC signature that attests to an integrity state of the signed document as it existed prior to any quantum attack;
and attaching the digital signature to the signed document as an appended PQC signature block stored with the signed document without modifying the document body or the classical digital signature to provide a PQC signed document which is protected against quantum attacks on the classical encryption algorithm without requiring re-execution of the classical signing operation by an original signer.
Liu discloses:
the digital signature constituting a PQC signature that attests to an integrity state of the signed document as it existed prior to any quantum attack(Liu, [0003], Existing public-key digital signature algorithms such as Rivest-Shamir-Adleman (RSA) and Elliptic Curve Digital Signature Algorithm (ECDSA) are anticipated not to be secure against brute-force attacks based on algorithms such as Shor's algorithm using quantum computers. [0017], (XMSS) and/or an eXtended Merkle multi-tree signature scheme (XMSS-MT) are hash-based signature schemes that can protect against attacks by quantum computers. [0058], an efficient, asymmetric, post-quantum remote attestation protocol is based on hash-based signatures, which are sufficiently efficient (in terms of computational operations) to render the protocol suitable for use with resource-limited devices such as IoT devices. [0065], the verifier first computes a MTS signature, which provides additional protection against denial of service (DoS) attacks by malicious verifiers as the verifier needs to perform non-trivial tasks first. [0071], the attestation response message from the proving device, at operation 750, the verifying device verifies the attestation result and the signature in the attestation response message. In some examples the verifying device verifies N, idP, and idv. The verifying device also guarantees the integrity and authenticity of the attestation response message with MTSPK2.)
and attaching the digital signature to the signed document as an appended PQC signature block stored with the signed document without modifying the document body or the classical digital signature to provide a PQC signed document which is protected against quantum attacks on the classical encryption algorithm without requiring re-execution of the classical signing operation by an original signer.(Liu, [0017], existing public-key digital signature algorithms such as Rivest-Shamir-Adleman (RSA) and Elliptic Curve Digital Signature Algorithm (ECDSA) are anticipated not to be secure against brute-force attacks based on algorithms such as Shor's algorithm using quantum computers. The eXtended Merkle signature scheme (XMSS) and/or an eXtended Merkle multi-tree signature scheme (XMSS-MT) are hash-based signature schemes that can protect against attacks by quantum computers. As used herein, the term XMSS shall refer to both the XMSS scheme and the XMSS-MT scheme.).
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Griffin’s Quantum-resistant double signature system by enhancing Griffin’s digital signature on a dual-signed message by a relying party computing system to secure against brute-force attacks based on algorithms as taught by Liu in order to ensure that the integrity and authenticity of the document remain verifiable.
The motivation is to enhance security by providing quantum resistance that preserves that integrity and authenticity of the document. Furthermore, the enhancement ensures long-term verifiability of the signed document and any tampering within the system.
Griffin in view of Liu do not disclose:
the signed document comprising a document body and an associated classical digital signature;
determining a hash of the signed document including hashing both the document body and the associated classical digital signature as combined input to a hash function so that any change to either is detectable;
Anderson teaches:
the signed document comprising a document body and an associated classical digital signature(Anderson, [0156], FIG. 35, the signature block 800 contains the block names (j, k) of the blocks 804 and 806 being bound together and the digital hashes 808 and 810 of the content for these blocks. A hash 811 can be generated from the document names and the digital hashes 808 and 810, and a digital signature 812 can be generated by digitally signing the hash 811, [0162], at a step 604 a hash value is calculated using the contents of the subject block having the nonce value prepended, while excluding the block start tag and block end tag [0195], The digital signature is to insure that the electronic document is authentic and has not been tampered with. By using the multilevel hash operation, the electronic document is able to provide improved authentication and tamper resistance.));
determining a hash of the signed document including hashing both the document body and the associated classical digital signature as combined input to a hash function so that any change to either is detectable (Anderson, [0162], at a step 604 a hash value is calculated using the contents of the subject block having the nonce value prepended… at a step 608 the resulting hash value is inserted into the <hash> entry in the signature block… Sixth, at a step 612 a second hash calculation is performed on the contents of the <sigdata> sub-block, which contains the previously calculated hashes, their block references, and the < nonce>… Seventh, at a step 614 the second hash value is then encrypted using a private key… [0156], the signature block 800 contains the block names (j, k) of the blocks 804 and 806 being bound together and the digital hashes 808 and 810 of the content for these blocks. A hash 811 can be generated from the document names and the digital hashes 808 and 810, and a digital signature 812 can be generated by digitally signing the hash 811…[0195], The digital signature is to insure that the electronic document is authentic and has not been tampered with. By using the multilevel hash operation, the electronic document is able to provide improved authentication and tamper resistance.)
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Griffin in view of Liu’s Quantum-resistant double signature system by enhancing Griffin in view of Liu’s digital signature on a dual-signed message by a relying party computing system to secure against brute-force attacks based on algorithms as taught by Anderson in order to ensure detection of any medication to the document body or associated digital signature despite future compromise of classical private keys.
The motivation is to enhance integrity assurance of digitally signed documents against foreseeable compromise of classical public-key algorithms. Furthermore, it enhances the durability of digital signature validity in a post-quantum threat environment within the system.
Regarding Claim 2:
The method of claim 1, Griffin in view of Liu in further view of Anderson disclose wherein the steps further include: receiving a document that purports to be the PQC signed document(Griffin, [0055], the QSDS message following current CMS processing rules would be unable to detect an alteration of the document or the signature, as the signature would appear to be valid because it was signed)
determining a second hash of the document that purports to be the PQC signed document, (Griffin, [0055], a relying party (e.g., relying party computing system 106) who verifies the signature on the QSDS message following current CMS processing rules would be unable to detect an alteration of the document or the signature, as the signature would appear to be valid because it was signed by the unauthorized party who had gained access to the private signing key of the signing party computing system 104.);
Griffin does not disclose:
the second hash being computed over both the document body and the classical digital signature contained in the purported PQC signed document
decrypting the digital signature using a public key associated with the private key to obtain the hash
and comparing the hash and the second hash to determine whether or not the document is the PQC signed document thereby detecting any modification to either the document body or the classical digital signature regardless of compromise of the classical private key.
Liu discloses:
the second hash being computed over both the document body and the classical digital signature contained in the purported PQC signed document(Liu, [0030], quantum computing challenges is hash-based signatures (HBS) since these schemes have been around for a long while and possess the necessarily basic ingredients to counter the quantum counting and post-quantum computing challenges. [0043], the signing party computing system 104 may generate and transmit to the QSDS message processing computing system 102 any data type that identifies a hash of the document to-be-signed)
decrypting the digital signature using a public key associated with the private key to obtain the hash(Liu, [0042], [0043],security functions on behalf of the signing device 310. In some embodiments, the cryptography logic 340 may be embodied as a cryptographic engine, an independent security co-processor of the signing device 310, a cryptographic accelerator incorporated into the processor(s) 320, or a standalone software/firmware. In some embodiments, the cryptography logic 340 may generate and/or utilize various cryptographic keys (e.g., symmetric/asymmetric cryptographic keys) to facilitate encryption, decryption, signing, and/or signature verification.);
and comparing the hash and the second hash to determine whether or not the document is the PQC signed document(Liu, [0047], apply the same hash function or chain function as applied by hash logic 332 of authentication logic 330, to each received message element a number, N-mi′ (or mi′), times to yield a verification message element. Whether a verification signature, i.e., each of the L verification message elements, corresponds to a corresponding public key element, pki, may then be determined. For example, verification logic 370 may be configured to compare each verification message element to the corresponding public key element, pki. If each of the verification message element matches the corresponding public key element, pki, then the verification corresponds to success)
thereby detecting any modification to either the document body or the classical digital signature regardless of compromise of the classical private key.(Liu, [0038], Hash logic 332 is configured to hash (i.e., to apply a hash function to) a message (M) to generate a hash value (m′) of the message M. [0047], generate a verification signature based, at least in part, on the signature received from the first device and based, at least in part, on the received message representative (m′). For example, authentication logic 370 may configured to perform the same signature operations, i.e., apply the same hash function or chain function as applied by hash logic 332 of authentication logic 330, to each received message element a number, N-mi′ (or mi′)[0065], … the verifier side, as the attestation response is signed by the prover, the verifier can always assure that the attestation response comes from the correct prover without being tampered. To initiate an attestation, the verifier first computes a MTS signature,…)
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Griffin’s Quantum-resistant double signature system by enhancing Griffin’s digital signature on a dual-signed message by a relying party computing system to secure against brute-force attacks based on algorithms as taught by Liu in order to ensure that the document has not been altered, forged or replaced.
The motivation is to enhance the security by protecting the verification process from quantum attacks, guaranteeing that only a legitimately OQC signed document can be validated as authentic.
Regarding Claim 3:
The method of claim 1, Griffin in view of Liu in further view of Anderson disclose wherein the steps are performed prior to any quantum computer being able to successfully perform the quantum attacks on the classical encryption algorithm, thereby ensuring the signed document is valid and establishing an immutable PQC-based trust anchor for the already-signed document(Liu, [0025],“quantum-safe”, “quantum-resistant”, or simply “PQC”) takes a futuristic and realistic approach to cryptography. It prepares those responsible for cryptography as well as end-users to know the cryptography is outdated; rather, it needs to evolve to be able to successfully address the evolving computing devices into quantum computing and post-quantum computing. [0047], In instances in which the second device is the verifying device, authentication logic 370 is configured to generate a verification signature based, at least in part, on the signature received from the first device and based, at least in part, on the received message representative (m′)., [0061], The root node should correspond to the group public key. To sign a message M, a node is first selected. Then in addition to the one-time signature schemed described above, the authentication path associated with this node (used to re-build the root node) is included as the final signature. T) [0050], A successful verification will match the computed tree root value to the public key PK shared by the signing entity.).
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Griffin’s Quantum-resistant double signature system by enhancing Griffin’s digital signature on a dual-signed message by a relying party computing system to secure against brute-force attacks based on algorithms as taught by Liu in order to ensure that the document’s integrity and authenticity are preserved against future threats.
The motivation is to modify signed documents that that they remain trustworthy and verifiable once quantum computing becomes sufficiently powerful by providing a secure baseline and mitigating the risk of retroactive forgery or tampering.
Regarding Claim 4:
The method of claim 1, Griffin in view of Liu in further view of Anderson disclose wherein the determining the hash of the signed document includes inputting the signed document and a digital signature from the classical encryption algorithm into a hash function such that the hash uniquely represents both the classical signature and the document body as a combined structure. (Griffin, [0042], such as SignedData and NamedKey EncryptedData, the QSDS message processing system 100 may incorporate additional asymmetric cryptography (e.g. Signcryption, X9.73, ISO/IEC 29150), digital signatures (e.g. RSA, X9.31, DSA, FIPS 186-4, ECDSA, X9.62) and/or known encryption algorithms (e.g. AES 256, FIPS 197), keyed hash message authentication code (HMAC) algorithm (FIPS 198 1)) using hash algorithms (e.g., SHA 256, FIPS 180 4) or suitable key derivation algorithms (e.g. SHA 256, FIPS 180 4). [0038], Hash logic 332 is configured to hash (i.e., to apply a hash function to) a message (M) to generate a hash value (m′) of the message M. Hash functions may include, but are not limited to, a secure hash function, [0065], Techniques described herein provide enhanced security including the verifier's authenticity, integrity and protecting against information leakage. The prover can identify whether the attestation request comes from a legitimate verifier by checking the verifier's signature).
Regarding Claim 5:
The method of claim 1, Griffin in view of Liu in further view of Anderson disclose wherein the document is digital content(Griffin, [0063], The signing party computing system's 104 method 400 of generating a QSDS message begins at 402 when the signing party computing system 104 wants to sign an email with content (e.g., document, attachment, communication, etc.)).
Regarding Claim 7:
The method of claim 1, Griffin in view of Liu in further view of Anderson disclose wherein the document is software code(Griffin, [0003], Digital signatures are mathematical schemes for demonstrating the data integrity and origin authenticity of digital messages or electronic documents).
Regarding Claim 8:
The method of claim 1, Griffin in view of Liu in further view of Anderson disclose wherein the classical encryption algorithm is one of Elliptic Curve Cryptography and Rivest-Shamir-Adleman(Liu, [0017], existing public-key digital signature algorithms such as Rivest-Shamir-Adleman (RSA) and Elliptic Curve Digital Signature Algorithm (ECDSA).
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Griffin’s Quantum-resistant double signature system by enhancing Griffin’s digital signature on a dual-signed message by a relying party computing system to secure against brute-force attacks based on algorithms as taught by Liu in order to ensure that existing signatures are initially protected using established cryptographic standards.
The motivation is to enhance signing of the hash with a post-quantum cryptography algorithm and by securing the documents against future quantum attacks by preserving the authenticity and integrity of already signed documents.
Regarding Claim 9:
The method of claim 1, Griffin in view of Liu in further view of Anderson disclose wherein the PQC algorithm utilizes one of Lattice-Based Cryptography, Hash-Based Cryptography, Code-Based Cryptography, and Multivariate Quadratic Equations(Liu, [0028], Today's PQC is mostly focused on the following approaches: 1) hash-based cryptography based on Merkle's hash tree public-key signature system of 1979, which is built upon a one-message-signature idea of Lamport and Diffie; 2) code-based cryptography, such as McEliece's hidden-Goppa-code public-key encryption system; 3) lattice-based cryptography based on Hoffstein-Pipher-Silverman public-key-encryption system of 1998; 4) multivariate-quadratic equations cryptography based on Patarin's HFE public-key-signature system of 1996 that is further based on the Matumoto-Imai proposal; ).
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Griffin’s Quantum-resistant double signature system by enhancing Griffin’s digital signature on a dual-signed message by a relying party computing system to secure against brute-force attacks based on algorithms as taught by Liu in order to ensure the resist attacks from quantum computers.
The motivation is to enhance the use of quantum-resistant cryptographic algorithms and ensuring the hash of the already signed document remains secure against quantum decryption attempts.
Regarding Claim 10:
Griffin discloses:
A computing environment comprising one or more processors and memory storing instructions that, when executed, cause the one or more processors to (Griffin, [0084], The “circuit” may also include one or more processors communicatively coupled to one or more memory or memory devices. In this regard, the one or more processors may execute instructions stored in the memory or may execute instructions otherwise accessible to the one or more processors):
obtain a signed document where the signed document has previously been signed using a classical encryption algorithm, (Griffin, [0042-0045], such as SignedData and NamedKey EncryptedData, the QSDS message processing system 100 may incorporate additional asymmetric cryptography (e.g. Signcryption, X9.73, ISO/IEC 29150), digital signatures (e.g. RSA, X9.31, DSA, FIPS 186-4, ECDSA, X9.62) and/or known encryption algorithms (e.g. AES 256, FIPS 197), keyed hash message authentication code (HMAC) algorithm (FIPS 198 1)) using hash algorithms);
encrypt the hash of the signed document to obtain a digital signature, wherein the hash is encrypted using a private key associated with a Post-Quantum Cryptography (PQC) algorithm the encrypted hash forming a PQC signature establishing a post-quantum integrity state of the signed document (Griffin, [0042], the QSDS message processing system 100 may incorporate additional asymmetric cryptography (e.g. Signcryption, X9.73, ISO/IEC 29150), digital signatures (e.g. RSA, X9.31, DSA, FIPS 186-4, ECDSA, X9.62) and/or known encryption algorithms (e.g. AES 256, FIPS 197), keyed hash message authentication code (HMAC) algorithm (FIPS 198 1)) using hash algorithms (e.g., SHA 256, FIPS 180 4) or suitable key derivation algorithms (e.g. SHA 256, FIPS 180 4).);
Griffin does not disclose:
and attach the digital signature to the signed document as an appended PQC signature block that does not alter the classical digital signature to provide a PQC signed document which is protected against quantum attacks on the classical encryption algorithm without requiring re-execution of the classical signing operation by an original signer
Liu discloses:
and attach the digital signature to the signed document to provide a PQC signed document which is protected against quantum attacks on the classical encryption algorithm (Liu, [0017], existing public-key digital signature algorithms such as Rivest-Shamir-Adleman (RSA) and Elliptic Curve Digital Signature Algorithm (ECDSA) are anticipated not to be secure against brute-force attacks based on algorithms such as Shor's algorithm using quantum computers. The eXtended Merkle signature scheme (XMSS) and/or an eXtended Merkle multi-tree signature scheme (XMSS-MT) are hash-based signature schemes that can protect against attacks by quantum computers. As used herein, the term XMSS shall refer to both the XMSS scheme and the XMSS-MT scheme.).
Griffin in view of Liu do not disclose:
the signed document including a document body and a classical digital signature appended thereto:
determine a hash of the signed document including hashin both the document body and the classical digital signature as combined input;
Anderson discloses:
the signed document including a document body and a classical digital signature appended thereto: (Anderson, [0156], FIG. 35, the signature block 800 contains the block names (j, k) of the blocks 804 and 806 being bound together and the digital hashes 808 and 810 of the content for these blocks. A hash 811 can be generated from the document names and the digital hashes 808 and 810, and a digital signature 812 can be generated by digitally signing the hash 811, [0162], at a step 604 a hash value is calculated using the contents of the subject block having the nonce value prepended, while excluding the block start tag and block end tag [0195], The digital signature is to insure that the electronic document is authentic and has not been tampered with. By using the multilevel hash operation, the electronic document is able to provide improved authentication and tamper resistance.));
determine a hash of the signed document including hashin both the document body and the classical digital signature as combined input;(Anderson, [0162], at a step 604 a hash value is calculated using the contents of the subject block having the nonce value prepended… at a step 608 the resulting hash value is inserted into the <hash> entry in the signature block… Sixth, at a step 612 a second hash calculation is performed on the contents of the <sigdata> sub-block, which contains the previously calculated hashes, their block references, and the < nonce>… Seventh, at a step 614 the second hash value is then encrypted using a private key… [0156], the signature block 800 contains the block names (j, k) of the blocks 804 and 806 being bound together and the digital hashes 808 and 810 of the content for these blocks. A hash 811 can be generated from the document names and the digital hashes 808 and 810, and a digital signature 812 can be generated by digitally signing the hash 811…[0195], The digital signature is to insure that the electronic document is authentic and has not been tampered with. By using the multilevel hash operation, the electronic document is able to provide improved authentication and tamper resistance.)
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Griffin in view of Liu’s Quantum-resistant double signature system by enhancing Griffin in view of Liu’s digital signature on a dual-signed message by a relying party computing system to secure against brute-force attacks based on algorithms as taught by Anderson in order to ensure detection of any medication to the document body or associated digital signature despite future compromise of classical private keys.
The motivation is to enhance integrity assurance of digitally signed documents against foreseeable compromise of classical public-key algorithms. Furthermore, it enhances the durability of digital signature validity in a post-quantum threat environment within the system.
Regarding Claim 11:
The computing environment of claim 10, Griffin in view of Liu in further view of Anderson disclose wherein the instructions that, when executed, further cause the one or more processors to: receive a document that purports to be the PQC signed document (Griffin, [0055], the QSDS message following current CMS processing rules would be unable to detect an alteration of the document or the signature, as the signature would appear to be valid because it was signed);
Griffin does not disclose:
decrypt the digital signature using a public key associated with the private key to obtain the hash
and compare the hash and the second hash to determine whether or not the document is the PQC signed document based on matching or non-matching of the combined-content hash.
Liu discloses:
decrypt the digital signature using a public key associated with the private key to obtain the hash (Liu, [0042], [0043],security functions on behalf of the signing device 310. In some embodiments, the cryptography logic 340 may be embodied as a cryptographic engine, an independent security co-processor of the signing device 310, a cryptographic accelerator incorporated into the processor(s) 320, or a standalone software/firmware. In some embodiments, the cryptography logic 340 may generate and/or utilize various cryptographic keys (e.g., symmetric/asymmetric cryptographic keys) to facilitate encryption, decryption, signing, and/or signature verification.);
and compare the hash and the second hash to determine whether or not the document is the PQC signed document based on matching or non-matching of the combined-content hash(Liu, [0047], apply the same hash function or chain function as applied by hash logic 332 of authentication logic 330, to each received message element a number, N-mi′ (or mi′), times to yield a verification message element. Whether a verification signature, i.e., each of the L verification message elements, corresponds to a corresponding public key element, pki, may then be determined. For example, verification logic 370 may be configured to compare each verification message element to the corresponding public key element, pki. If each of the verification message element matches the corresponding public key element, pki, then the verification corresponds to success).
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Griffin’s Quantum-resistant double signature system by enhancing Griffin’s digital signature on a dual-signed message by a relying party computing system to secure against brute-force attacks based on algorithms as taught by Liu in order to ensure that the document has not been altered, forged or replaced.
The motivation is to enhance the security by protecting the verification process from quantum attacks, guaranteeing that only a legitimately OQC signed document can be validated as authentic.
Griffin in view of Liu do not disclose:
determine a second hash of the document that purports to be the PQC signed document including hashing both the document body and the classical digital signature contained therin
Anderson discloses:
determine a second hash of the document that purports to be the PQC signed document including hashing both the document body and the classical digital signature contained therin
(Anderson, [0162], Sixth, at a step 612 a second hash calculation is performed on the contents of the <sigdata> sub-block, which contains the previously calculated hashes, their block references, and the < nonce>… a second hash calculation is performed on the contents of the <sigdata> sub-block, which contains the previously calculated hashes, their block references, and the < nonce>…. [0156], he signature block 800 contains the block names (j, k) of the blocks 804 and 806 being bound together and the digital hashes 808 and 810 of the content for these blocks. A hash 811 can be generated from the document names and the digital hashes 808 and 810, and a digital signature 812 can be generated by digitally signing the hash 811.)
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Griffin in view of Liu’s Quantum-resistant double signature system by enhancing Griffin in view of Liu’s digital signature on a dual-signed message by a relying party computing system to secure against brute-force attacks based on algorithms as taught by Anderson in order to ensure detection of any medication to the document body or associated digital signature despite future compromise of classical private keys.
The motivation is to enhance integrity assurance of digitally signed documents against foreseeable compromise of classical public-key algorithms. Furthermore, it enhances the durability of digital signature validity in a post-quantum threat environment within the system.
Regarding Claim 12:
The computing environment of claim 10, Griffin in view of Liu in further view of Anderson disclose wherein the PQC signed document is determined prior to any quantum computer being able to successfully perform the quantum attacks on the classical encryption algorithm, thereby ensuring the signed document is valid and preserved as a trusted pre-quantum artifact (Liu, [0025],“quantum-safe”, “quantum-resistant”, or simply “PQC”) takes a futuristic and realistic approach to cryptography. It prepares those responsible for cryptography as well as end-users to know the cryptography is outdated; rather, it needs to evolve to be able to successfully address the evolving computing devices into quantum computing and post-quantum computing. [0047], In instances in which the second device is the verifying device, authentication logic 370 is configured to generate a verification signature based, at least in part, on the signature received from the first device and based, at least in part, on the received message representative (m′).)).
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Griffin’s Quantum-resistant double signature system by enhancing Griffin’s digital signature on a dual-signed message by a relying party computing system to secure against brute-force attacks based on algorithms as taught by Liu in order to ensure that the document’s integrity and authenticity are preserved against future threats.
The motivation is to modify signed documents that that they remain trustworthy and verifiable once quantum computing becomes sufficiently powerful by providing a secure baseline and mitigating the risk of retroactive forgery or tampering.
Regarding Claim 13:
The computing environment of claim 10, Griffin in view of Liu in further view of Anderson disclose wherein the hash of the signed document is determined by inputting the signed document and a digital signature from the classical encryption algorithm into a hash function such that the resulting hash captures any change to either component.(Griffin, [0042], such as SignedData and NamedKey EncryptedData, the QSDS message processing system 100 may incorporate additional asymmetric cryptography (e.g. Signcryption, X9.73, ISO/IEC 29150), digital signatures (e.g. RSA, X9.31, DSA, FIPS 186-4, ECDSA, X9.62) and/or known encryption algorithms (e.g. AES 256, FIPS 197), keyed hash message authentication code (HMAC) algorithm (FIPS 198 1)) using hash algorithms (e.g., SHA 256, FIPS 180 4) or suitable key derivation algorithms (e.g. SHA 256, FIPS 180 4).).
Regarding Claim 14:
The computing environment of claim 10, Griffin in view of Liu in further view of Anderson disclose wherein the document is digital content (Griffin, [0063], The signing party computing system's 104 method 400 of generating a QSDS message begins at 402 when the signing party computing system 104 wants to sign an email with content (e.g., document, attachment, communication, etc.)).
Regarding Claim 16:
The computing environment of claim 10, Griffin in view of Liu in further view of Anderson disclose wherein the document is software code (Griffin, [0003], Digital signatures are mathematical schemes for demonstrating the data integrity and origin authenticity of digital messages or electronic documents).
Regarding Claim 17:
The computing environment of claim 10, Griffin in view of Liu in further view of Anderson disclose wherein the classical encryption algorithm is one of Elliptic Curve Cryptography and Rivest-Shamir-Adleman (Liu, [0017], existing public-key digital signature algorithms such as Rivest-Shamir-Adleman (RSA) and Elliptic Curve Digital Signature Algorithm (ECDSA).
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Griffin’s Quantum-resistant double signature system by enhancing Griffin’s digital signature on a dual-signed message by a relying party computing system to secure against brute-force attacks based on algorithms as taught by Liu in order to ensure that existing signatures are initially protected using established cryptographic standards.
The motivation is to enhance signing of the hash with a post-quantum cryptography algorithm and by securing the documents against future quantum attacks by preserving the authenticity and integrity of already signed documents.
Regarding Claim 18:
The computing environment of claim 10, Griffin in view of Liu in further view of Anderson disclose wherein the PQC algorithm utilizes one of Lattice-Based Cryptography, Hash-Based Cryptography, Code-Based Cryptography, and Multivariate Quadratic Equations (Liu, [0028], Today's PQC is mostly focused on the following approaches: 1) hash-based cryptography based on Merkle's hash tree public-key signature system of 1979, which is built upon a one-message-signature idea of Lamport and Diffie; 2) code-based cryptography, such as McEliece's hidden-Goppa-code public-key encryption system; 3) lattice-based cryptography based on Hoffstein-Pipher-Silverman public-key-encryption system of 1998; 4) multivariate-quadratic equations cryptography based on Patarin's HFE public-key-signature system of 1996 that is further based on the Matumoto-Imai proposal; ).
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Griffin’s Quantum-resistant double signature system by enhancing Griffin’s digital signature on a dual-signed message by a relying party computing system to secure against brute-force attacks based on algorithms as taught by Liu in order to ensure the resist attacks from quantum computers.
The motivation is to enhance the use of quantum-resistant cryptographic algorithms and ensuring the hash of the already signed document remains secure against quantum decryption attempts.
Regarding Claim 19:
Griffin discloses:
A non-transitory computer-readable medium comprising instructions that, when executed, cause one or more processors to implement steps of:
obtaining a signed document where the signed document has previously been signed using a classical encryption algorithm and includes a document body and a classical digital signature signature(Griffin, [0042-0045], such as SignedData and NamedKey EncryptedData, the QSDS message processing system 100 may incorporate additional asymmetric cryptography (e.g. Signcryption, X9.73, ISO/IEC 29150), digital signatures (e.g. RSA, X9.31, DSA, FIPS 186-4, ECDSA, X9.62) and/or known encryption algorithms (e.g. AES 256, FIPS 197), keyed hash message authentication code (HMAC) algorithm (FIPS 198 1)) using hash algorithms);
determining a hash of the signed document including hashing both the document body and the classical digital signature as a combined input (Griffin. [0041], The CMS messageDigest attribute is generating by the signing party computing system 104 computing a cryptographic hash on the content-to-be-signed (e.g., the content), [0043], computing system 102 any data type that identifies a hash of the document to-be-signed,);
encrypting the hash of the signed document to obtain a digital signature, wherein the encrypting utilizes a private key associated with a Post-Quantum Cryptography (PQC) algorithm to generate a PQC signature attesting to the pre-quantum integrity state of the signed document (Griffin, [0042], the QSDS message processing system 100 may incorporate additional asymmetric cryptography (e.g. Signcryption, X9.73, ISO/IEC 29150), digital signatures (e.g. RSA, X9.31, DSA, FIPS 186-4, ECDSA, X9.62) and/or known encryption algorithms (e.g. AES 256, FIPS 197), keyed hash message authentication code (HMAC) algorithm (FIPS 198 1)) using hash algorithms (e.g., SHA 256, FIPS 180 4) or suitable key derivation algorithms (e.g. SHA 256, FIPS 180 4).);
Griffin does not disclose:
and attaching the digital signature to the signed document as a PQC signature block appended without altering the document body or the classical signaure to provide a PQC signed document which is protected against quantum attacks on the classical encryption algorithm without requiring re-execution of the classical signing operation by an original signer.
Liu discloses:
and attaching the digital signature to the signed document as a PQC signature block appended without altering the document body or the classical signaure to provide a PQC signed document which is protected against quantum attacks on the classical encryption algorithm without requiring re-execution of the classical signing operation by an original signer.
(Liu, [0017], existing public-key digital signature algorithms such as Rivest-Shamir-Adleman (RSA) and Elliptic Curve Digital Signature Algorithm (ECDSA) are anticipated not to be secure against brute-force attacks based on algorithms such as Shor's algorithm using quantum computers. The eXtended Merkle signature scheme (XMSS) and/or an eXtended Merkle multi-tree signature scheme (XMSS-MT) are hash-based signature schemes that can protect against attacks by quantum computers. As used herein, the term XMSS shall refer to both the XMSS scheme and the XMSS-MT scheme.).
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Griffin’s Quantum-resistant double signature system by enhancing Griffin’s digital signature on a dual-signed message by a relying party computing system to secure against brute-force attacks based on algorithms as taught by Liu in order to ensure that the integrity and authenticity of the document remain verifiable.
The motivation is to enhance security by providing quantum resistance that preserves that integrity and authenticity of the document. Furthermore, the enhancement ensures long-term verifiability of the signed document and any tampering within the system.
Griffin in view of Liu do not disclose:
obtaining a signed document where the signed document has previously been signed using a classical encryption algorithm and includes a document body and a classical digital signature signature
determining a hash of the signed document including hashing both the document body and the classical digital signature as a combined input
Anderson discloses:
obtaining a signed document where the signed document has previously been signed using a classical encryption algorithm and includes a document body and a classical digital signature signature(Anderson, [0156], FIG. 35, the signature block 800 contains the block names (j, k) of the blocks 804 and 806 being bound together and the digital hashes 808 and 810 of the content for these blocks. A hash 811 can be generated from the document names and the digital hashes 808 and 810, and a digital signature 812 can be generated by digitally signing the hash 811, [0162], at a step 604 a hash value is calculated using the contents of the subject block having the nonce value prepended, while excluding the block start tag and block end tag [0195], The digital signature is to insure that the electronic document is authentic and has not been tampered with. By using the multilevel hash operation, the electronic document is able to provide improved authentication and tamper resistance.))
determining a hash of the signed document including hashing both the document body and the classical digital signature as a combined input(Anderson, [0162], at a step 604 a hash value is calculated using the contents of the subject block having the nonce value prepended… at a step 608 the resulting hash value is inserted into the <hash> entry in the signature block… Sixth, at a step 612 a second hash calculation is performed on the contents of the <sigdata> sub-block, which contains the previously calculated hashes, their block references, and the < nonce>… Seventh, at a step 614 the second hash value is then encrypted using a private key… [0156], the signature block 800 contains the block names (j, k) of the blocks 804 and 806 being bound together and the digital hashes 808 and 810 of the content for these blocks. A hash 811 can be generated from the document names and the digital hashes 808 and 810, and a digital signature 812 can be generated by digitally signing the hash 811…[0195], The digital signature is to insure that the electronic document is authentic and has not been tampered with. By using the multilevel hash operation, the electronic document is able to provide improved authentication and tamper resistance.)
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Griffin in view of Liu’s Quantum-resistant double signature system by enhancing Griffin in view of Liu’s digital signature on a dual-signed message by a relying party computing system to secure against brute-force attacks based on algorithms as taught by Anderson in order to ensure detection of any medication to the document body or associated digital signature despite future compromise of classical private keys.
The motivation is to enhance integrity assurance of digitally signed documents against foreseeable compromise of classical public-key algorithms. Furthermore, it enhances the durability of digital signature validity in a post-quantum threat environment within the system.
Regarding Claim 20:
The non-transitory computer-readable medium of claim 19, Griffin in view of Liu disclose wherein the steps further include: receiving a document that purports to be the PQC signed document (Griffin, [0055], the QSDS message following current CMS processing rules would be unable to detect an alteration of the document or the signature, as the signature would appear to be valid because it was signed);
Griffin does not disclose:
decrypting the digital signature using a public key associated with the private key to obtain the hash
and comparing the hash and the second hash to determine whether or not the document is the PQC signed document and detecting any medication of either component regardless of compromise of the classical private key
Liu discloses:
decrypting the digital signature using a public key associated with the private key to obtain the hash (Liu, [0042], [0043],security functions on behalf of the signing device 310. In some embodiments, the cryptography logic 340 may be embodied as a cryptographic engine, an independent security co-processor of the signing device 310, a cryptographic accelerator incorporated into the processor(s) 320, or a standalone software/firmware. In some embodiments, the cryptography logic 340 may generate and/or utilize various cryptographic keys (e.g., symmetric/asymmetric cryptographic keys) to facilitate encryption, decryption, signing, and/or signature verification.);
and comparing the hash and the second hash to determine whether or not the document is the PQC signed document and detecting any medication of either component regardless of compromise of the classical private key
(Liu, [0047], apply the same hash function or chain function as applied by hash logic 332 of authentication logic 330, to each received message element a number, N-mi′ (or mi′), times to yield a verification message element. Whether a verification signature, i.e., each of the L verification message elements, corresponds to a corresponding public key element, pki, may then be determined. For example, verification logic 370 may be configured to compare each verification message element to the corresponding public key element, pki. If each of the verification message element matches the corresponding public key element, pki, then the verification corresponds to success).
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Griffin’s Quantum-resistant double signature system by enhancing Griffin’s digital signature on a dual-signed message by a relying party computing system to secure against brute-force attacks based on algorithms as taught by Liu in order to ensure that the document has not been altered, forged or replaced.
The motivation is to enhance the security by protecting the verification process from quantum attacks, guaranteeing that only a legitimately OQC signed document can be validated as authentic.
Griffin in view of Liu do not disclose:
determining a second hash of the document that purports to be the PQC signed document including hashing both the document body and the classical digital signature contained therein
Anderson discloses:
determining a second hash of the document that purports to be the PQC signed document including hashing both the document body and the classical digital signature contained therein(Anderson, [0162], Sixth, at a step 612 a second hash calculation is performed on the contents of the <sigdata> sub-block, which contains the previously calculated hashes, their block references, and the < nonce>… a second hash calculation is performed on the contents of the <sigdata> sub-block, which contains the previously calculated hashes, their block references, and the < nonce>…. [0156], he signature block 800 contains the block names (j, k) of the blocks 804 and 806 being bound together and the digital hashes 808 and 810 of the content for these blocks. A hash 811 can be generated from the document names and the digital hashes 808 and 810, and a digital signature 812 can be generated by digitally signing the hash 811.)
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Griffin in view of Liu’s Quantum-resistant double signature system by enhancing Griffin in view of Liu’s digital signature on a dual-signed message by a relying party computing system to secure against brute-force attacks based on algorithms as taught by Anderson in order to ensure detection of any medication to the document body or associated digital signature despite future compromise of classical private keys.
The motivation is to enhance integrity assurance of digitally signed documents against foreseeable compromise of classical public-key algorithms. Furthermore, it enhances the durability of digital signature validity in a post-quantum threat environment within the system.
Claims 6 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Griffin (US Publication No. 2023/0291572 A) in view of Liu (US Publication No. 2022/0166771 A1) in further view of Anderson (US 20010018739 A1) and in further view of Taware(US Publication No. 12081670 B1).
Regarding Claim 6:
Griffin in view of Liu in further view of Anderson disclose:
The method of claim 5…
Griffin in view of Liu in further view of Anderson do not disclose:
wherein the digital content is one of a legal document, a financial document, and a government document
Taware discloses:
wherein the digital content is one of a legal document, a financial document, and a government document(Taware, Col. 8, lines 35-45, The electronic document 465 may be one or more files storing electronic media content (e.g., textual or image content). For example, the content of the electronic document 465 may include: identification documents; financial documents such as bank statements, tax reports, and credit reports; legal documents including contracts, legal agreements, and court orders; educational documents such as diplomas, degrees, certificates; business documents such as licenses and business permits; and government documents such as visas and residence permits, among others.).
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Griffin in view of Liu in further view of Anderson’s Quantum-resistant double signature system by enhancing Griffin in view of Liu in further view of Anderson’s digital signature on a dual-signed message by a relying party computing system to secure against brute-force attacks based on algorithms as taught by Taware in order to ensure the systems authenticity and integrity of the critical document.
The motivation is to enhance the documents legal, financial or regulatory significance, where undetected alterations could have serious consequences and by preventing unauthorized modifications by maintain trust in the source and content.
Regarding Claim 15:
Griffin in view of Liu in further view of Anderson disclose:
The computing environment of claim 14…
Griffin in view of Liu in further view of Anderson do not disclose:
wherein the digital content is one of a legal document, a financial document, and a government document
Taware discloses:
wherein the digital content is one of a legal document, a financial document, and a government document (Taware, Col. 8, lines 35-45, The electronic document 465 may be one or more files storing electronic media content (e.g., textual or image content). For example, the content of the electronic document 465 may include: identification documents; financial documents such as bank statements, tax reports, and credit reports; legal documents including contracts, legal agreements, and court orders; educational documents such as diplomas, degrees, certificates; business documents such as licenses and business permits; and government documents such as visas and residence permits, among others.).
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Griffin in view of Liu in further view of Anderson’s Quantum-resistant double signature system by enhancing Griffin in view of Liu in further view of Anderson’s digital signature on a dual-signed message by a relying party computing system to secure against brute-force attacks based on algorithms as taught by Taware in order to ensure the systems authenticity and integrity of the critical document.
The motivation is to enhance the documents legal, financial or regulatory significance, where undetected alterations could have serious consequences and by preventing unauthorized modifications by maintain trust in the source and content.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MAYASA SHAAWAT whose telephone number is (571)272-3939. The examiner can normally be reached on M-F, 8 AM TO 5 PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, JEFFREY PWU can be reached on (571)272-6789. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MAYASA A. SHAAWAT/Examiner, Art Unit 2433
/JEFFREY C PWU/Supervisory Patent Examiner, Art Unit 2433