Prosecution Insights
Last updated: July 17, 2026
Application No. 18/848,288

PRIVATE-SET INTERSECTION OF UNBALANCED DATASETS

Non-Final OA §102§103§112
Filed
Sep 18, 2024
Priority
Mar 28, 2022 — provisional 63/324,498 +1 more
Examiner
WADE-WRIGHT, SHAQUEAL D
Art Unit
2407
Tech Center
2400 — Computer Networks
Assignee
Visa International Service Association
OA Round
1 (Non-Final)
85%
Grant Probability
Favorable
1-2
OA Rounds
6m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 85% — above average
85%
Career Allowance Rate
386 granted / 454 resolved
+27.0% vs TC avg
Strong +18% interview lift
Without
With
+18.2%
Interview Lift
resolved cases with interview
Typical timeline
2y 4m
Avg Prosecution
18 currently pending
Career history
466
Total Applications
across all art units

Statute-Specific Performance

§101
6.5%
-33.5% vs TC avg
§103
76.7%
+36.7% vs TC avg
§102
1.2%
-38.8% vs TC avg
§112
9.4%
-30.6% vs TC avg
Black line = Tech Center average estimate • Based on career data from 454 resolved cases

Office Action

§102 §103 §112
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Information Disclosure Statement The information disclosure statements (IDS) submitted on 09/18/2024 & 06/05/2025 are is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statements are being considered by the examiner. Claim Objections Claims 1 and 6 are objected to because of the following informalities: The claim limitation “the server data set” in lines 4 & 6 should be amended to recite “the server dataset” to correspond with the other claim limitation. Appropriate correction is required. Claims 2-3, 5, 7, 9-10 and 12-20 are objected to because of the following informalities: The claims should be amended to include a comma after the claim it depends upon (i.e. claim 1,) to provide better quality. Appropriate correction is required. Claim Rejections - 35 USC § 112 Claim 1 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Claim 1 recites the limitation "the second OPRF" in line 16. There is insufficient antecedent basis for this limitation in the claim. For examination purposes, the limitation is interpretated as a second OPRF. Claim Rejections - 35 USC § 102 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention. Claim(s) 6 is rejected under 35 U.S.C. 102(a)(1) as being anticipated by Triandopoulos et al. (US Patent No. 10,635,824). Regarding independent claim 6, Triandopoulos teaches a server computer system comprising: a communication interface configured to communicate with a client computer system; a memory to store a first set that is private to the server computer system; and a processor coupled to the memory and configured to: prepare, based on a server dataset having a plurality of elements, an array having a plurality of array locations, wherein preparing the array includes (Triandopoulos, column 9, line 50-column 10, line 46 and column 15, lines 12- 60; server uses bloom filter to compute hash of each element by creating an array and using the hash functions for each element) for each element in the server data set: computing a plurality of hash values using a plurality of hash functions (Triandopoulos, column 9, line 50-column 10, line 46 and column 15, lines 12- 60; server uses bloom filter to compute hash of each element by creating an array and using the hash functions for each element); and updating one or more of the array locations based on the hash values (Triandopoulos, column 9, line 50-column 10, line 46 and column 15, lines 12- 60; k positions); receiving from the client computer system, using a private information retrieval (PIR) protocol that provides additive homomorphic encryption, a request to retrieve data from a plurality of the array locations corresponding to a plurality of encrypted hash values corresponding to an element of a client dataset (Triandopoulos, column 9, line 50-column 10, line 46 column 7, line 54-column 8, line 27 and column 15, lines 12- 60; PIR scheme to receive k bits from server/ client query; client computation using bloom filter [additive homomorphic encryption] mapping elements to hash functions/encrypted versions); compute, using the PIR protocol, a PIR response based on the array and the encrypted hash values, wherein computing the PIR response includes; retrieving a plurality of encrypted elements from the array using the PIR protocol and computing a sum of the encrypted elements (Triandopoulos, column 9, line 50-column 10, line 46 column 7, line 54-column 8, line 27 and column 15, lines 12- 60; server sends response to client; aggregates the encrypted version/hash; sum aggregation); and transmit the PIR response to the client computer system using the PIR protocol (Triandopoulos, column 9, line 50-column 10, line 46 column 7, line 54-column 8, line 27 and column 15, lines 12- 60; client receives response from server), wherein the PIR response is usable by the client computer system to determine whether the element of the client dataset is also in the server dataset (Triandopoulos, column 3, lines 46-49, column 6, lines 5-34, column 9, line 50-column 10, line 46 column 7, line 54-column 8, line 27 and column 15, lines 12- 60; client determines whether an element is in a data set of server). Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1-3 and 5 are rejected under 35 U.S.C. 103 as being unpatentable over Triandopoulos et al. (US Patent No. 10,635,824) in view of Hoang et al. (US Patent No. 11,816,212). Regarding independent claim 1, Triandopoulos teaches a method performed by a server computer system, the method comprising: preparing, based on a server dataset having a plurality of elements, an array having a plurality of array locations, wherein preparing the array includes (Triandopoulos, column 9, line 50-column 10, line 46 and column 15, lines 12- 60; server uses bloom filter to compute hash of each element by creating an array and using the hash functions for each element) for each element in the server data set: executing a first oblivious pseudorandom function (OPRF) process with the server computer system as initiator and a client computer system as responder to generate an encrypted element (Triandopoulos, column 9, line 50-column 10, line 46 and column 15, lines 12- 60; bloom filter); computing a plurality of at least three hash values using a plurality of at least three hash functions (Triandopoulos, column 9, line 50-column 10, line 46 and column 15, lines 12- 60; server uses bloom filter to compute hash of each element by creating an array and using the hash functions for each element); and updating one or more of the array locations based on the hash values Triandopoulos, column 9, line 50-column 10, line 46 and column 15, lines 12- 60; k positions); receiving from the client computer system, using a private information retrieval (PIR) protocol, a request to retrieve data from a plurality of the array locations corresponding to a plurality of encrypted hash values corresponding to an element of a client dataset, wherein the encrypted hash values were generated using the second OPRF process and the at least three hash functions (Triandopoulos, column 9, line 50-column 10, line 46 column 7, line 54-column 8, line 27 and column 15, lines 12- 60; PIR scheme to receive k bits from server/ client query; client computation using bloom filter [additive homomorphic encryption] mapping elements to hash functions/encrypted versions); computing, using the PIR protocol, a PIR response based on the array and the encrypted hash values (Triandopoulos, column 9, line 50-column 10, line 46 column 7, line 54-column 8, line 27 and column 15, lines 12- 60; server sends response to client); and transmitting the PIR response to the client computer system using the PIR protocol (Triandopoulos, column 9, line 50-column 10, line 46 column 7, line 54-column 8, line 27 and column 15, lines 12- 60; client receives response from server), wherein the PIR response is usable by the client computer system to determine whether the element of the client dataset is also in the server dataset (Triandopoulos, column 3, lines 46-49, column 6, lines 5-34, column 9, line 50-column 10, line 46 column 7, line 54-column 8, line 27 and column 15, lines 12- 60; client determines whether an element is in a data set of server). Triandopoulos teaching computing hash to get k positions in the bit array (Triandopoulos, column 9, line 50-column 10, line 46 and column 15, lines 12- 60) but does not explicitly teach updating one or more of the array locations based on the hash values using cuckoo hashing. Hoang teaches updating one or more of the array locations based on the hash values using cuckoo hashing (Hoang, column 6, lines 19-55; cuckoo hashing into a predefined number of bins). It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Triandopoulos with the teaching of Hoang to use cuckoo hashing to provide the advantage of improving detection & prevention of malware or exploitation (Hoang, column 1, lines 18-29). Regarding claim 2, Triandopoulos in view of Hoang teaches the method wherein the PIR protocol supports batch requests and wherein all of the encrypted hash values corresponding to the element of the client dataset are requested in a single request (Triandopoulos, column 15, line 62-column 16, line 5). Regarding claim 3, Triandopoulos in view of Hoang teaches each and every claim limitation of claim 1, however, Hoang teaches the method wherein the array is populated using cuckoo hashing with at least three hash functions(Hoang, column 6, lines 19-55; cuckoo hashing into a predefined number of bins). It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Triandopoulos with the teaching of Hoang to use cuckoo hashing to provide the advantage of improving detection & prevention of malware or exploitation (Hoang, column 1, lines 18-29). Regarding claim 5, Triandopoulos in view of Hoang teaches the method further comprising: prior to receiving the request from the client computer system, executing a second OPRF process with the client computer system to generate an encrypted element corresponding to an element in the client dataset, wherein the client computer system initiates second OPRF process (Triandopoulos, column 16, lines 28-51 and column 7, line 54-column 8, line 24). Claim(s) 7, 9-17 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Triandopoulos et al. (US Patent No. 10,635,824) in view of Covaci et al. (US Patent No. 12,346,298). Regarding claim 7, Triandopoulos teaches each and every claim limitation of claim 6. Triandopoulos does not explicitly teach the system wherein the array is an inverted Bloom filter for the server dataset. Covaci teaches wherein the array is an inverted Bloom filter for the server dataset (Covaci, column 23, line 40-column 24, line 26; IBF/IBLT). It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Triandopoulos with the teaching of Covaci to use IBF/IBLT to provide the advantage of improving security by keep track and maintaining order of the items to filtered (Covaci, column 24, lines 15-26). Regarding claim 9, Triandopoulos in view of Covaci teaches the system wherein the processor is further configured such that transmitting the PIR response includes transmitting the sum (Triandopoulos, column 9, line 50-column 10, line 46 column 7, line 54-column 8, line 27 and column 15, lines 12- 60; server sends response to client; aggregates the encrypted version/hash; sum aggregation). Regarding claim 10, Triandopoulos in view of Covaci teaches the system wherein the processor is further configured such that: computing the PIR response further includes computing a product of the sum multiplied by a random scaling factor; and transmitting the PIR response includes transmitting the product (Triandopoulos, column 9, line 50-column 10, line 46 column 7, line 54-column 8, line 27 and column 15, lines 12- 60; server sends response to client; aggregates the encrypted version/hash; sum aggregation). Regarding independent claim 11, Triandopoulos teaches a method performed by a client computer system, the method comprising: selecting an element from a client dataset having one or more elements (Triandopoulos, column 9, line 50-column 10, line 46 and column 15, lines 12- 60; client computation using bloom filter); computing a plurality of hash values from the element of the client dataset using a plurality of hash functions (Triandopoulos, column 9, line 50-column 10, line 46 and column 15, lines 12- 60; client computes h(x)); sending to a server computer system, using a private information retrieval (PIR) protocol, a request to retrieve, from an array stored by the server computer system, a plurality of array elements at a location defined by the plurality of hash values, wherein the array represents a server dataset (Triandopoulos, column 9, line 50-column 10, line 46 column 7, line 54-column 8, line 27 and column 15, lines 12- 60; PIR scheme to receive k bits from server/ client query; client computation using bloom filter [additive homomorphic encryption] mapping elements to hash functions/encrypted versions); receiving from the server computer system, a PIR response based on the plurality of retrieved array elements (Triandopoulos, column 9, line 50-column 10, line 46 column 7, line 54-column 8, line 27 and column 15, lines 12- 60; client receives response from server); and determining, based on the PIR response, whether the element of the client dataset is also in the server dataset. (Triandopoulos, column 3, lines 46-49, column 6, lines 5-34, column 9, line 50-column 10, line 46 column 7, line 54-column 8, line 27 and column 15, lines 12- 60; client determines whether an element is in a data set of server). Triandopoulos does not explicitly teach the array is either an inverted Bloom filter or a cuckoo hash table. Covaci teaches the array is either an inverted Bloom filter or a cuckoo hash table (Covaci, column 23, line 40-column 24, line 26; IBF/IBLT). It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Triandopoulos with the teaching of Covaci to use IBF/IBLT to provide the advantage of improving security by keep track and maintaining order of the items to filtered (Covaci, column 24, lines 15-26). Regarding claim 12, Triandopoulos in view of Covaci teaches the method wherein the only information the client computer system learns about the server data set is whether the element of the client dataset is in the server dataset (Triandopoulos, column 4, lines 61-67 an column 16, lines 22-30). Regarding claim 13, Triandopoulos in view of Covaci teaches the method wherein the PIR protocol supports batch requests and wherein all of the encrypted hash values corresponding to the element of the client dataset are requested in a single request (Triandopoulos, column 15, line 62-column 16, line 5). Regarding claim 14, Triandopoulos in view of Covaci teaches the method wherein the array stored by the server computer system is an inverted Bloom filter and wherein the PIR response includes a plurality of encrypted Bloom filter values (Covaci, column 23, line 40-column 24, line 26; IBF/IBLT; Triandopoulos, column 6, line 58- column 7, line 38). Regarding claim 15, Triandopoulos in view of Covaci teaches the method wherein determining whether the element of the client dataset is also in the server dataset includes: computing a sum of the Bloom filter values; determining that the element of the client dataset is also in the server dataset in the event that the sum is zero; and determining that the element of the client dataset is not in the server dataset in the event that the sum is different from zero (Triandopoulos, column 6, line 47- column 7, line 3, column 10, lines 47-56 and column 15, lines 36-50). Regarding claim 16, Triandopoulos in view of Covaci teaches the method wherein the array stored by the server computer system is an inverted Bloom filter, wherein the PIR protocol uses additive homomorphic encryption, and wherein the PIR response includes a sum of a plurality of encrypted Bloom filter values retrieved by the server computer system in response to the PIR request (Covaci, column 23, line 40-column 24, line 26; IBF/IBLT; Triandopoulos, column 6, line 58- column 7, line 38). Regarding claim 17, Triandopoulos in view of Covaci teaches the method wherein determining whether the element of the client dataset is also in the server dataset includes: computing a sum of the Bloom filter values; determining that the element of the client dataset is also in the server dataset in the event that the sum is zero; and determining that the element of the client dataset is not in the server dataset in the event that the sum is different from zero (Triandopoulos, column 6, line 47- column 7, line 3, column 10, lines 47-56 and column 15, lines 36-50). Regarding claim 20, Triandopoulos in view of Covaci teaches the method wherein the array stored by the server computer system is an inverted Bloom filter and wherein the PIR response includes a value that is zero in the event that each of the plurality of hash values matched an entry in the inverted Bloom filter and nonzero in the event that at least one of the plurality of hash values did not match an entry in the inverted Bloom filter (Covaci, column 23, line 40-column 24, line 26; IBF/IBLT; Triandopoulos, column 6, line 47- column 7, line 38 and column 10, lines 20-33). Claim(s) 18-19 are rejected under 35 U.S.C. 103 as being unpatentable over Triandopoulos et al. (US Patent No. 10,635,824) in view of Covaci et al. (US Patent No. 12,346,298) and in further view of Hoang et al. (US Patent No. 11,816,212). Regarding claim 18, Triandopoulos in view of Covaci teaches each and every claim limitation of claim 11. Triandopoulos in view of Covaci does not explicitly teach the method wherein the array stored by the server computer system is a cuckoo hash table wherein the array elements store encrypted versions of the elements of the server dataset and wherein the PIR response includes a plurality of values representing entries at locations in the cuckoo hash table that correspond to the hash values sent to the server computer system. Hoang teaches wherein the array stored by the server computer system is a cuckoo hash table wherein the array elements store encrypted versions of the elements of the server dataset and wherein the PIR response includes a plurality of values representing entries at locations in the cuckoo hash table that correspond to the hash values sent to the server computer system (Hoang, column 6, lines 19-55; cuckoo hashing into a predefined number of bins). It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Triandopoulos in view of Covaci with the teaching of Hoang to use cuckoo hashing to provide the advantage of improving detection & prevention of malware or exploitation (Hoang, column 1, lines 18-29). Regarding claim 19, Triandopoulos in view of Covaci and in further view of Hoang teaches the method further comprising: prior to sending the request to the server computer system, performing an oblivious pseudorandom function (OPRF) protocol with the server computer system to generate an encrypted server element corresponding to each element in the server dataset, wherein the server computer system initiates the OPRF protocol; and prior to sending the request to the server computer system, performing the OPRF protocol with the server computer system to generate an encrypted client element corresponding to the selected element from the client dataset, wherein the client computer system initiates the OPRF protocol, wherein the hash values are computed from the encrypted client element (Triandopoulos, column 16, lines 28-41). Prior Art The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. CEBERE et al. (US Pub No. 2022/0140996). Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHAQUEAL D WADE whose telephone number is (571)270-0357. The examiner can normally be reached M-F 8:00-5:00. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Catherine Thiaw can be reached at 571-270-1138. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /SHAQUEAL D WADE-WRIGHT/Primary Examiner, Art Unit 2407
Read full office action

Prosecution Timeline

Sep 18, 2024
Application Filed
May 08, 2026
Non-Final Rejection mailed — §102, §103, §112
Jul 05, 2026
Interview Requested
Jul 14, 2026
Applicant Interview (Telephonic)
Jul 14, 2026
Examiner Interview Summary

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12675587
SYMMETRIC AND ASYMMETRIC ENCRYPTION OF RECORDED DATA
2y 7m to grant Granted Jul 07, 2026
Patent 12665743
SYSTEMS AND METHODS FOR SECURE MULTI-PARTY COMPUTATION PROTOCOL EXECUTION USING CHECK POINTS
2y 9m to grant Granted Jun 23, 2026
Patent 12665756
JUST-IN-TIME POST-QUANTUM CRYPTOGRAPHY (PQC) KEY EXPANSION
3y 1m to grant Granted Jun 23, 2026
Patent 12664259
SCALAR MASKING COUNTERMEASURE
2y 4m to grant Granted Jun 23, 2026
Patent 12664282
CERTIFICATE UPDATE METHOD AND CERTIFICATE UPDATE SYSTEM OF DEVICE DRIVING THE SAME
2y 9m to grant Granted Jun 23, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
85%
Grant Probability
99%
With Interview (+18.2%)
2y 4m (~6m remaining)
Median Time to Grant
Low
PTA Risk
Based on 454 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month