DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 1-4 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claim 1 recites “a certification authority” in the final limitation. However, it is unclear if this is the certification authority that has been previously recited or not.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1 and 4 are rejected under 35 U.S.C. 103 as being unpatentable over Cambou et al. (Response-Based Cryptographic Methods with Ternary Physical Unclonable Functions) in view of Smith et al. (US 2019/0349426) and further in view of Bhargav-Spantzel et al. (US 2018/0183586).
Regarding claim 1, Cambou teaches a method of submitting cryptographic keys for validation by a certification authority, the method comprising:
Receiving, data indicating a set of addresses in addressable physical unclonable functions (PUF) array of PUF devices (Secure server sends instructions to the client device that incorporates the addresses Address-j1 within the PUF on where to extract responses Responses-j1 – see page 3, first bullet point and page 4 last paragraph).
Measuring a response from the PUF devices in the array having the addresses (The client devices generates Responses-j1 at the address Address-j1…thereby the same key is independently generated for encryption schemes (see page 3, 3rd bullet point and page 4 last paragraph).
Generating a cryptographic key
Cambou also does not teach that the bitstream is generated, and then the key is generated from the bitstream, or that the key is sent to a certification authority.
Smith teaches that code may be included to direct a processor to use a seed to generate a cryptographic key and to use the cryptographic key to encrypt data – see [1057] and [1070].
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Cambou by generating the key on the basis of a seed value in order to generate multiple keys with less storage, based upon the beneficial teachings provided by Smith. These modifications would result in increased optimization to the system.
Cambou teaches that the addresses are received from a secure server, but Cambout and Smith do not teach that the addresses are received from a certificate authority or sending the cryptographic key to the certification authority.
Bhargav-Spantzel teaches that attestation data is validated by a certificate authority to verify generation of a cryptographic key in compliance with authentication policy – see [0151].
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Cambou and Smith by using a certificate authority to manage and verify the cryptographic key, in order to comply with policy, based upon the beneficial teachings provided by Bhargav-Spantzel. These modifications would result in increased security.
Regarding claim 4, Bhargav-Spantzel further teaches sending a message digest to the certification authority, the message digest including a hash of bitstream key (hash of attestation value as part of authentication – see [0030] and [0151].
Claim 2 is rejected under 35 U.S.C. 103 as being unpatentable over Cambou et al. (Response-Based Cryptographic Methods with Ternary Physical Unclonable Functions) in view of Smith et al. (US 2019/0349426) and Bhargav-Spantzel et al. (US 2018/0183586), and further in view of Cao et al. (CN 103701585).
The teachings of Cambou, Smith, and Bhargav-Spantzel are relied upon for the reasons set forth above.
Regarding claim 2, Cambou, Smith, and Bhargav-Spantzel do not teach wherein generating a cryptographic key on the basis of seed bitstream K comprises using seed bitstream K to calculate key components on the basis of a Lattice or Code cryptography method.
Cao teaches a single-round of encryption key in each round in the Feistel encryption process used by the key generator. a key generator coupled by extended integer tent map, the 4 lattice points, length of each lattice point value is 32bits. generating key is as follows: selecting 4 the length of which is 32bits as the seed key – see [0082].
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Cambou, Smith, and Bhargav-Spantzel by generating the key by the seed is based on Lattice cryptography, for the purpose of inserting additional cryptographic complexity, based upon the beneficial teachings provided by Cao. These modifications would result in increased security.
Claim 3 is rejected under 35 U.S.C. 103 as being unpatentable over Cambou et al. (Response-Based Cryptographic Methods with Ternary Physical Unclonable Functions) in view of Smith et al. (US 2019/0349426) and Bhargav-Spantzel et al. (US 2018/0183586), and Cao et al. (CN 103701585), and further in view of Bailey et al. (US 8,312,519).
The teachings of Cambou, Smith, Bhargav-Spantzel, and Cao are relied upon for the reasons set forth above.
Regarding claim 3, Cambou, Smith, Bhargav-Spantzel, and Cao do not teach injecting noise into bitstream K prior to calculating the key components
Bailey teaches injecting noise for the purpose of making it harder for an attacker to realize the algorithm and seeds – see column 12 lines 4-9.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Cambou, Smith, Bhargav-Spantzel and Cao by injecting noise, for the purpose of thwarting attackers, based upon the beneficial teachings provided by Bailey. These modifications would result in increased security.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to LISA C LEWIS whose telephone number is (571)270-7724. The examiner can normally be reached Monday - Thursday 7am-2pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached at 571-272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/LISA C LEWIS/Primary Examiner, Art Unit 2495