DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This initial written action is responding to the communication dated on 09/03/2024.
Claims 1-20 are submitted for examination.
Claims 1-20 are pending.
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Priority
This application filed on September 03, 2024 claims priority of parent application 18/790,559 filed on July 31, 2024.
Information Disclosure Statement
The following Information Disclosure Statements in the instant application submitted in compliance with the provisions of 37 CFR 1.97, and thus, have been fully considered:
IDS filed on 03 September 2024.
IDS filed on 27 January 2026.
Specification
The following title is suggested: “SYSTEMS AND METHODS FOR APPLYING AI/ML-BASED CRYPTOGRAPHY CONFIGURATION AND GENERATING CRYPTOGRAPHY KEYS”.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claim 1 recites a limitation, “A device, comprising: one or more processors configured to:..” Claim 1 further recites, “….provide the particular cryptography configuration to a particular system, wherein the particular system: wherein the particular system: “. The scope of the claim becomes unclear when the claim first recites a device comprising one or more processors.. and later claim recites a particular system and steps performed by the particular system. The preamble of claim 1 should recites, “A system comprising a device having a processor and a particular system..”.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1, 3-4, 7-8, 10-11, 14-15, 17-18 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Kampanakis et al. (US PAT. # US 12,200,105, hereinafter “Kampanakis”), and further in view of Massimiliano Pala (US PGPUB. # US 2022/0353061, hereinafter “Pala”).
Referring to Claims 1, 8 and 15:
Regarding Claim 1, Kampanakis teaches,
A device, comprising:
one or more processors configured to: (CL(12), LN(24-38))
a first cryptography technique, (CL(2), LN(15-17), “The first private key can be usable with a classical cryptography algorithm, such as elliptic curve cryptography (ECC), or elliptic-curve Diffie-Hellman (ECDH)”, Fig. 4(402), CL(12), LN(52-56), “a first public key usable with a classical cryptography algorithm”, i.e. Examiner submits that a classical cryptography algorithm is interpreted as a first cryptography technique)
a second cryptography technique, (CL(2), LN(17-21), “The second private key can be usable with a post-quantum cryptography algorithm, such as one or more algorithms standardized by the National Institute of Standards and Technology (NIST)”, Fig. 4(402), CL(12), LN(57-58), “a second public key usable with a post-quantum cryptography algorithm”, i.e. Examiner submits that a post-quantum cryptography algorithm is interpreted as a second cryptography technique) and
a combination scheme; (Fig. 4(406), CL(13), LN(15-30), “shared secrets are derived based at least on the first and second private keys, the ephemeral public key and the ciphertext” i.e. Examiner submits that shared secrets are interpreted as a combination scheme) and
generates a first key based on the first cryptography technique, (CL(2), LN(14-15), “The service can generate or obtain first and second private keys”, Fig. 4(404), “obtain a first private key usable with the classical cryptography algorithm”), CL(13), LN(1-4), i.e. a first private key is generated based on classical cryptography algorithm (first cryptographic technique))
generates a second key based on the second cryptography technique, (CL(2), LN(14-15), “The service can generate or obtain first and second private keys”, Fig. 4(404), CL(13), LN(4-5), “a second private key usable with the post-quantum cryptography algorithm”, i.e. a second private key is generated based on post-quantum cryptography algorithm (second cryptographic technique))
generates a third key based on the first key, the second key, and the combination scheme, (Fig. 4(406), CL(13), LN(17-20), “These shared secrets are derived based at least on the first and second private keys, the ephemeral public key and the ciphertext”, Fig. 4(408), CL(13), LN(37-40), “a plurality of symmetric keys is generated, which are usable an XTS-AES encryption or cryptography algorithm, based on the KDF in a key schedule and the shared secret”, CL(13), LN(40-45), “the plurality of keys is generated by concatenating the classical and post-quantum shared secrets”, i.e. Examiner submits that symmetric key (third key) is generated based on classical and post quantum shared secrets which are based on first key and second key where shared secret are interpreted as combination scheme) and
encrypts one or more communications using the third key. (Fig. 4(410), CL(13), LN(53-57), “the cryptography operation is an encryption operation that encrypts the data using the plurality of keys”).
Kampanakis does not teach explicitly,
maintain a set of models that include a plurality of cryptography configurations, wherein at least a particular cryptography configuration specifies:
provide the particular cryptography configuration to a particular system, wherein the particular system:
However, Pala teaches,
maintain a set of models that include a plurality of cryptography configurations, wherein at least a particular cryptography configuration specifies: (¶28, “this may support the deployment of hybrid PKIs where the authentication may be performed by using ‘traditional’ or ‘quantum resistant’ cryptography”, ¶52-¶53, ¶136, i.e. pala teaches maintaining plurality of cryptographic configurations such as classical algorithms, post-quantum algorithms)
provide the particular cryptography configuration to a particular system, wherein the particular system: (Fig, 1, ¶107, “the signing party 102 signs the digital certificate 104 using three Keys (Key K1 108, Key K2 110, and Key K3 112)”, “the three Keys 108, 110, and 112 use different cryptographic schemes with the same hashing algorithm (e.g., one signature could be with RSAwithSHA256 and another could be ECDSAwithSHA256)”, ¶108, Fig. 3, ¶122, ¶134, i.e. a particular key (particular cryptography configuration) is provided to a particular system).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Pala with the invention of Kampanakis.
Kampanakis teaches, generating first and second cryptographic key based on first and second cryptographic schemes. Pala teaches, maintaining different cryptographic configurations to generate cryptographic keys to sign certificate. Therefore, it would have been obvious to maintain different cryptographic configurations to generate cryptographic keys to sign certificate of Pala with generating first and second cryptographic key based on first and second cryptographic schemes of Kampanakis to ensure easy to deploy efficient solutions to provide support for multi-algorithm authentication. .
KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007).
Regarding Claim 8, it is a non-transitory computer-readable medium claim of above device claim 1 and therefore Claim 8 is rejected with the same rationale as applied against Claim 1 above.
Regarding Claim 15, it is a method claim of above device claim 1 and therefore Claim 15 is rejected with the same rationale as applied against Claim 1 above.
Referring to Claims 3, 10 and 17:
Regarding Claim 3 rejection of Claim 1 is included and for the same motivation Kampanakis teaches,
The device of claim 1, wherein the third key is a symmetric key. (Fig. 4, CL(13), LN(37-40), “a plurality of symmetric keys is generated, which are usable an XTS-AES encryption or cryptography algorithm, based on the KDF in a key schedule and the shared secret”).
Regarding Claim 10, rejection of Claim 8 is included and Claim 10 is rejected with the same rationale as applied against Claim 3 above.
Regarding Claim 17, rejection of Claim 15 is included and Claim 17 is rejected with the same rationale as applied against Claim 3 above.
Referring to Claims 4, 11 and 18:
Regarding Claim 4 rejection of Claim 1 is included and for the same motivation Kampanakis teaches,
The device of claim 1, wherein the combination scheme indicates one or more operations to perform with respect to one or more keys generated using the first cryptography technique and one or more keys generated using the second cryptography technique. (Fig. 4(406), CL(13), LN(15-30), “shared secrets are derived based at least on the first and second private keys, the ephemeral public key and the ciphertext”, Fig. 4(408), CL(13), LN(37-65), i.e. encryption/decryption is interpreted as one or more operation to perform using the generated keys).
Regarding Claim 11, rejection of Claim 8 is included and Claim 11 is rejected with the same rationale as applied against Claim 4 above.
Regarding Claim 18, rejection of Claim 15 is included and Claim 18 is rejected with the same rationale as applied against Claim 4 above.
Referring to Claims 7, 14 and 20:
Regarding Claim 7 rejection of Claim 1 is included and for the same motivation Kampanakis teaches,
The device of claim 1, wherein the particular cryptography configuration is a first cryptography configuration, wherein the combination scheme is a first combination scheme, wherein the one or more processors are further configured to:
identify a second cryptography configuration [based on the set of models], wherein the second cryptography configuration specifies a second combination scheme that is different from the first combination scheme; (CL(2), LN(15-17), “The first private key can be usable with a classical cryptography algorithm, such as elliptic curve cryptography (ECC), or elliptic-curve Diffie-Hellman (ECDH)”, CL(2), LN(17-21), “The second private key can be usable with a post-quantum cryptography algorithm, such as one or more algorithms standardized by the National Institute of Standards and Technology (NIST)”, Fig. 4(406), CL(13), LN(15-30), “shared secrets are derived based at least on the first and second private keys, the ephemeral public key and the ciphertext” i.e. Examiner submits that a second classical cryptography algorithm and second post-quantum cryptography algorithm are used for a second combination scheme where shared secrets are interpreted as a combination scheme which is different from the first combination scheme) and
Kampanakis does not teach explicitly,
[identify a second cryptography configuration] based on the set of models, [wherein the second cryptography configuration specifies a second combination scheme that is different from the first combination scheme];
provide the second cryptography configuration to the particular system, wherein the particular system implements the second cryptography configuration in lieu of the first cryptography configuration based on receiving the second cryptography configuration.
However, Pala teaches,
[identify a second cryptography configuration] based on the set of models, (¶28, “this may support the deployment of hybrid PKIs where the authentication may be performed by using ‘traditional’ or ‘quantum resistant’ cryptography”, ¶52-¶53, ¶136, i.e. pala teaches maintaining plurality of cryptographic configurations such as classical algorithms, post-quantum algorithms and these configurations are part of models)) [wherein the second cryptography configuration specifies a second combination scheme that is different from the first combination scheme];
provide the second cryptography configuration to the particular system, wherein the particular system implements the second cryptography configuration in lieu of the first cryptography configuration based on receiving the second cryptography configuration. (Fig. 1, ¶107, i.e. system implements a second cryptography configuration).
Regarding Claim 14, rejection of Claim 8 is included and Claim 11 is rejected with the same rationale as applied against Claim 7 above.
Regarding Claim 20, rejection of Claim 15 is included and Claim 20 is rejected with the same rationale as applied against Claim 7 above.
Claims 2, 9 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Kampanakis et al. (US PAT. # US 12,200,105, hereinafter “Kampanakis”), and further in view of Massimiliano Pala (US PGPUB. # US 2022/0353061, hereinafter “Pala”), and further in view of Miller et al. (US PGPUB. # US 2024/0121080, hereinafter “Miller”).
Referring to Claims 2, 9 and 16:
Regarding Claim 2 rejection of Claim 1 is included and combination of Kampanakis and Pala does not teach explicitly,
The device of claim 1, wherein the set of models include one or more artificial intelligence/machine learning (“AI/ML”) models.
However, Miller teaches,
The device of claim 1, wherein the set of models include one or more artificial intelligence/machine learning (“AI/ML”) models. (Fig. 1(126), ¶23, ¶28, “The user device 110 may store a machine learning model 126 and a key generation engine 128”).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Miller with the invention of Kampanakis in view of Pala.
Kampanakis in view of Pala teaches, generating first and second cryptographic key based on first and second cryptographic schemes and maintaining different cryptographic configurations to generate cryptographic keys to sign certificate. Miller teaches, training a machine learning model for different cryptographic configuration to generate cryptographic keys. Therefore, it would have been obvious to train a machine learning model for different cryptographic configuration to generate cryptographic keys of Miller into the teachings of Kampanakis in view of Pala so functions must be scalable utilizing automated process in order to accommodate a large number of users and an even larger number of keys.
KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007).
Regarding Claim 9, rejection of Claim 8 is included and Claim 9 is rejected with the same rationale as applied against Claim 2 above.
Regarding Claim 16, rejection of Claim 15 is included and Claim 16 is rejected with the same rationale as applied against Claim 2 above.
Claims 5-6, 12-13 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Kampanakis et al. (US PAT. # US 12.200,105, hereinafter “Kampanakis”), and further in view of Massimiliano Pala (US PGPUB. # US 2022/0353061, hereinafter “Pala”), and further in view of William Y. Shaw (US PAT. # US 5,619,576, hereinafter “Shaw”).
Referring to Claims 5 and 12:
Regarding Claim 5 rejection of Claim 1 is included and combination of Kampanakis and Pala does no teach explicitly,
The device of claim 1, wherein the first key includes a first set of characters, wherein the second key includes a second set of characters, wherein the third key includes a third set of characters that is based on the first and second sets of characters.
However, Shaw teaches,
The device of claim 1, wherein the first key includes a first set of characters, wherein the second key includes a second set of characters, wherein the third key includes a third set of characters that is based on the first and second sets of characters. (Abstract, “The final key is formed by manipulating one or more user keys, a base key and a block of data, and combining the manipulated keys and data using an exclusive-OR operation”, “The user key may be input to the present invention directly in binary form or in any other suitable form that the present invention can interpret as a binary sequence, such as a string of ASCII-encoded alphanumeric characters”, CL(2), LN(11-44), Fig. 2(60, 62)), CL(8), LN(5-60)).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Shaw with the invention of Kampanakis in view of Pala.
Kampanakis in view of Pala teaches, generating first and second cryptographic key based on first and second cryptographic schemes and maintaining different cryptographic configurations to generate cryptographic keys to sign certificate. Shaw teaches, combining first set of characters of first key with second set of characters of second key to generate a third key. Therefore, it would have been obvious to combine first set of characters of first key with second set of characters of second key to generate a third key of Shaw into the teachings of Kampanakis in view of Pala to provide a cryptographic system that does not restrict the user's choice of key length and that operates fast enough to be used in real-time video and voice environments.
KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007).
Regarding Claim 12, rejection of Claim 8 is included and Claim 12 is rejected with the same rationale as applied against Claim 5 above.
Regarding Claim 6 rejection of Claim 5 is included and for the same motivation combination of Kampanakis and Pala does no teach explicitly,
The device of claim 5, wherein the third set of characters includes an interspersing of one or more characters of the first set of characters with one or more characters of the second set of characters.
However, Shaw teaches,
The device of claim 5, wherein the third set of characters includes an interspersing of one or more characters of the first set of characters with one or more characters of the second set of characters. (Abstract, Fig. 2, CL(6), LN(1-30), CL(8), LN(5-67)).
Regarding Claim 13, rejection of Claim 12 is included and Claim 13 is rejected with the same rationale as applied against Claim 6 above.
Regarding Claim 19 rejection of Claim 15 is included and combination of Kampanakis and Pala does no teach explicitly,
The method of claim 15, wherein the first key includes a first set of characters, wherein the second key includes a second set of characters, wherein the third key includes a third set of characters that is based on the first and second sets of characters, wherein the third set of characters includes an interspersing of one or more characters of the first set of characters with one or more characters of the second set of characters.
However Shaw teaches,
The method of claim 15, wherein the first key includes a first set of characters, wherein the second key includes a second set of characters, wherein the third key includes a third set of characters that is based on the first and second sets of characters, wherein the third set of characters includes an interspersing of one or more characters of the first set of characters with one or more characters of the second set of characters. (Abstract, “The final key is formed by manipulating one or more user keys, a base key and a block of data, and combining the manipulated keys and data using an exclusive-OR operation”, “The user key may be input to the present invention directly in binary form or in any other suitable form that the present invention can interpret as a binary sequence, such as a string of ASCII-encoded alphanumeric characters”, CL(2), LN(11-44), Fig. 2(60, 62)), CL(8), LN(5-60), Fig. 2, CL(6), LN(1-30), CL(8), LN(5-67)).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Shaw with the invention of Kampanakis in view of Miller.
Kampanakis in view of Pala teaches, generating first and second cryptographic key based on first and second cryptographic schemes and maintaining different cryptographic configurations to generate cryptographic keys to sign certificate. Shaw teaches, combining first set of characters of first key with second set of characters of second key to generate a third key. Therefore, it would have been obvious to combine first set of characters of first key with second set of characters of second key to generate a third key of Shaw into the teachings of Kampanakis in view of Pala to provide a cryptographic system that does not restrict the user's choice of key length and that operates fast enough to be used in real-time video and voice environments.
KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Refer to PTO-892, Notice of References Cited for a listing of analogous art.
Mutheevi (US PGPUB. # US 2025/0211979) discloses, Systems and methods of managing cryptography resources in a telecommunications network perform or comprise: initializing a cryptography resource management script; receiving an input, the input including at least one of an input type, an input target, and a test identifier; retrieving a list of target network entities from a database, based on the input; generating an output report; and for each target network entity in the list of target network entities, and in response to a determination that a cryptography resource utilization of the target network entity is greater than a predetermined threshold, adding the target network entity to the output report.
Rajagopalan et al. (US PGPUB. # US 2025/0156748) discloses, a method includes receiving and analyzing data items to generate a weight for each data item. In response to determining that a first weight of a first data item is within a first weight range, the method determines that the first data item has a high security level. In response to determining that a second weight of a second data item is within a second weight range, the method determines that the second data item has a medium security level. A first subset of the data items having the high security level are encrypted with a first cryptography algorithm to generate first encrypted data items. A second subset of the data items having the medium security level are encrypted with a second cryptography algorithm to generate second encrypted data items. An artificial intelligence/machine learning model is trained using the first and second encrypted data items as a training data set.
Belchee et al. (US PAT. # US 12,184,772) discloses, a method for generating and/or using a mobile legal identification data object. An example method includes receiving a request for a mobile legal identification data object and generating the mobile legal identification data object based at least in part on the request for the mobile legal identification data object. The method further includes associating the mobile legal identification data object with a user profile. The method further includes providing the mobile legal identification data object to a user device associated with the user profile.
Arbajian et al. (US PAT. # US 11,727,829) discloses, a method for post-quantum cryptography (PQC). An example method includes receiving data, a set of data attributes about the data, and a risk profile data structure indicative of a vulnerability of the data in a PQC data environment. The example method further includes retrieving PQC cryptographic performance information associated with a set of PQC cryptographic techniques. The PQC cryptographic performance information may comprise a set of PQC cryptographic performance attributes for a plurality of PQC cryptographic techniques in the set of PQC cryptographic techniques. The example method further includes selecting a PQC encryption algorithm for encrypting the data based on the set of data attributes, the risk profile data structure, the PQC cryptographic performance information, and a PQC optimization machine learning model. Subsequently, the example method includes encrypting the data based on the selected PQC encryption algorithm.
Horesh et al. (US PAT. # US 11,550,961) discloses, a method for securely verifying integrity of application responses are disclosed. One example method includes receiving, from a client, an application encrypted in accordance with a fully homomorphic encryption (FHE) algorithm, generating, with a trained machine learning model associated with the FHE algorithm, a plurality of first application labels, each first application label indicating a true or false response associated with the application, inverting a randomly selected portion of the plurality of first application labels, generating a first randomly sorted list including the plurality of first application labels, transmitting the first randomly sorted list to the client, receiving a first decrypted list from the client, performing a validation of at least the first decrypted list, the validation based at least in part on the plurality of first application labels, and in response to the validation being successful, providing the client with a response to the application.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DARSHAN I DHRUV whose telephone number is (571)272-4316. The examiner can normally be reached M-F 9:00 AM-5:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached at 571-272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/DARSHAN I DHRUV/Primary Examiner, Art Unit 2498
Prosecution Insights