DETAILED ACTION
This communication responsive to the Application No. 18/857,712 filed on October 17, 2024. A preliminary amendment has been filed on 10/17/2024 in which claims 7 and 8 have been amended. Claims 1-9 are pending and are directed towards Online Authentication Technology.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 10/17/2024 was Acknowledge. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Specification
The use of the term “WI-FI” in para [0006, 0019, 0030], which is a trade name or a mark used in commerce, has been noted in this application. The term should be accompanied by the generic terminology; furthermore the term should be capitalized wherever it appears or, where appropriate, include a proper symbol indicating use in commerce such as ™, SM , or ® following the term.
Although the use of trade names and marks used in commerce (i.e., trademarks, service marks, certification marks, and collective marks) are permissible in patent applications, the proprietary nature of the marks should be respected and every effort made to prevent their use in any manner which might adversely affect their validity as commercial marks.
Applicant is reminded of the proper content of an abstract of the disclosure.
A patent abstract is a concise statement of the technical disclosure of the patent and should include that which is new in the art to which the invention pertains. The abstract should not refer to purported merits or speculative applications of the invention and should not compare the invention with the prior art.
If the patent is of a basic nature, the entire technical disclosure may be new in the art, and the abstract should be directed to the entire disclosure. If the patent is in the nature of an improvement in an old apparatus, process, product, or composition, the abstract should include the technical disclosure of the improvement. The abstract should also mention by way of example any preferred modifications or alternatives.
Where applicable, the abstract should include the following: (1) if a machine or apparatus, its organization and operation; (2) if an article, its method of making; (3) if a chemical compound, its identity and use; (4) if a mixture, its ingredients; (5) if a process, the steps.
Extensive mechanical and design details of an apparatus should not be included in the abstract. The abstract should be in narrative form and generally limited to a single paragraph within the range of 50 to 150 words in length.
See MPEP § 608.01(b) for guidelines for the preparation of patent abstracts.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
Claims 4, 6 rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claim 4 recites the limitation "an eleventh intermediate code is generated from the said eleventh and second inputs using the said first function, and the said twelfth intermediate code is generated from the said eleventh intermediate code and the said first special code using the said second function”. There is insufficient antecedent basis for this limitation in the claim.
Claim 6 recites the limitation "…the said first function, … the said second function”. There is insufficient antecedent basis for this limitation in the claim.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claim(s) 1-9 are rejected under 35 U.S.C. 103 as being unpatentable over Nix US 2023/0308424 A1 (hereinafter “Nix”) in view of Zheng et al. US 2023/0032099 A1 (hereinafter “Zheng”)
As per claim 1, Nix teaches an online authentication method, comprising:
a first electronic device and a second electronic device which are connected to each other on a network (Device 101 and network 103 can utilize a variety of wireless wide area network (WAN) and wireless local area network (LAN) wireless and technologies to communicate data 106 between the nodes. Nix, para [0053]), wherein:
a first user operates the said first electronic device (The electrical components within device 101 can include a memory 101m, a processor 101p, a radio 101r, a sensory 101y, an actuator 101z, and a user interface 101w… The sensor 101y can collect data external or internal to the device 101, such as temperature, motion, position, pressure, etc. A device 101 could also include the actuator 101z to convert electrical signals into physical actions, such as a motor for moving components, a relay for opening or closing a circuit, a speaker for outputting sound, a screen for displaying information to a user of device 101. Nix, para [0056]),
the said first electronic device has a first special code, the said first special code is confined within the said first electronic device (processor 101p can include a hardware random number generator 128, which can generate a random number or pseudo random number using sensor data within processor 101p. As one example, hardware random number generator 128 could collect electrical or thermal noise values from sensors within processor 101p, and generate a random number from noise values. Nix, para [0058]),
the said second electronic device has a second special code, the said second special code is confined within the said second electronic device (processor 111p can also include a hardware random number generator 128, which can be equivalent to the hardware random number generator 128. Nix, para [0085]),
Nix does not explicitly teach the said first electronic device receives a first input from the said first user, and receives a second input from the said second electronic device, and a second intermediate code is generated using the said first and second inputs and the said first special code, the said first electronic device sends the said second intermediate code to the said second electronic device, and the second electronic device generates a first comparing code from the said second special code and the said second intermediate code using a third function.
However, Zheng teaches the said first electronic device receives a first input from the said first user, and receives a second input from the said second electronic device (endpoint node B generates and sends a first response message to endpoint node A. The first response message comprises a puzzle Q..a which is generated as ciphertext by encrypting the concatenated message of n..a and the received T..a using CCM encryption. Zheng, para [0089]), and a second intermediate code is generated using the said first and second inputs and the said first special code (endpoint node A 140A applies the challenge to its PUF circuit 144A and uses the helper data h..a to generate the clean PUF response R.a
{circumflex over (R)}.a=(PUFA(C.a))
R.a=ECC.rep({circumflex over (R)}.a,h.a)
In step 428, endpoint node A 140A recovers the intermediary secret values P.1a and P.2a
P..1a=H(R..a,ID..B)
P.2a=H(P..1a)
In step 430, endpoint node A 140A uses the received first response message to authenticate endpoint node B. Endpoint node A uses the intermediary secret value P.sub.1a as a decryption key to decrypt the received Q..a. If decryption is successful and the decrypted custom-character is equal to T..a, A accepts B as the authenticated interlocutor. V.a=CCM.dec(AES,P..1a,Q..a). Zheng, para [0092-0095])
the said first electronic device sends the said second intermediate code to the said second electronic device (Endpoint node A then generates a second response message from this puzzle which is sent to endpoint node B. Zheng, para [0099]), and
the second electronic device generates a first comparing code from the said second special code and the said second intermediate code using a third function (endpoint node B uses the intermediary secret value P.sub.2b as a decryption key to decrypt the received Q.sub.b. If Q.sub.b can be successfully decrypted by P.sub.2b retrieved from hashing P.sub.1b, B can further check the freshness of the recovered custom-character. If both are valid, B accepts A as its authenticated interlocutor. Zheng, para [0101]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, to modify the teaching of Nix in view of Zheng. One would be motivated to do so, to enhance the security of the system by generating secure intermediate codes.
As per claim 2, Nix and Zheng teach the online authentication method according to claim 1. Nix does not explicitly teach wherein: a first intermediate code is generated from the said first and second inputs using a first function, and the said second intermediate code is generated from the said first intermediate code and the first special code using a second function.
However, Zheng teaches wherein: a first intermediate code is generated from the said first and second inputs using a first function (endpoint node B 140B applies the challenge C.b to its embedded PUF circuit 144B to generate a reliable PUF response R.b with the helper data h..b.
{circumflex over (R)}.b=(PUFB(C.b))
R.b=ECC.rep({circumflex over (R)}.b,h.b)
In step 412, endpoint node B 140B uses the key mask ϕ.1, to recover the paired custom-character of A by XORing ϕ.sub.1 with P.1b. The latter is the hash of R.b and ID..A. P.sub.1b=H(R..b,ID..A) custom-character=ϕ..1⊕P..1b In step 414, endpoint node B generates first session key material n.a which is a random bit string of length . Zheng, para [0084-0087]), and the said second intermediate code is generated from the said first intermediate code and the first special code using a second function(endpoint node A 140A applies the challenge to its PUF circuit 144A and uses the helper data h..a to generate the clean PUF response R.a
{circumflex over (R)}.a=(PUFA(C.a))
R.a=ECC.rep({circumflex over (R)}.a,h.a)
In step 428, endpoint node A 140A recovers the intermediary secret values P.1a and P.2a
P..1a=H(R..a,ID..B)
P.2a=H(P..1a)
In step 430, endpoint node A 140A uses the received first response message to authenticate endpoint node B. Endpoint node A uses the intermediary secret value P.sub.1a as a decryption key to decrypt the received Q..a. If decryption is successful and the decrypted custom-character is equal to T..a, A accepts B as the authenticated interlocutor. V.a=CCM.dec(AES,P..1a,Q..a). Zheng, para [0092-0095])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, to modify the teaching of Nix in view of Zheng. One would be motivated to do so, to enhance the security of the system by generating different secure intermediate codes.
As per claim 3, Nix and Zheng teach the online authentication method according to claim 1. Nix does not explicitly teach which has an eleventh user, wherein: the said first electronic device receives an eleventh input from the said eleventh user, and then, a twelfth intermediate code is generated using the said eleventh and second inputs and the said first special code, the said first electronic device sends the said twelfth intermediate code to the said second electronic device, the said second electronic device generates an eleventh comparing code from the said second special code and the said twelfth intermediate code using the said third function, and then the said eleventh comparing code and the said first comparing code are compared.
However, Zheng teaches the said first electronic device receives an eleventh input from the said eleventh user, and then, a twelfth intermediate code is generated using the said eleventh and second inputs and the said first special code (endpoint node A 140A applies the challenge to its PUF circuit 144A and uses the helper data h..a to generate the clean PUF response R.a
{circumflex over (R)}.a=(PUFA(C.a))
R.a=ECC.rep({circumflex over (R)}.a,h.a)
In step 428, endpoint node A 140A recovers the intermediary secret values P.1a and P.2a
P..1a=H(R..a,ID..B)
P.2a=H(P..1a)
In step 430, endpoint node A 140A uses the received first response message to authenticate endpoint node B. Endpoint node A uses the intermediary secret value P.sub.1a as a decryption key to decrypt the received Q..a. If decryption is successful and the decrypted custom-character is equal to T..a, A accepts B as the authenticated interlocutor. V.a=CCM.dec(AES,P..1a,Q..a). Zheng, para [0092-0095]),
the said first electronic device sends the said twelfth intermediate code to the said second electronic device (Endpoint node A then generates a second response message from this puzzle which is sent to endpoint node B. Zheng, para [0099]), the said second electronic device generates an eleventh comparing code from the said second special code and the said twelfth intermediate code using the said third function, and then the said eleventh comparing code and the said first comparing code are compared(endpoint node B uses the intermediary secret value P.sub.2b as a decryption key to decrypt the received Q.sub.b. If Q.sub.b can be successfully decrypted by P.sub.2b retrieved from hashing P.sub.1b, B can further check the freshness of the recovered custom-character. If both are valid, B accepts A as its authenticated interlocutor. Zheng, para [0101]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, to modify the teaching of Nix in view of Zheng. One would be motivated to do so, to enhance the security of the system by generating secure intermediate codes.
As per claim 4, Nix and Zheng teach the online authentication method according to claim 3. Nix does not explicitly teach wherein: an eleventh intermediate code is generated from the said eleventh and second inputs using the said first function, and the said twelfth intermediate code is generated from the said eleventh intermediate code and the said first special code using the said second function.
However, Zheng teaches an eleventh intermediate code is generated from the said eleventh and second inputs using the said first function (endpoint node B 140B applies the challenge C.b to its embedded PUF circuit 144B to generate a reliable PUF response R.b with the helper data h..b.
{circumflex over (R)}.b=(PUFB(C.b))
R.b=ECC.rep({circumflex over (R)}.b,h.b)
In step 412, endpoint node B 140B uses the key mask ϕ.1, to recover the paired custom-character of A by XORing ϕ.sub.1 with P.1b. The latter is the hash of R.b and ID..A. P.sub.1b=H(R..b,ID..A) custom-character=ϕ..1⊕P..1b In step 414, endpoint node B generates first session key material n.a which is a random bit string of length . Zheng, para [0084-0087]), and the said twelfth intermediate code is generated from the said eleventh intermediate code and the said first special code using the said second function (endpoint node A 140A applies the challenge to its PUF circuit 144A and uses the helper data h..a to generate the clean PUF response R.a
{circumflex over (R)}.a=(PUFA(C.a))
R.a=ECC.rep({circumflex over (R)}.a,h.a)
In step 428, endpoint node A 140A recovers the intermediary secret values P.1a and P.2a
P..1a=H(R..a,ID..B)
P.2a=H(P..1a)
In step 430, endpoint node A 140A uses the received first response message to authenticate endpoint node B. Endpoint node A uses the intermediary secret value P.sub.1a as a decryption key to decrypt the received Q..a. If decryption is successful and the decrypted custom-character is equal to T..a, A accepts B as the authenticated interlocutor. V.a=CCM.dec(AES,P..1a,Q..a). Zheng, para [0092-0095])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, to modify the teaching of Nix in view of Zheng. One would be motivated to do so, to enhance the security of the system by generating different secure intermediate codes.
As per claim 5, Nix and Zheng teach the online authentication method according to claim 1, which has a twenty-first electronic device, wherein: the twenty-first electronic device has a twenty-first special code, the said twenty-first special code is confined within the said twenty-first electronic device (processor 101p can include a hardware random number generator 128, which can generate a random number or pseudo random number using sensor data within processor 101p. As one example, hardware random number generator 128 could collect electrical or thermal noise values from sensors within processor 101p, and generate a random number from noise values. Nix, para [0058]),
Nix does not explicitly teach the said twenty-first electronic device receives the said first input from the said first user and the said second input from the said second electronic device, and then, a twenty-second intermediate code is generated from the said first and second inputs and the said twenty-first special code, the said twenty-first electronic device sends the said twenty-second intermediate code to the second electronic device, and the second electronic device generates a twenty-first comparing code from the said second special code and the said twenty-second intermediate code using the said third function and then compares the said twenty-first comparing code and the said first comparing code.
However, Zheng teaches the said twenty-first electronic device receives the said first input from the said first user and the said second input from the said second electronic device (endpoint node B generates and sends a first response message to endpoint node A. The first response message comprises a puzzle Q..a which is generated as ciphertext by encrypting the concatenated message of n..a and the received T..a using CCM encryption. Zheng, para [0089]), and
then, a twenty-second intermediate code is generated from the said first and second inputs and the said twenty-first special code (endpoint node A 140A applies the challenge to its PUF circuit 144A and uses the helper data h..a to generate the clean PUF response R.a
{circumflex over (R)}.a=(PUFA(C.a))
R.a=ECC.rep({circumflex over (R)}.a,h.a)
In step 428, endpoint node A 140A recovers the intermediary secret values P.1a and P.2a
P..1a=H(R..a,ID..B)
P.2a=H(P..1a)
In step 430, endpoint node A 140A uses the received first response message to authenticate endpoint node B. Endpoint node A uses the intermediary secret value P.sub.1a as a decryption key to decrypt the received Q..a. If decryption is successful and the decrypted custom-character is equal to T..a, A accepts B as the authenticated interlocutor. V.a=CCM.dec(AES,P..1a,Q..a). Zheng, para [0092-0095])
the said twenty-first electronic device sends the said twenty-second intermediate code to the second electronic device(Endpoint node A then generates a second response message from this puzzle which is sent to endpoint node B. Zheng, para [0099]), and
the second electronic device generates a twenty-first comparing code from the said second special code and the said twenty-second intermediate code using the said third function and then compares the said twenty-first comparing code and the said first comparing code (endpoint node B uses the intermediary secret value P.sub.2b as a decryption key to decrypt the received Q.sub.b. If Q.sub.b can be successfully decrypted by P.sub.2b retrieved from hashing P.sub.1b, B can further check the freshness of the recovered custom-character. If both are valid, B accepts A as its authenticated interlocutor. Zheng, para [0101]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, to modify the teaching of Nix in view of Zheng. One would be motivated to do so, to enhance the security of the system by generating secure intermediate codes.
As per claim 6, Nix and Zheng teach the online authentication method according to claim 5, Nix does not explicitly teach which has a twenty-first intermediate code generated from the said first and second inputs using the said first function, wherein: the said twenty-second intermediate code is generated from the said twenty-first intermediate code and the twenty-first special code using the said second function.
However, Zheng teaches which has a twenty-first intermediate code generated from the said first and second inputs using the said first function (endpoint node B 140B applies the challenge C.b to its embedded PUF circuit 144B to generate a reliable PUF response R.b with the helper data h..b.
{circumflex over (R)}.b=(PUFB(C.b))
R.b=ECC.rep({circumflex over (R)}.b,h.b)
In step 412, endpoint node B 140B uses the key mask ϕ.1, to recover the paired custom-character of A by XORing ϕ.sub.1 with P.1b. The latter is the hash of R.b and ID..A. P.sub.1b=H(R..b,ID..A) custom-character=ϕ..1⊕P..1b In step 414, endpoint node B generates first session key material n.a which is a random bit string of length . Zheng, para [0084-0087]), wherein:
the said twenty-second intermediate code is generated from the said twenty-first intermediate code and the twenty-first special code using the said second function (endpoint node A 140A applies the challenge to its PUF circuit 144A and uses the helper data h..a to generate the clean PUF response R.a
{circumflex over (R)}.a=(PUFA(C.a))
R.a=ECC.rep({circumflex over (R)}.a,h.a)
In step 428, endpoint node A 140A recovers the intermediary secret values P.1a and P.2a
P..1a=H(R..a,ID..B)
P.2a=H(P..1a)
In step 430, endpoint node A 140A uses the received first response message to authenticate endpoint node B. Endpoint node A uses the intermediary secret value P.sub.1a as a decryption key to decrypt the received Q..a. If decryption is successful and the decrypted custom-character is equal to T..a, A accepts B as the authenticated interlocutor. V.a=CCM.dec(AES,P..1a,Q..a). Zheng, para [0092-0095])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, to modify the teaching of Nix in view of Zheng. One would be motivated to do so, to enhance the security of the system by generating different secure intermediate codes.
As per claim 7, Nix and Zheng teach the online authentication method according to claim 1. Nix does not explicitly teach wherein: a third intermediate code is generated from the said first input and the said first special code using a fourth function, the said first electronic device sends the said third intermediate code to the said second electronic device, and then, in the said second electronic device, a fourth intermediate code is generated from the said third intermediate code and the said second special code using a fifth function, and the said second electronic device sends the said fourth intermediate code to the said first electronic device, and then, in the said first electronic device, a third comparing code is generated from the said fourth intermediate code and the said first special code using a six function.
However, Zheng teaches wherein: a third intermediate code is generated from the said first input and the said first special code using a fourth function (endpoint node A 140A applies the challenge to its PUF circuit 144A and uses the helper data h..a to generate the clean PUF response R.a
{circumflex over (R)}.a=(PUFA(C.a))
R.a=ECC.rep({circumflex over (R)}.a,h.a)
In step 428, endpoint node A 140A recovers the intermediary secret values P.1a and P.2a
P..1a=H(R..a,ID..B)
P.2a=H(P..1a)
In step 430, endpoint node A 140A uses the received first response message to authenticate endpoint node B. Endpoint node A uses the intermediary secret value P.sub.1a as a decryption key to decrypt the received Q..a. If decryption is successful and the decrypted custom-character is equal to T..a, A accepts B as the authenticated interlocutor. V.a=CCM.dec(AES,P..1a,Q..a). Zheng, para [0092-0095])
the said first electronic device sends the said third intermediate code to the said second electronic device (Endpoint node A then generates a second response message from this puzzle which is sent to endpoint node B. Zheng, para [0099]), and then, in the said second electronic device, a fourth intermediate code is generated from the said third intermediate code and the said second special code using a fifth function (endpoint node B 140B applies the challenge C.b to its embedded PUF circuit 144B to generate a reliable PUF response R.b with the helper data h..b.{circumflex over (R)}.b=(PUFB(C.b))
R.b.b=ECC.rep({circumflex over (R)}..b,h.b)
In step 412, endpoint node B 140B uses the key mask ϕ.1, to recover the paired custom-character of A by XORing ϕ.sub.1 with P.1b. The latter is the hash of R.b and ID..A. P..1b=H(R..b,ID..A). Zheng, para [0085-0086]), and
the said second electronic device sends the said fourth intermediate code to the said first electronic device (endpoint node B generates and sends a first response message to endpoint node A. The first response message comprises a puzzle Q.a which is generated as ciphertext by encrypting the concatenated message of n.a and the received T.a using CCM encryption. Zheng, para [0089]), and then, in the said first electronic device, a third comparing code is generated from the said fourth intermediate code and the said first special code using a six function (endpoint node A 140A uses the received first response message to authenticate endpoint node B. Endpoint node A uses the intermediary secret value P.sub.1a as a decryption key to decrypt the received Q.a. If decryption is successful and the decrypted custom-character is equal to T.a, A accepts B as the authenticated interlocutor. V.a=CCM.dec(AES,P.1a,Q.a). Zheng, para [0101]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, to modify the teaching of Nix in view of Zheng. One would be motivated to do so, to enhance the security of the system by generating secure intermediate codes.
As per claim 8, Nix and Zheng teach the online authentication method according to claim 7, which has a thirty-first electronic device on the said network, wherein:
the said thirty-first electronic device has a thirty-first special code, the said thirty-first special code is confined within the said thirty-first electronic device (processor 101p can include a hardware random number generator 128, which can generate a random number or pseudo random number using sensor data within processor 101p. As one example, hardware random number generator 128 could collect electrical or thermal noise values from sensors within processor 101p, and generate a random number from noise values. Nix, para [0058]),
Nix does not explicitly teach the first electronic device sends the said third intermediate code to the said thirty-first electronic device, and then, in the said thirty-first electronic device, a fifth intermediate code is generated from the said third intermediate code and the said thirty-first special code using the said fifth function, the said thirty-first electronic device sends the said fifth intermediate code to the said first electronic device, and then, in the said first electron device, a thirty-first comparing code is generated from the said fifth intermediate code and the said first special code using the sixth function, and then the said thirty-first comparing code and the said third comparing code are compared.
However, Zheng teaches the first electronic device sends the said third intermediate code to the said thirty-first electronic device (Endpoint node A then generates a second response message from this puzzle which is sent to endpoint node B. Zheng, para [0099]), and then, in the said thirty-first electronic device, a fifth intermediate code is generated from the said third intermediate code and the said thirty-first special code using the said fifth function (endpoint node B 140B applies the challenge C.b to its embedded PUF circuit 144B to generate a reliable PUF response R.b with the helper data h..b.{circumflex over (R)}.b=(PUFB(C.b))
R.b.b=ECC.rep({circumflex over (R)}..b,h.b)
In step 412, endpoint node B 140B uses the key mask ϕ.1, to recover the paired custom-character of A by XORing ϕ.sub.1 with P.1b. The latter is the hash of R.b and ID..A. P..1b=H(R..b,ID..A). Zheng, para [0085-0086]),
the said thirty-first electronic device sends the said fifth intermediate code to the said first electronic device(endpoint node B generates and sends a first response message to endpoint node A. The first response message comprises a puzzle Q.a which is generated as ciphertext by encrypting the concatenated message of n.a and the received T.a using CCM encryption. Zheng, para [0089]), and then, in the said first electron device, a thirty-first comparing code is generated from the said fifth intermediate code and the said first special code using the sixth function, and then the said thirty-first comparing code and the said third comparing code are compared (endpoint node A 140A uses the received first response message to authenticate endpoint node B. Endpoint node A uses the intermediary secret value P.sub.1a as a decryption key to decrypt the received Q.a. If decryption is successful and the decrypted custom-character is equal to T.a, A accepts B as the authenticated interlocutor. V.a=CCM.dec(AES,P.1a,Q.a). Zheng, para [0101]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, to modify the teaching of Nix in view of Zheng. One would be motivated to do so, to enhance the security of the system by generating secure intermediate codes.
As per claim 9, Nix and Zheng teach the online authentication method according to claim 1, wherein:
the said first electronic device has a first device identification module (The device can send the server a first message, which could comprise a “Client Hello” message. The first message can include (i) the device ephemeral public key, (ii) an identifier. Nix, para [0016]),
the said first device identification module has a first inner code (Cert. Device 101c. Nix, Fig. 1 Device 101),
a first external entity inputs a first challenge to the said first device identification module, and then the said first special code is generated from the said first challenge and the said first inner code (Device 101 can include a PQC key pair generation algorithm PQC.KeyGen 101q from cryptographic algorithms 101s and the selected first subset 101f-x (or first KEM algorithm) of KEM parameters 101f. The PQC key pair generation algorithm PQC.KeyGen 101q from cryptographic algorithms 101s can comprise computer executable instructions for a processor 101p in device 101 to generate an ephemeral private key and corresponding ephemeral public key. Network 103 can include a compatible PQC key pair generation algorithm 103q from cryptographic algorithms 103s described below. A PQC key pair generation algorithm 101q can use the selected first subset 101f-x (or first KEM algorithm) of KEM parameters 101f in order to generate (i) a random number from a random number generator 128 in order to derive a device ephemeral PKI private key eSK.device 101h and (ii) a corresponding device ephemeral PKI public key ePK.device 101i. Although FIG. 1 depicts a single device ephemeral public key ePK.device 101h and a single device ephemeral private key eSK.device 101i, a device 101 could generate, store, and use a plurality of the ephemeral PKI key pairs. Nix, para [0077]),
the said second electronic device has a second device identification module (each server 111 can be identified using a different server identity of server ID 111a. Nix, para [0082]),
the said second device identification module has a second inner code (Certificate server 103c. Fig. 1 Server 111), and
a second external entity inputs a second challenge to the said second device identification module, and then the said second special code is generated from the said second challenge and the said second inner code (Server 111 can include a PQC key pair generation algorithm PQC.KeyGen 103q from cryptographic algorithms 103s and the selected subset 103f-x (or second KEM algorithm) of KEM parameters 103f. A PQC key pair generation algorithm 103q can use the selected subset 103f-y (or second KEM algorithm) of KEM parameters 103f in order to generate (i) a random number from a random number generator in order to derive or generate a server ephemeral PKI private key eSK.server 103h and (ii) a corresponding server ephemeral PKI public key ePK.server 103i. Although FIG. 1 depicts a single server ephemeral public key ePK.server 103h and a single server ephemeral private key eSK.server 103i, a server 111 could generate, store, and use a plurality of the ephemeral PKI key pairs. Nix, para [0098]).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
A. Kang et al. US 2019/0208417 A1 directed to mobile network authentication and network authentication entity.
B. Hawkes et al. US 9,402,177 B2 directed to authentication in secure user plane location systems.
C. Sivarajan et al. US 2018/0041507 A1 directed to systems for provisioning devices.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KHALID M ALMAGHAYREH whose telephone number is (571)272-0179. The examiner can normally be reached Monday - Thursday 8AM-5PM EST & Friday variable.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, RUPAL DHARIA can be reached at (571)272-3880. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
Respectfully Submitted
/KHALID M ALMAGHAYREH/ Primary Examiner, Art Unit 2492