Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
Applicant’s amendment filed on 12/15/2025 has been entered. Applicant has amended claims 1-9, 10-14 and 17-20. Currently claims 1-20 are pending in this application.
Response to Arguments
Applicant's arguments with respect to 35 U.S.C. 102(a)/35 U.S.C. 103 rejection of claim 1-20 have been considered but are moot in view of the new ground(s) of rejection.
Applicant's arguments regarding 35 U.S.C. 101 have been fully considered but they are not persuasive.
Applicant argued:
PNG
media_image1.png
221
648
media_image1.png
Greyscale
PNG
media_image2.png
409
642
media_image2.png
Greyscale
In reply, examiner would like to point out that the term “communication network” does not inherently require any machine or non-human technology. A “communication network” could be interpreted to include any system that connects nodes (people or device) to exchange information and therefore, does not rule out humans manually performing tasks. The claims do not require the use of a machine and may simply be performed mentally or with a pen and paper. A person can perform exchange of encryption keys with other persons in order to construct key array and also perform simple encryption (for example substituting words using substitution table) and write the encrypted text on a paper and provide it to another person (central node) which can perform data comparison and provide the result back on a paper to the first person without the assistance of a computer. Furthermore, even if, arguendo, the communication network does require machine, it is recited at a very generic level which does not amount to be significantly more than the judicial exception because it would simply use generic computer to perform generic computer functions that are well-understood, routine and conventional activities previously known to the industry. As a result, the argument is not persuasive.
Applicant further argued that:
PNG
media_image3.png
272
633
media_image3.png
Greyscale
PNG
media_image4.png
134
635
media_image4.png
Greyscale
As pointed above, the claims recite judicial exception and fails to tie it to any particular technology. Claims must do more than just use generic computer (or in this case reciting communication network) as a tool to perform the abstract idea. Successful integration requires a technological improvement and as pointed out above the claims could still be performed by network of human nodes by using pen and a paper does not provide any technological improvement. As a result, the arguments are not persuasive.
Applicant further argued that:
PNG
media_image5.png
383
645
media_image5.png
Greyscale
As pointed out earlier, the claims recite judicial exception and fails to tie it to any particular technology. The claim as a whole is still directed towards steps that could be done by mentally or with a pen and paper between human nodes. A person can perform exchange of encryption keys with other persons in order to construct key array and also perform simple encryption (for example substituting words using substitution table) and write the encrypted text on a paper and provide it to another person (central node) which can perform data comparison and provide the result back on a paper to the first person without the assistance of a computer. As a result, claims do not add any step that could amount to be significantly more than a claim directed to an abstract idea itself. As a result, the arguments are not persuasive and the rejection is maintained.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because the claims are directed to an abstract idea.
Claims 1-16 recite nodes in a communication network using encryption key array which is generated by the nodes of the communication network for encrypting plaintext data using encryption key array, sending the encrypted data set to a central node and acquiring a data comparison result generated by the central node. A “communication network” could be interpreted to include any system that connects nodes (people or device) to exchange information and therefore, does not rule out humans manually performing tasks. The claims do not require the use of a machine and may simply be performed mentally or with a pen and paper. A person can perform exchange of encryption keys with other persons in order to construct key array and also perform simple encryption (for example substituting words using substitution table) and write the encrypted text on a paper and provide it to another person (central node) which can perform data comparison and provide the result back on a paper to the first person without the assistance of a computer. Dependent claim also recited similar limitation that can be performed mentally and/or with the aid of pen and paper between two or more nodes (human). Therefore, the claims are abstract. With regards to claims 17-20, the data processing apparatus claimed to implement the abstract idea are merely generic computer components. Claims can be directed to an abstract idea that stands alone without technical implementation required to execute it to be considered abstract. Even if the steps of generating encryption keys, encrypting, sending and receiving data are implemented via computer and or device. The claims do not recite additional elements that are sufficient to amount to significantly more than the judicial exception because the limitations are merely instructions to implement the abstract idea on a computer and require no more than a generic computer to perform generic computer functions that are well-understood, routine and conventional activities previously known to the industry. Therefore, the claims are rejected under 35 U.S.C. 101 as being directed to non- statutory subject matter.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-3, 5-11 and 17-20 are rejected under 35 U.S.C. 103 as being unpatentable over Kerschbaum (US 2013/0246802 A1), hereinafter, “Kerschbaum” in view of Persson et al. (US 2007/0055877 A1), hereinafter, “Persson”.
Regarding Claims 1, 17 and 19, Kerschbaum discloses a data processing apparatus, corresponding method and non-transitory computer-readable storage medium, wherein the data processing apparatus comprises arranged at a first participating member node in a communication network, the communication network comprising a central node and participating member nodes, the participating member nodes comprising the first participating member node, the apparatus comprising:
a processor (See, Fig. 5, Numeral 510) and
a memory (See, Fig. 5, Numeral 520); wherein the memory is configured to store computer executable instructions, and the executable instructions are configured to be executed by the processor to enable the processor to:
encrypt plaintext service data based on an encryption key array to obtain a ciphertext data set of the first participating member node, wherein the ciphertext data set comprises ciphertext service data, and different participating member nodes use a same encryption key array (See, Paragraph 0068, “A key for an encryption hash function is selected…Each entity uses the encryption key and the hash function to encrypt their respective data sets and submits the encrypted data sets (306). For example, the entities 102, 104 encrypt respective data sets and provide the encrypted data sets to the service provider 106 in FIG. 1” and also see, Paragraphs 0038. “In some implementations, during the set-up stage, the entities can obtain respective keys for encryption of the respective data sets. In some examples, keys can be distributed using a secure computation protocol and/or by a trusted dealer”);
send the ciphertext data set of the first participating member node to the central node (See, Paragraph 0068, “the entities 102, 104 encrypt respective data sets and provide the encrypted data sets to the service provider 106 in FIG. 1”); and
acquire a data comparison result of the first participating member node generated by the central node, wherein the data comparison result is obtained by performing data comparison based on ciphertext service data in ciphertext data sets of the participating member nodes (See, Paragraph 0028, “Private set intersections (PSI) enables the calculation of a set intersection without revealing the non-matching items” and 0068, “The service provider identifies the set intersection (308)…The set intersection is retrieved (310).”).
Kerschbaum fails to discloses wherein the encryption key array contains m data encryption keys generated by m participating member nodes among n participating member nodes, m is an integer greater than 1 and less than or equal to n, n represents a number of the participating member nodes, and n is an integer greater than 1.
Persson discloses security in a communication network wherein an encryption key array contains m data encryption keys generated by m participating member nodes among n participating member nodes, m is an integer greater than 1 and less than or equal to n, n represents a number of the participating member nodes, and n is an integer greater than 1 (See, Figs. 3a-3e and Paragraphs 0077-0082).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have, in the system of Kerschbaum, an encryption key array that contains m data encryption keys generated by m participating member nodes among n participating member nodes, m is an integer greater than 1 and less than or equal to n, n represents a number of the participating member nodes, and n is an integer greater than 1 as taught by Persson in order to generate and exchange key array by the nodes participating in the communication without receiving from an external entity which improves the overall security of the system.
Regarding Claim 2, the rejection of claim 1 is incorporated and Kerschbaum further discloses wherein the ciphertext data set of the first participating member node comprises a plurality of pieces of ciphertext service data, the data comparison result comprises data comparison sub-results of the ciphertext service data of the first participating member node, and each of the data comparison sub-results corresponds to a piece of ciphertext service data of the first participating member node and is used to indicate a set of second participating member nodes holding the piece of ciphertext service data of the first participating member node (See, Paragraphs 0027, 0031, 0038 and 0046, Note: It is implied that when entities are more than two, server would need to compute data comparison between more than one pair of participating member node); wherein after acquiring the data comparison result generated by the central node, the method further comprises: determining common service data of a designated participating member node combination based on the data comparison sub-results, wherein the designated participating member node combination comprises the first participating member node and at least one fifth participating member node (See, Paragraphs 0027, 0031, 0038 and 0046, Note: please note that Kerschbaum clearly discloses any number to entities can participate in the protocol and when total entities are 6 and the intersection is occurring between two, it would read on wherein the designated participating member node combination comprises the first participating member node and at least one fifth participating member node).
Regarding Claim 3, the rejection of claim 1 is incorporated and the combination of Kerschbaum and Persson further discloses wherein encrypting the plaintext service data based on the encryption key array to obtain the ciphertext data set of the first participating member node comprises: determining the encryption key array containing the m data encryption keys, wherein m participating member nodes are m key generation nodes of the m data encryption keys and comprising the first participating member node and a third participating member node (See, Kerschbaum Paragraph 0068 as combined with Persson, Figs. 3a-3e and Paragraphs 0077-0082), determining the ciphertext data set of the first participating member node based on the encryption key array (See, Kerschbaum, Paragraph 0038).
Regarding Claim 5, the rejection of claim 3 is incorporated and the combination of Kerschbaum and Persson further discloses wherein determining the ciphertext data set of the first participating member node based on the encryption key array comprises: receiving a data encryption instruction sent by the central node, wherein the data encryption instruction is used to trigger the first participating member node to encrypt plaintext service data of the first participating member node based on the encryption key array to obtain ciphertext service data of the first participating member node; in response to the data encryption instruction, determining the ciphertext data set of the first participating member node based on the encryption key array (See, Kerschbaum, Paragraph 0068, Note: examiner is interpreting server device sending the key to the first entity as a data encryption instruction because upon receiving the key, first entity as well as second entity performs the data encryption).
Regarding Claim 6, the rejection of claim 1 is incorporated and the combination of Kerschbaum and Persson further discloses wherein encrypting the plaintext service data based on the encryption key array to obtain the ciphertext data set of the first participating member node comprises: determining the encryption key array containing the m data encryption keys, wherein the m participating member nodes are m key generation nodes of the m data encryption keys and comprise a plurality of participating member nodes different from the first participating member node (See, Kerschbaum Paragraph 0068 as combined with Persson, Figs. 3a-3e and Paragraphs 0077-0082); determining the ciphertext data set of the first participating member node based on the encryption key array (See, Kerschbaum, Paragraph 0038).
Regarding Claim 7, the rejection of claim 6 is incorporated and the combination of Kerschbaum and Persson further discloses wherein determining the encryption key array containing the m data encryption keys comprises: receiving data encryption keys of the plurality of participating member nodes different from the first participating member node as the encryption key array (See, Kerschbaum Paragraph 0068 as combined with Persson, Figs. 3a-3e and Paragraphs 0077-0082).
Regarding Claim 8, the rejection of claim 6 is incorporated and the combination of Kerschbaum and Persson further discloses wherein determining the ciphertext data set of the first participating member node based on the encryption key array comprises: receiving a data encryption instruction sent by the central node, wherein the data encryption instruction is used to trigger the first participating member node to encrypt plaintext service data of the first participating member node based on the encryption key array to obtain ciphertext service data of the first participating member node; in response to the data encryption instruction, determining the ciphertext data set of the first participating member node based on the encryption key array.
Regarding Claim 9, the rejection of claim 1 is incorporated and Kerschbaum further discloses wherein the ciphertext data set comprises user list ciphertext data, the user list ciphertext data comprises K pieces of ciphertext user information, and K is an integer greater than 1 (See, Paragraph 0071).
Regarding Claims 10, 18 and 20, Kerschbaum discloses a data processing apparatus arranged at a central node in a communication network, the communication network comprising the central node and participating member nodes, the participating member nodes comprising a first participating member node, corresponding method and non-transitory computer-readable storage medium, wherein the apparatus comprising:
a processor (See, Fig. 5, Numeral 510) and
a memory (See, Fig. 5, Numeral 520); wherein the memory is configured to store computer executable instructions, and the executable instructions are configured to be executed by the processor to implement the method comprising:
acquiring ciphertext data sets sent by the participating member nodes, wherein a ciphertext data set comprises ciphertext service data, the ciphertext service data is obtained by encrypting plaintext service data based on an encryption key array, and different participating member nodes use a same encryption key array, (See, Paragraph 0068, “A key for an encryption hash function is selected…Each entity uses the encryption key and the hash function to encrypt their respective data sets and submits the encrypted data sets (306). For example, the entities 102, 104 encrypt respective data sets and provide the encrypted data sets to the service provider 106 in FIG. 1” and also see, Paragraphs 0038. “In some implementations, during the set-up stage, the entities can obtain respective keys for encryption of the respective data sets. In some examples, keys can be distributed using a secure computation protocol and/or by a trusted dealer”); and
performing data comparison on the ciphertext service data in the ciphertext data sets of the participating member nodes to obtain a data comparison result of the first participating member node (See, Paragraph 0028, “Private set intersections (PSI) enables the calculation of a set intersection without revealing the non-matching items” and 0068, “The service provider identifies the set intersection (308) …The set intersection is retrieved (310).”).
Kerschbaum fails to discloses wherein the encryption key array contains m data encryption keys generated by m participating member nodes among n participating member nodes, m is an integer greater than 1 and less than or equal to n, n represents a number of the participating member nodes, and n is an integer greater than 1.
Persson discloses security in a communication network wherein an encryption key array contains m data encryption keys generated by m participating member nodes among n participating member nodes, m is an integer greater than 1 and less than or equal to n, n represents a number of the participating member nodes, and n is an integer greater than 1 (See, Figs. 3a-3e and Paragraphs 0077-0082).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have, in the system of Kerschbaum, an encryption key array that contains m data encryption keys generated by m participating member nodes among n participating member nodes, m is an integer greater than 1 and less than or equal to n, n represents a number of the participating member nodes, and n is an integer greater than 1 as taught by Persson in order to generate and exchange key array by the nodes participating in the communication without receiving from an external entity which improves the overall security of the system.
Regarding Claim 11, the rejection of claim 10 is incorporated and Kerschbaum further discloses wherein the ciphertext data set of the first participating member node comprises a plurality of pieces of ciphertext service data, wherein performing the data comparison on the ciphertext service data in the ciphertext data sets of the participating member nodes to obtain the data comparison result of the first participating member node comprises: performing the data comparison on the ciphertext service data in the ciphertext data sets of the participating member nodes to determine data comparison sub-results of the ciphertext service data of the first participating member node (See, Paragraphs 0027, 0031, 0038 and 0046), wherein each of the data comparison sub-results corresponds to a piece of ciphertext service data of the first participating member node and is used to indicate a set of second participating member nodes holding the piece of ciphertext service data of ciphertext service data of the first participating member node; and obtaining the data comparison result of the first participating member node based on the data comparison sub-results (See, Paragraphs 0027, 0031, 0038 and 0046, Note: It is implied that when entities are more than two, server would need to compute data comparison between more than one pair of participating member node).
Allowable Subject Matter
Claims 4 and 12-16 would be allowable if rewritten to overcome the rejection(s) under 35 U.S.C. 101, set forth in this Office action and to include all of the limitations of the base claim and any intervening claims.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to YOGESH PALIWAL whose telephone number is (571)270-1807. The examiner can normally be reached M-F 9:00AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Amir Mehrmanesh can be reached at (571)270-3351. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/YOGESH PALIWAL/Primary Examiner, Art Unit 2435