Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsWells Fargo Bank N A › 18828357
Last updated: April 19, 2026
Application No. 18/828,357

PASSIVE ENCRYPTION ROTATION KEYS

Non-Final OA §101§103§DP
Filed
Sep 09, 2024
Examiner
SU, SARAH
Art Unit
2431
Tech Center
2400 — Computer Networks
Assignee
Wells Fargo Bank N A
OA Round
1 (Non-Final)
80%
Grant Probability
Favorable
1-2
OA Rounds
2y 11m
To Grant
98%
With Interview

Interview Optional

+18.6% interview lift. This examiner has a relatively high allow rate; a written response may suffice.
Based on 672 resolved cases, 2023–2026

Examiner Intelligence

SU, SARAH View full profile →
Grants 80% — above average
80%
Career Allow Rate
537 granted / 672 resolved
+21.9% vs TC avg
Strong +19% interview lift
Without
With
+18.6%
Interview Lift
resolved cases with interview
Typical timeline
2y 11m
Avg Prosecution
17 currently pending
Career history
689
Total Applications
across all art units

Statute-Specific Performance

§101
11.3%
-28.7% vs TC avg
§103
50.4%
+10.4% vs TC avg
§102
19.5%
-20.5% vs TC avg
§112
8.8%
-31.2% vs TC avg
Black line = Tech Center average estimate • Based on career data from 672 resolved cases

Office Action

§101 §103 §DP
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Claims 1-20 are presented for examination. Priority The claim for priority from US application 17/563,638, now US Patent 12,088,711, filed on 28 December 2021, which claims priority from US application 16/382,106, now US Patent 11,240,022, filed on 11 April 2019 is duly noted. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The claim(s) recite(s) rotating a symmetric key, and providing the rotated symmetric key to a client server. The limitation of rotating a symmetric key, as drafted, is a process that, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components. That is, other than reciting “a key management server,” nothing in the claim element precludes the step from practically being performed in the mind. For example, but for the “key management server” language, “rotating” in the context of this claim encompasses the user manually rotating a symmetric key. This judicial exception is not integrated into a practical application because a key management server and providing the key to a client server do not add a meaningful limitation to the abstract idea because they amount to simply implementing the abstract idea on a computer and transmitting the key. The claim is directed to an abstract idea. The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into an abstract application, the additional element of a key management server and transmitting a key amount to no more than mere instructions to apply the exception using a computer and transmitting a key which is a routine, conventional computer function and cannot provide an inventive concept. The claim is not patent eligible. Double Patenting The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13. The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer. Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-17 of U.S. Patent No. 11,240,022. Although the claims at issue are not identical, they are not patentably distinct from each other because the instant claims are anticipated by the ‘022 Patent. US Application 18/828,357 US Patent 11,240,022 1. A method, comprising: rotating, by a key management server, a symmetric key to generate a rotated symmetric key, wherein rotating the symmetric key comprises performing a bitwise shifting process based on at least one of a most significant bit portion or a least significant bit portion of the symmetric key; and providing, by the key management server, the rotated symmetric key to a client server. 2. The method of claim 1, wherein the most significant bit portion comprises at least one most significant bit, the least significant bit portion comprises at least one least significant bit. 4. The method of claim 1, wherein the rotated symmetric key comprises a new least significant bit portion generated such that the rotated symmetric key has a same length as the symmetric key. 20. A non-transitory computer-readable storage device comprising instructions that, when executed by one or more processors of a key management server, cause the one or more processors to perform operations, comprising: rotate a symmetric key to generate a rotated symmetric key, wherein rotating the symmetric key comprises performing a bitwise shifting process based on at least one of a most significant bit portion or a least significant bit portion of the symmetric key; and provide the rotated symmetric key to a client server. 1. A method for a key management server to manage cryptographic key rotation, the method comprising: rotating, by the key management server, an initial symmetric key based on a first schedule, the first schedule being generated by the key management server and provided to a first client server; wherein rotating the initial symmetric key comprises shifting bits of the initial symmetric key in a bitwise shifting process to create a rotated key, the rotated key being different from the initial symmetric key, the bitwise shifting process comprising: removing a most significant bits portion; shifting a least significant bits portion to replace the most significant bits portion; and adding a new least significant bits portion such that the rotated key is the same length as the initial symmetric key, the new least significant bits portion being generated by a hash function of the initial symmetric key. 3. The method of claim 1, wherein a remaining bit portion of the symmetric key comprises bits that are neither the most significant bit nor the at least one least significant bit. 14. The system of claim 12, wherein a remaining bit portion of the symmetric key comprises bits that are neither the most significant bit nor the at least one least significant bit. 2. The method of claim 1, wherein the initial symmetric key comprises the most significant bits portion, the least significant bits portion, and a remaining bits portion, the most significant bits portion comprising at least one most significant bit, the least significant bits portion comprising at least one least significant bit, and the remaining bits portion comprising bits that are neither the at least one most significant bit nor the at least one least significant bit. 5. The method of claim 1, wherein the bitwise shifting process comprises: removing the most significant bit portion; shifting the least significant bit portion and a remaining bits portion to replace the removed most significant bit portion; and adding the removed most significant bit portion to the rotated symmetric key such that the rotated symmetric key has a same length as the symmetric key. 3. The method of claim 2, wherein the bitwise shifting process comprises: removing the most significant bits portion; shifting the least significant bits portion and the remaining bits portion to replace the removed most significant bits portion; and adding the removed most significant bits portion to the rotated key such that the rotated key is the same length as the initial symmetric key. 6. The method of claim 1, wherein the bitwise shifting process comprises: removing the least significant bit portion; shifting the most significant bit portion and a remaining bits portion to replace the removed least significant bit portion; and adding a new most significant bit portion such that the rotated symmetric key has a same length as the symmetric key. 4. The method of claim 2, wherein the bitwise shifting process comprises: removing the least significant bits portion; shifting the most significant bits portion and the remaining bits portion to replace the removed least significant bits portion; and adding a new most significant bits portion such that the rotated key is the same length as the initial symmetric key. 7. The method of claim 1, the symmetric key is rotated based on a number of transmissions sent between the client server and the key management server. 5. The method of claim 1, wherein the first schedule defines when the rotated key is rotated based on a number of transmissions sent between the first client server and the key management server. 8. The method of claim 1, wherein the symmetric key is rotated based on a calendar date. 6. The method of claim 1, wherein the first schedule defines when the rotated key is rotated based on a calendar date. 9. The method of claim 1, wherein the symmetric key is rotated in response to executing a negotiation handshake, the negotiation handshake comprising confirmation from the key management server and the client server that the rotated symmetric key is rotated before sending a data transmission. 19. The system of claim 12, wherein the symmetric key is rotated in response to executing a negotiation handshake, the negotiation handshake comprising confirmation from the key management server and the client server that the rotated symmetric key is rotated before sending a data transmission. 7. The method of claim 1, wherein the rotated key is rotated when the key management server and a client server execute a negotiation handshake, the negotiation handshake comprising confirmation from the key management server and the first client server that the rotated key is rotated before sending a data transmission. 10. The method of claim 1, further comprising: providing, by the key management server, a symmetric key to a second client server; generating, by the key management server, a schedule for rotating the symmetric key of the second client server; and providing, by the key management server, the schedule to the second client server. 8. The method of claim 1, further comprising: providing, by the key management server, the initial symmetric key to a second client server; generating, by the key management server, a second schedule for rotating the initial symmetric key for the second client server, the first schedule being different from the second schedule; and providing, by the key management server, the second schedule to the second client server. 11. The method of claim 10, wherein rotating the symmetric key based on the schedule creates a unique rotated key. 9. The method of claim 8, wherein rotating the initial symmetric key based on the first schedule creates a first unique rotated key and rotating the initial symmetric key based on the second schedule creates a second unique rotated key, the first unique rotated key being different from the second unique rotated key. 12. A system for managing cryptographic key rotation, comprising: a key management server comprising one or more processors coupled to memory, the one or more processors configured to: rotate a symmetric key to generate a rotated symmetric key, wherein rotating the symmetric key comprises performing a bitwise shifting process based on at least one of a most significant bit portion or a least significant bit portion of the symmetric key; and provide the rotated symmetric key to a client server. 13. The system of claim 12, wherein the most significant bit portion comprises at least one most significant bit, the least significant bit portion comprises at least one least significant bit. 15. The system of claim 12, wherein the rotated symmetric key comprises a new least significant bit portion generated such that the rotated symmetric key has a same length as the symmetric key. 17. The system of claim 12, wherein the bitwise shifting process comprises: removing the least significant bit portion; shifting the most significant bit portion and a remaining bits portion to replace the removed least significant bit portion; and adding a new most significant bit portion such that the rotated symmetric key has a same length as the symmetric key. 13. A method for a client server to manage cryptographic key rotation, the method comprising: rotating, by the client server, an initial symmetric key based on a schedule, wherein rotating the initial symmetric key comprises shifting bits of the initial symmetric key in a bitwise shifting process to create a rotated key, the rotated key being different from the initial symmetric key, the bitwise shifting process comprising: removing a most significant bits portion; shifting a least significant bits portion to replace the most significant bits portion; and adding a new least significant bits portion such that the rotated key is the same length as the initial symmetric key, the new least significant bits portion being generated by a hash function of the initial symmetric key; deciphering, by the client server, data sent from a key management server using the rotated key; and providing, to a user, the deciphered data. 16. The system of claim 12, wherein the bitwise shifting process comprises: removing the most significant bit portion; shifting the least significant bit portion and a remaining bits portion to replace the removed most significant bit portion; and adding the removed most significant bit portion to the rotated symmetric key such that the rotated symmetric key has a same length as the symmetric key. 15. The method of claim 14, wherein the bitwise shifting process comprises: removing the most significant bits portion; shifting the least significant bits portion and the remaining bits portion to replace the removed most significant bits portion; and adding the removed most significant bits portion to the rotated key such that the rotated key is the same length as the initial symmetric key. 18. The system of claim 12, the symmetric key is rotated based on at least one of: a number of transmissions sent between the client server and the key management server; or a calendar date. 16. The method of claim 13, wherein the schedule defines when the rotated key is rotated based on a number of transmissions sent between the client server and the key management server. 17. The method of claim 13, wherein the schedule defines when the rotated key is rotated based on a calendar date. Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 12,088,711. Although the claims at issue are not identical, they are not patentably distinct from each other because the instant claims are anticipated by the ‘711 Patent. US Application 18/828,357 US Patent 12,088,711 1. A method, comprising: rotating, by a key management server, a symmetric key to generate a rotated symmetric key, wherein rotating the symmetric key comprises performing a bitwise shifting process based on at least one of a most significant bit portion or a least significant bit portion of the symmetric key; and providing, by the key management server, the rotated symmetric key to a client server. 1. A method for managing cryptographic key rotation, comprising: rotating, by a key management server, a symmetric key based on a first schedule to generate a rotated symmetric key, wherein rotating the symmetric key comprises performing a bitwise shifting process comprising: replacing a most significant bits portion with a least significant bits portion; and generating a new least significant bits portion based on a hash function of the symmetric key; and providing, by the key management server, the rotated symmetric key to a client server based on a schedule. 2. The method of claim 1, wherein the most significant bit portion comprises at least one most significant bit, the least significant bit portion comprises at least one least significant bit. 3. The method of claim 1, wherein a remaining bit portion of the symmetric key comprises bits that are neither the most significant bit nor the at least one least significant bit. 2. The method of claim 1, wherein the most significant bits portion comprises at least one most significant bit, the least significant bits portion comprises at least one least significant bit, and a remaining bits portion comprises bits that are neither the at least one most significant bit nor the at least one least significant bit. 4. The method of claim 1, wherein the rotated symmetric key comprises a new least significant bit portion generated such that the rotated symmetric key has a same length as the symmetric key. 3. The method of claim 2, wherein the new least significant bits portion is generated such that the rotated symmetric key is the same length as the symmetric key. 5. The method of claim 1, wherein the bitwise shifting process comprises: removing the most significant bit portion; shifting the least significant bit portion and a remaining bits portion to replace the removed most significant bit portion; and adding the removed most significant bit portion to the rotated symmetric key such that the rotated symmetric key has a same length as the symmetric key. 4. The method of claim 2, wherein the bitwise shifting process comprises: removing the most significant bits portion; shifting the least significant bits portion and the remaining bits portion to replace the removed most significant bits portion; and adding the removed most significant bits portion to the rotated symmetric key such that the rotated symmetric key is the same length as the symmetric key. 6. The method of claim 1, wherein the bitwise shifting process comprises: removing the least significant bit portion; shifting the most significant bit portion and a remaining bits portion to replace the removed least significant bit portion; and adding a new most significant bit portion such that the rotated symmetric key has a same length as the symmetric key. 5. The method of claim 2, wherein the bitwise shifting process comprises: removing the least significant bits portion; shifting the most significant bits portion and the remaining bits portion to replace the removed least significant bits portion; and adding a new most significant bits portion such that the rotated symmetric key is the same length as the symmetric key. 7. The method of claim 1, the symmetric key is rotated based on a number of transmissions sent between the client server and the key management server. 6. The method of claim 1, wherein the first schedule defines when the symmetric key is rotated based on a number of transmissions sent between the client server and the key management server. 8. The method of claim 1, wherein the symmetric key is rotated based on a calendar date. 7. The method of claim 1, wherein the first schedule defines when the symmetric key is rotated based on a calendar date. 9. The method of claim 1, wherein the symmetric key is rotated in response to executing a negotiation handshake, the negotiation handshake comprising confirmation from the key management server and the client server that the rotated symmetric key is rotated before sending a data transmission. 8. The method of claim 1, wherein the symmetric key is rotated when the key management server and a client server execute a negotiation handshake, the negotiation handshake comprising confirmation from the key management server and the client server that the rotated symmetric key is rotated before sending a data transmission. 10. The method of claim 1, further comprising: providing, by the key management server, a symmetric key to a second client server; generating, by the key management server, a schedule for rotating the symmetric key of the second client server; and providing, by the key management server, the schedule to the second client server. 9. The method of claim 1, further comprising: providing, by the key management server, an initial symmetric key to a second client server; generating, by the key management server, a second schedule for rotating the initial symmetric key for the second client server, the first schedule being different from the second schedule; and providing, by the key management server, the second schedule to the second client server. 11. The method of claim 10, wherein rotating the symmetric key based on the schedule creates a unique rotated key. 10. The method of claim 9, wherein rotating the symmetric key based on the first schedule creates a first unique rotated key and rotating the symmetric key based on the second schedule creates a second unique rotated key, the first unique rotated key being different from the second unique rotated key. 12. A system for managing cryptographic key rotation, comprising: a key management server comprising one or more processors coupled to memory, the one or more processors configured to: rotate a symmetric key to generate a rotated symmetric key, wherein rotating the symmetric key comprises performing a bitwise shifting process based on at least one of a most significant bit portion or a least significant bit portion of the symmetric key; and provide the rotated symmetric key to a client server. 11. A system for managing cryptographic key rotation, comprising: a key management server comprising one or more processors coupled to memory, the one or more processors configured to: rotate a symmetric key based on a first schedule to generate a rotated symmetric key, wherein rotating the symmetric key comprises performing a bitwise shifting process comprising: replacing a most significant bits portion with a least significant bits portion; and generating a new least significant bits portion based on a hash function of the symmetric key; and provide the rotated symmetric key to a client server based on a schedule. 13. The system of claim 12, wherein the most significant bit portion comprises at least one most significant bit, the least significant bit portion comprises at least one least significant bit. 14. The system of claim 12, wherein a remaining bit portion of the symmetric key comprises bits that are neither the most significant bit nor the at least one least significant bit. 12. The system of claim 11, wherein the most significant bits portion comprises at least one most significant bit, the least significant bits portion comprises at least one least significant bit, and a remaining bits portion comprises bits that are neither the at least one most significant bit nor the at least one least significant bit. 15. The system of claim 12, wherein the rotated symmetric key comprises a new least significant bit portion generated such that the rotated symmetric key has a same length as the symmetric key. 13. The system of claim 12, wherein the new least significant bits portion is generated such that the rotated symmetric key is the same length as the symmetric key. 16. The system of claim 12, wherein the bitwise shifting process comprises: removing the most significant bit portion; shifting the least significant bit portion and a remaining bits portion to replace the removed most significant bit portion; and adding the removed most significant bit portion to the rotated symmetric key such that the rotated symmetric key has a same length as the symmetric key. 14. The system of claim 12, wherein the bitwise shifting process comprises: removing the most significant bits portion; shifting the least significant bits portion and the remaining bits portion to replace the removed most significant bits portion; and adding the removed most significant bits portion to the rotated symmetric key such that the rotated symmetric key is the same length as the symmetric key. 17. The system of claim 12, wherein the bitwise shifting process comprises: removing the least significant bit portion; shifting the most significant bit portion and a remaining bits portion to replace the removed least significant bit portion; and adding a new most significant bit portion such that the rotated symmetric key has a same length as the symmetric key. 15. The system of claim 12, wherein the bitwise shifting process comprises: removing the least significant bits portion; shifting the most significant bits portion and the remaining bits portion to replace the removed least significant bits portion; and adding a new most significant bits portion such that the rotated symmetric key is the same length as the symmetric key. 18. The system of claim 12, the symmetric key is rotated based on at least one of: a number of transmissions sent between the client server and the key management server; or a calendar date. 16. The system of claim 11, wherein the first schedule defines when the symmetric key is rotated based on a number of transmissions sent between the client server and the key management server. 17. The system of claim 11, wherein the first schedule defines when the symmetric key is rotated based on a calendar date. 19. The system of claim 12, wherein the symmetric key is rotated in response to executing a negotiation handshake, the negotiation handshake comprising confirmation from the key management server and the client server that the rotated symmetric key is rotated before sending a data transmission. 18. The system of claim 11, wherein the symmetric key is rotated when the key management server and a client server execute a negotiation handshake, the negotiation handshake comprising confirmation from the key management server and the client server that the rotated symmetric key is rotated before sending a data transmission. 20. A non-transitory computer-readable storage device comprising instructions that, when executed by one or more processors of a key management server, cause the one or more processors to perform operations, comprising: rotate a symmetric key to generate a rotated symmetric key, wherein rotating the symmetric key comprises performing a bitwise shifting process based on at least one of a most significant bit portion or a least significant bit portion of the symmetric key; and provide the rotated symmetric key to a client server. 20. A non-transitory computer-readable storage device comprising instructions that, when executed by one or more processors of a key management server, cause the one or more processors to perform operations, comprising: rotating a symmetric key based on a first schedule to generate a rotated symmetric key, wherein rotating the symmetric key comprises performing a bitwise shifting process comprising: replacing a most significant bits portion with a least significant bits portion; and generating a new least significant bits portion based on a hash function of the symmetric key; and providing the rotated symmetric key to a client server based on a schedule. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention. Claim(s) 1-6, 8, 12-18, and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Filippi (US 2003/0210783 A1) in view of Lillie et al. (US 2006/0251258 A1 and Lillie hereinafter). As to claims 1 and 20, Filippi discloses a system and method for encryption, the system and method having: rotating, by a key management server, a symmetric key to generate a rotated symmetric key, wherein rotating the symmetric key comprises performing a bitwise shifting process based on at least one of a most significant bit portion or a least significant bit portion of the symmetric key (0041, lines 1-7). Filippi fails to specifically disclose: providing, by the key management server, the rotated symmetric key to a client server. Nonetheless, this feature is well known in the art and would have been an obvious modification of the teachings disclosed by Filippi, as taught by Lillie. Lillie discloses a system and method for updating security criteria in wireless networks, the system and method having; providing, by the key management server, the rotated symmetric key to a client server (0090, lines 1-5). Given the teaching of Lillie, a person having ordinary skill in the art before the effective filing date of the claimed invention would have readily recognized the desirability and advantages of modifying the teachings of Filippi with the teachings of Lillie by providing the rotated symmetric key to a client server. Lillie recites motivation by disclosing that providing a rotated symmetric key to a client server in order to keep a key up to date and reduce the ability of a hacker to use a key in a malicious or unauthorized fashion (0089-0090). It is obvious that the teachings of Lillie would have improved the teachings of Filippi by providing the rotated key to a server in order to update keys and provide increased security. As to claim 12, Filippi discloses: a key management server comprising one or more processors coupled to memory, the one or more processors configured to: rotate a symmetric key to generate a rotated symmetric key, wherein rotating the symmetric key comprises performing a bitwise shifting process based on at least one of a most significant bit portion or a least significant bit portion of the symmetric key (0041, lines 1-7). Filippi fails to specifically disclose: provide the rotated symmetric key to a client server. Nonetheless, this feature is well known in the art and would have been an obvious modification of the teachings disclosed by Filippi, as taught by Lillie. Lillie discloses; provide the rotated symmetric key to a client server (0090, lines 1-5). Given the teaching of Lillie, a person having ordinary skill in the art before the effective filing date of the claimed invention would have readily recognized the desirability and advantages of modifying the teachings of Filippi with the teachings of Lillie by providing the rotated symmetric key to a client server. Please refer to the motivation recited above with respect to claims 1 and 20 above as to why it is obvious to apply the teachings of Lillie to the teachings of Filippi. As to claims 2 and 13, Filippi discloses: wherein the most significant bit portion comprises at least one most significant bit, the least significant bit portion comprises at least one least significant bit (0041, lines 1-7). As to claims 3 and 14, Filippi discloses: wherein a remaining bit portion of the symmetric key comprises bits that are neither the most significant bit nor the at least one least significant bit (0041, lines 1-7). As to claims 4 and 15, Filippi discloses: wherein the rotated symmetric key comprises a new least significant bit portion generated such that the rotated symmetric key has a same length as the symmetric key (0041, lines 1-7). As to claims 5 and 16, Filippi discloses: wherein the bitwise shifting process comprises: removing the most significant bit portion; shifting the least significant bit portion and a remaining bits portion to replace the removed most significant bit portion; and adding the removed most significant bit portion to the rotated symmetric key such that the rotated symmetric key has a same length as the symmetric key (0051, lines 1-7). As to claims 6 and 17, Filippi discloses: wherein the bitwise shifting process comprises: removing the least significant bit portion; shifting the most significant bit portion and a remaining bits portion to replace the removed least significant bit portion; and adding a new most significant bit portion such that the rotated symmetric key has a same length as the symmetric key (0041, lines 1-7). As to claim 8, Filippi fails to specifically disclose: wherein the symmetric key is rotated based on a calendar date. Nonetheless, this feature is well known in the art and would have been an obvious modification of the teachings disclosed by Filippi, as taught by Lillie. Lillie discloses: wherein the symmetric key is rotated based on a calendar date (0092, lines 10-12). Given the teaching of Lillie, a person having ordinary skill in the art before the effective filing date of the claimed invention would have readily recognized the desirability and advantages of modifying the teachings of Filippi with the teachings of Lillie by providing the rotating based on a calendar date. Please refer to the motivation recited above with respect to claims 1 and 20 above as to why it is obvious to apply the teachings of Lillie to the teachings of Filippi. As to claim 18, Filippi fails to specifically disclose: the symmetric key is rotated based on at least one of: a number of transmissions sent between the client server and the key management server; or a calendar date. Nonetheless, this feature is well known in the art and would have been an obvious modification of the teachings disclosed by Filippi, as taught by Lillie. Lillie discloses: the symmetric key is rotated based on at least one of: a number of transmissions sent between the client server and the key management server; or a calendar date (0092, lines 10-12). Given the teaching of Lillie, a person having ordinary skill in the art before the effective filing date of the claimed invention would have readily recognized the desirability and advantages of modifying the teachings of Filippi with the teachings of Lillie by providing the rotating based on a calendar date. Please refer to the motivation recited above with respect to claims 1 and 20 above as to why it is obvious to apply the teachings of Lillie to the teachings of Filippi. Claim(s) 7 is/are rejected under 35 U.S.C. 103 as being unpatentable over Filippi in view of Lillie as applied to claim 1 above, and further in view of Ja et al. (US 2019/0245687 A1 and Ja hereinafter). As to claim 7, Filippi fails to specifically disclose: the symmetric key is rotated based on a number of transmissions sent between the client server and the key management server. Nonetheless, this feature is well known in the art and would have been an obvious modification of the teachings disclosed by Filippi in view of Lillie, as taught by Ja. Ja discloses a system and method for providing quality of service during transport key rotation at a distributed management controller group, the system and method having: the symmetric key is rotated based on a number of transmissions sent between the client server and the key management server (0048, lines 1-6). Given the teaching of Ja, a person having ordinary skill in the art before the effective filing date of the claimed invention would have readily recognized the desirability and advantages of modifying the teachings of Filippi in view of Lillie with the teachings of Ja by rotating based on a number of transmissions. Ja recites motivation by disclosing that rotating a key based on transmissions ensures keys are updated, thus increasing security of the key (0048). It is obvious that the teachings of Ja would have improved the teachings of Filippi in view of Lillie by rotating a key based on a number of transmissions in order to ensure updated keys and increasing security. Prior Art Made of Record The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Chhabra et al. (CN 112149146 A) discloses a system and method for deterministic encryption key alternate. Keselman et al. (US Patent 12,212,666 B2) discloses a system and method for cryptographic key generation for logically sharded data stores. Oberheide et al. (US Patent 9,774,579 B2) discloses a system and method for key rotation. Vald et al. (US Patent 12,494,917 B1) discloses a system and method for privacy-preserving authenticated key rotation. Vishwakarma et al. (US 2023/0275756 A1) discloses a system and method for adaptive key rotation based on critical data in storage. Wei et al. (US 2022/0182222 A1) discloses a system and method for generating and initiating pre-signed transaction requests for flexibility and efficiently implementing secure cryptographic key management. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to SARAH SU whose telephone number is (571)270-3835. The examiner can normally be reached 6:30 AM - 3:00 PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached at 571-272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /SARAH SU/Primary Examiner, Art Unit 2431
Read full office action

Prosecution Timeline

Sep 09, 2024
Application Filed
Feb 06, 2026
Non-Final Rejection — §101, §103, §DP (current)

Precedent Cases

Applications granted by this same examiner with similar technology

18/370,610
Patent 12587547
CONNECTION DESTINATION MALIGNANCY DETERMINATION SYSTEM, CONNECTION DESTINATION MALIGNANCY DETERMINATION PROGRAM, AND CONNECTION DESTINATION MALIGNANCY DETERMINATION METHOD
2y 5m to grant Granted Mar 24, 2026
18/328,013
Patent 12580942
System and Method for Network Penetration Testing
2y 5m to grant Granted Mar 17, 2026
18/470,229
Patent 12580944
INHERITING SECURITY RISKS FOR CLOUD ENTITIES IN A CLOUD COMPUTING SYSTEM
2y 5m to grant Granted Mar 17, 2026
18/834,858
Patent 12574404
METHODS AND APPARATUS FOR ENHANCED SECURITY IN FEDERATED LEARNING MACHINE LEARNING OPERATIONS IN A COMMUNICATION NETWORK
2y 5m to grant Granted Mar 10, 2026
18/279,858
Patent 12563079
SYSTEMS, METHODS, AND COMPUTER PROGRAMS FOR DETERMINING A VULNERABILITY OF A NETWORK NODE
2y 5m to grant Granted Feb 24, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

1-2
Expected OA Rounds
80%
Grant Probability
98%
With Interview (+18.6%)
2y 11m
Median Time to Grant
Low
PTA Risk
Based on 672 resolved cases by this examiner. Grant probability derived from career allow rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month