DETAILED ACTION
Notice of Pre-AIA or AIA Status
1.The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
2. Applicant's arguments filed on 02/02/2026 with respect to independent claims 1 and 11 have been fully considered but they are not persuasive.
3. Applicant argues that the claims requires communication between the source and destination over the relay. Applicant then state that, in Lim reference the communication between the source and destination does not involve “relay”. All communication is sent back and forth between the first device 102A and the second device 102B over the link 116.
4. Examiner would like to point out that the, in a wireless network, “a relay” act as a bridge between the source and a destination that are too far apart for direct communication. Relay acts as a link and/or bridge for receiving and transmitting data and signals between source and destination devices.
Moreover, the claims do not specifically recite anything about “relay”, as such using the broadest reasonable interpretation, examiner interpreted “relay” as link (see, Fig.1, element.116 in Lim reference).
5. As such, the Lim reference teaches the limitations cited by the independent claims, and the rejection is made Final.
Examiner Note: If any questions or concerns remains, Examiner respectfully request that applicant to contact and arrange an interview
Claim Rejections - 35 USC § 102
6. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
7. Claim(s) 1,3-11 and 13-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Lim (US Pub.No.2017/0063853).
8. Regarding claims 1 and 11 Lim teaches a method and a system for secure message authentication in a wireless network comprising a source, a relay, and a destination, the method comprising: transmitting a first message from the source to the relay; transmitting a second message from the relay to the destination; transmitting a first tag from the source to the destination; utilizing, at the destination, the first tag transmitted by the source to verify that the second message transmitted by the relay corresponds to the first message transmitted by the source (Fig.1, Para:0018 and Para:00021 teaches exchanging encoded data between two authenticated devices 102A and 102B. System 100 includes device 102A and device 102B (collectively “devices 102”) which are configured to exchange information (e.g., data) via communication channel or “link” 116A. System 100 also includes unauthorized device 122 which is configured to intercept, via link 116B, the data being exchanged across link 116A. Para:0023 teaches Device 102A includes authentication module 130A and device 102B includes authentication module 130B. Authentication module 130A and 130B (collectively “authentication modules 130”) may enable devices 102 to execute a challenge-response protocol for authenticating devices 102 and ensuring integrity of the data being exchanged over link 116A, and may further use a session key derived from the execution of the challenge-response protocol to encode and decode the data being exchanged over link 116A.
Figs.2, 3A-B, Para:0077-0086 and Para:0026-0030 teaches during a particular communication session, device 102B may transmit data to device 102A via link 116A. So that device 102A can verify that the data received via link 116A has arrived unaltered and actually originated from device 102B, authentication module 130B of device 102B may derive a first instance of a session key for the particular communication session between devices 102, The first instance of the session key may be regenerated by authentication module 130B for each communication session (e.g., periodically, etc.). Based on the derived first instance of the session key, authentication module 130B may then generate a first message authentication code (MAC) tag for the particular communication session and include the first MAC tag within the data that device 102A outputs to link 116A. For example, authentication module 130B may input the session key into a MAC function that outputs a first MAC tag which authentication module 130B then uses to mark the data before transmission. Upon receipt of data from link 116A, authentication module 130A of device 102A may analyze the first MAC tag with the data received via link 116A to determine whether device 102B actually transmitted the data and further whether the data is unaltered from its original form. For instance, authentication module 130A of device 102A may derive a second instance of the session key for the particular communication session between devices 102. The second instance of the session key may be regenerated by authentication module 130A for each communication session (e.g., periodically, etc.). Based on the derived second instance of the session key, authentication module 130A may then generate a second MAC tag for the particular communication session and determine whether the second MAC lag that authentication module 130A generates matches the first MAC tag received within the data received via link 116A. For example, authentication module 130A may input the session key into a MAC function that outputs a second MAC tag which authentication module 130A then uses to verify whether the data received via link 116A is authentic or not. Authentication module 130A may determine that the data received via link 116A is authentic if the second MAC tag generated by authentication module 130A matches the first MAC tag received within the received data).
9. Regarding claims 3, 13 Lim teaches the method and the system, wherein a secret key is shared between the source and destination and wherein the first tag is calculated by applying a hash function to the first message and the secret key to obtain a hash and then channel encoding the hash for sending to the destination (Para:0018 teaches the first device and the second device may each derive a session key that is common to both the first and second devices but never actually shared across the communication line. When receiving data front the first device, the second device may authenticate the first device by inputting the session key into a MAC algorithm to derive an instance of a MAC tag. The second device may compare the derived MAC tag to a MAC tag received from the first device along with the data transmission. If the derived and received MAC tags match, the second device may authenticate the first device (e.g., confirm the identity of the first device) and verify the integrity of the received data (e.g., confirm that the data was unaltered during transmission. Figs.2,3A-B3 and Para:0077-0086 teaches MAC tag is calculated by applying a hash function).
10. Regarding claims 4, 14 Lim teaches the method and the system, wherein transmitting the first message further comprises transmitting a first signal comprising the first message and the first tag from the source to the relay while simultaneously transmitting the first signal comprising the first message and the first tag from the source to the destination; wherein transmitting the second message further comprises transmitting a second signal comprising the second message and a second tag from the relay to the destination; and wherein utilizing the first tag further comprises: extracting the first tag from the first signal at the destination; checking whether the second tag received from the relay matches the first tag received from the source such that the destination determines (i) that the second message corresponds to the first message if the second tag matches the first tag or (ii) that the second message does not correspond to the first message if the second tag does not match the first tag (Figs.2, 3A-B, Para:0077-0086 and Para:0026-0030 teaches during a particular communication session, device 102B may transmit data to device 102A via link 116A. So that device 102A can verify that the data received via link 116A has arrived unaltered and actually originated from device 102B, authentication module 130B of device 102B may derive a first instance of a session key for the particular communication session between devices 102, The first instance of the session key may be regenerated by authentication module 130B for each communication session (e.g., periodically, etc.). Based on the derived first instance of the session key, authentication module 130B may then generate a first message authentication code (MAC) tag for the particular communication session and include the first MAC tag within the data that device 102A outputs to link 116A. For example, authentication module 130B may input the session key into a MAC function that outputs a first MAC tag which authentication module 130B then uses to mark the data before transmission. Upon receipt of data from link 116A, authentication module 130A of device 102A may analyze the first MAC tag with the data received via link 116A to determine whether device 102B actually transmitted the data and further whether the data is unaltered from its original form. For instance, authentication module 130A of device 102A may derive a second instance of the session key for the particular communication session between devices 102. The second instance of the session key may be regenerated by authentication module 130A for each communication session (e.g., periodically, etc.). Based on the derived second instance of the session key, authentication module 130A may then generate a second MAC tag for the particular communication session and determine whether the second MAC lag that authentication module 130A generates matches the first MAC tag received within the data received via link 116A. For example, authentication module 130A may input the session key into a MAC function that outputs a second MAC tag which authentication module 130A then uses to verify whether the data received via link 116A is authentic or not. Authentication module 130A may determine that the data received via link 116A is authentic if the second MAC tag generated by authentication module 130A matches the first MAC tag received within the received data).
11. Regarding claims 5, 15 Lim teaches the method and the system, wherein extracting further comprises treating, at the destination, the first message as interference and decoding the first tag from the first signal (Para:0019 and Para:0071-0072 teaches the first device may encode data prior to transmission by performing an “exclusive-or” (also referred to as “XOR” or “exclusive disjunction) operation between the derived session key and the data. After receipt of the data, the second device may then decode the data using the derived session key as a “decipher” or “decryption key” to unscramble the data. In some examples, the second device may decode the data after receipt by performing an exclusive-or operation between the encoded data and the derived session key to obtain the original, unencoded data).
12. Regarding claims 6, 16 Lim teaches the method and the system, wherein the relay conducts successive interference cancellation to extract the first message from the first signal followed by transmitting the second signal (Para:0020-0021 teaches system 100 also includes unauthorized device 122 which is configured to intercept, via link 116B, the data being exchanged across link 116A. Unauthorized device 122 represents any type of device that is configured to sniff, snoop, or otherwise intercept information being exchanged via a data path. Examples of unauthorized device 122 include computing devices, computing systems, network devices, or any other type of device that can read data being passed between devices via a data path. In the example of FIG. 1, unauthorized device 122 may receive, via link 116B, a copy of the information or data traveling between devices 102 via link 116A.
Para:0026-0030 teaches based on the derived second instance of the session key, authentication module 130A may then generate a second MAC tag for the particular communication session and determine whether the second MAC tag that authentication module 130A generates matches the first MAC tag received within the data received via link 116A. For example, authentication module 130A may input the session key into a MAC function that outputs a second MAC tag which authentication module 130A then uses to verify whether the data received via link 116A is authentic or not).
13. Regarding claims 7,17 Lim teaches the method and the system, wherein transmitting the second message and transmitting the first tag occur simultaneously such that the destination receives a signal comprising the second message and the first tag; and wherein utilizing the first tag further comprises: calculating a second tag from the second message by applying a hash function to the second message and a secret key shared between the source and destination; and checking whether the second tag calculated from the second message matches the first tag transmitted by the source such that the destination determines (i) that the second message corresponds to the first message if the second tag matches the first tag or (ii) that the second message does not correspond to the first message if the second tag does not match the first tag (Figs.2, 3A-B, Para:0077-0086 and Para:0026-0030 teaches during a particular communication session, device 102B may transmit data to device 102A via link 116A. So that device 102A can verify that the data received via link 116A has arrived unaltered and actually originated from device 102B, authentication module 130B of device 102B may derive a first instance of a session key for the particular communication session between devices 102, The first instance of the session key may be regenerated by authentication module 130B for each communication session (e.g., periodically, etc.). Based on the derived first instance of the session key, authentication module 130B may then generate a first message authentication code (MAC) tag for the particular communication session and include the first MAC tag within the data that device 102A outputs to link 116A. For example, authentication module 130B may input the session key into a MAC function that outputs a first MAC tag which authentication module 130B then uses to mark the data before transmission. Upon receipt of data from link 116A, authentication module 130A of device 102A may analyze the first MAC tag with the data received via link 116A to determine whether device 102B actually transmitted the data and further whether the data is unaltered from its original form. For instance, authentication module 130A of device 102A may derive a second instance of the session key for the particular communication session between devices 102. The second instance of the session key may be regenerated by authentication module 130A for each communication session (e.g., periodically, etc.). Based on the derived second instance of the session key, authentication module 130A may then generate a second MAC tag for the particular communication session and determine whether the second MAC lag that authentication module 130A generates matches the first MAC tag received within the data received via link 116A. For example, authentication module 130A may input the session key into a MAC function that outputs a second MAC tag which authentication module 130A then uses to verify whether the data received via link 116A is authentic or not. Authentication module 130A may determine that the data received via link 116A is authentic if the second MAC tag generated by authentication module 130A matches the first MAC tag received within the received data).
14. Regarding claims 8, 18 Lim teaches the method and the system, wherein prior to utilizing the first tag, the method further comprises: decoding, by the destination, the second message from the signal by treating the first tag as interference; removing the second message from the signal to produce a remaining signal; and decoding the first tag from the remaining signal (Figs.2, 3A-B, Para:0077-0086 and Para:0026-0030 teaches during a particular communication session, device 102B may transmit data to device 102A via link 116A. So that device 102A can verify that the data received via link 116A has arrived unaltered and actually originated from device 102B, authentication module 130B of device 102B may derive a first instance of a session key for the particular communication session between devices 102, The first instance of the session key may be regenerated by authentication module 130B for each communication session (e.g., periodically, etc.). Based on the derived first instance of the session key, authentication module 130B may then generate a first message authentication code (MAC) tag for the particular communication session and include the first MAC tag within the data that device 102A outputs to link 116A. For example, authentication module 130B may input the session key into a MAC function that outputs a first MAC tag which authentication module 130B then uses to mark the data before transmission. Upon receipt of data from link 116A, authentication module 130A of device 102A may analyze the first MAC tag with the data received via link 116A to determine whether device 102B actually transmitted the data and further whether the data is unaltered from its original form. For instance, authentication module 130A of device 102A may derive a second instance of the session key for the particular communication session between devices 102. The second instance of the session key may be regenerated by authentication module 130A for each communication session (e.g., periodically, etc.). Based on the derived second instance of the session key, authentication module 130A may then generate a second MAC tag for the particular communication session and determine whether the second MAC lag that authentication module 130A generates matches the first MAC tag received within the data received via link 116A. For example, authentication module 130A may input the session key into a MAC function that outputs a second MAC tag which authentication module 130A then uses to verify whether the data received via link 116A is authentic or not. Authentication module 130A may determine that the data received via link 116A is authentic if the second MAC tag generated by authentication module 130A matches the first MAC tag received within the received data).
15. Regarding claims 9, 19 Lim teaches the method and the system, wherein utilizing the first tag further comprises: decoding the first tag, when possible, to carry out a cryptographic authentication; or utilizing physical-layer authentication of the first tag when decoding the first tag is not possible (Para:0005 and Para:0071-0072 teaches after encoding the message based on crypto key 246B, authentication module 230B of device 202B may transmit, to device 202A, the encoded message via link 216. Authentication module 230A of device 202A may receive, from device 202B, the encoded message via link 216. Based on crypto key 246A, authentication module 230A may decode the message received via link 216.
For example, authentication module 230A may provide the encoded message to cipher/decipher module 238A. If an exclusive-or operation was used to encode the message, cipher/decipher module 238A may decode the message based on crypto key 246A by likewise performing the exclusive-or operation between the message and crypto key 246A. Otherwise, if a CRC operation or hash function was used by cipher/decipher module 238B to encode the message received via link 216, cipher/decipher module 238A may decode the message received via link 216 using crypto key 246A and the inverse CRC operation or hash function. Para:0074 teaches In some examples, subsequent to decoding the message, authentication module 230A may authenticate, based on MAC tag 244A, the message. In other words, before storing the unencoded message data at data store 250A, authentication module 230A may perform authentication operations on an embedded MAC tag found in the data using MAC tag 244A).
.
16. Regarding claims 10, 20 Lim teaches the method and the system, wherein the wireless network is one of a cellular telecommunications network or an internet-of-things network (Fig.1 and Para:0020-0022).
Claim Rejections - 35 USC § 103
17.The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
18.Claims 2 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Lim (US Pub.No.2017/0063853) in view of Lee (US Pub.No.2015/0281961).
19. Regarding claim 2 Lim teaches all the above claimed limitations but fails to teach the method and the system wherein the source transmits the first message to the relay and transmits the first tag to the destination according to a nonorthogonal multiple access (NOMA) protocol.
Lee teaches the source transmits the first message to the relay and transmits the first tag to the destination according to a nonorthogonal multiple access (NOMA) protocol (Para:0005 and Para:0090 teaches nonorthogonal multiple access (NOMA) protocol).
Therefore, to would have been obvious to one of the ordinary skills in the art before the effective filing date of the invention was filed to modify Su to include the source transmits the first message to the relay and transmits the first tag to the destination according to a nonorthogonal multiple access (NOMA) protocol as taught by Lee, such a setup would improve spectral efficiency and reliability.
Conclusion
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DEREENA T CATTUNGAL whose telephone number is (571)270-0506. The examiner can normally be reached Mon-Fri : 7:30 AM-5 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached at 571-272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/DEREENA T CATTUNGAL/Primary Examiner, Art Unit 2431