DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Amendment
A preliminary amendment was received concurrently with the filing of the present application on 31 October 2024. By this preliminary amendment, Claims 1-5 have been amended. No claims have been added or canceled. Claims 1-5 are currently pending in the present application.
The preliminary amendment does not comply with the requirement of 37 CFR 1.72(b) that the sheet presenting the abstract may not include other parts of the application or other material (see page 2 of the preliminary amendment). See also MPEP § 714 II.B. The amendments to the specification and abstract are required to be resubmitted in a manner compliant with 37 CFR 1.121(b) and 1.72(b).
Drawings
Figures 16-18 should be designated by a legend such as --Prior Art-- because only that which is old is illustrated. See MPEP § 608.02(g). Corrected drawings in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. The replacement sheet(s) should be labeled “Replacement Sheet” in the page header (as per 37 CFR 1.84(c)) so as not to obstruct any portion of the drawing figures. If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.
The drawings are objected to because they include informalities. In Figure 8, steps S104, S114, and S134, it is stated to “check PK10 [or PK100 or PK201] with signature”. However, it is not clear how the keys are checked with the signature, and from the specification, it appears that it is the signatures that are checked using the keys. Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. The figure or figure number of an amended drawing should not be labeled as “amended.” If a drawing figure is to be canceled, the appropriate figure must be removed from the replacement sheet, and where necessary, the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional replacement sheets may be necessary to show the renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.
Specification
The disclosure is objected to because of the following informalities:
It is noted that two versions of the specification have been provided as of the filing date; although it appears that the content is identical, the pagination is different. In the following description, reference will be made to the version of the specification filed 31 October 2024 having 27 pages.
The paragraph numbering in the specification is not clear, because numerous paragraph numbers appear to be followed by plural paragraphs. For example, see paragraph number 0002, which is followed by two paragraphs before paragraph number 0003; paragraph numbers 0004, 0007, and 0009, which are each followed by three paragraphs; and paragraph number 0011, which is followed by nineteen paragraphs. As per 37 CFR 1.52(b)(6), the paragraphs should be individually and consecutively numbered. See also MPEP § 608.01.
The specification includes minor grammatical and other errors. For example, in paragraph 0004, second paragraph, line 3, reference is made to a “public key/secret key pair”, and reference is made throughout the specification to secret keys. However, the key paired with an asymmetric public key is generally referred to as a private key, whereas the term “secret key” is generally used to refer to a symmetric key. Therefore, this usage is contrary to the accepted definition of the term and has not been redefined. In paragraph 0015, lines 6-7, the phrase “destination devices are a total of three devices” is not in clear idiomatic English. In paragraph 0016, lines 8-9, it is not clear what is meant by “a calculation subject who has performed the calculation together”; it is not clear what the calculation is performed together with. In paragraph 0019, line 4, it appears that “processing of these processing units” may be intended to read “processing by these processing units”. In paragraph 0022, lines 5-6, in the phrase “a public key PK paired with a secret key SK individually possessed by each destination device”, it is not clear what is meant by “individually possessed”. For example, it is not clear if the same secret (private) key is possessed by each destination device. In paragraph 0022, lines 7-9, and paragraph 0023, lines 5-7, it is not clear how simply distributing the first or second encrypted data would thereby cause the decryption of this data. In paragraph 0025, second paragraph, line 2, the phrase “an own key” is grammatically unclear and not in clear idiomatic English. Similar unclear use of “own key” or “own signature” appears throughout the specification. In paragraph 0029, third paragraph, line 4, it appears that “connecting” may be intended to read “concatenating”. In paragraph 0033, second paragraph, lines 3-4, it is not clear how the server “checks the transmitted public key PK10 with the signature SK10(R1)”; it appears that, instead, the signature would be checked with the public key (by decrypting the signature with the public key and comparing the results). See also paragraph 0036, third paragraph, and paragraph 0038, third paragraph. In paragraph 0039, second paragraph, line 3, the phrase “are a set to be” is grammatically unclear.
Appropriate correction is required. The above is not intended as an exhaustive list of errors in the specification. The lengthy specification has not been checked to the extent necessary to determine the presence of all possible minor errors. Applicant’s cooperation is requested in correcting any errors of which applicant may become aware in the specification.
Claim Objections
Claims 1, 2, and 5 are objected to because of the following informalities:
In Claim 1, lines 2-6, it appears that the elements of the list of steps should be separated by semicolons because the list items include internal commas; i.e. the comma in line 3 before “generates” and the comma in line 5 before “and distributes” should be replaced with semicolons.
In Claim 2, lines 5 and 6, it appears that “processing of” should read “processing by”.
In Claim 5, lines 4-8, it appears that the elements of the list of steps should be separated by semicolons because the list items include internal commas; i.e. the comma in line 5 before “generating” and the comma in line 7 before “and distributing” should be replaced with semicolons
Appropriate correction is required.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 1-5 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claim 1 recites “a public key paired with a secret key individually possessed by each of the destination devices” in lines 4-5. First, the use of “secret key” as paired with a public key is contrary to the established definition of a secret key as a symmetric key (whereas the asymmetric key paired with a public key is known as a private key), and the specification has not explicitly redefined the term “secret key” as required by MPEP § 2173.05(a) III. Further, the phrase “individually possessed by each of the destination devices” is not clear as to whether each destination device possesses the same secret (private) key (paired with a single public key) or if there are to be plural public/private key pairs. The claim further recites “thereby causing each of the destination devices to decrypt the common key” in lines 6-7. It is not clear how merely distributing the first encrypted data to the destination devices would positively cause the decryption (further, such decryption by the destination devices does not clearly limit the claimed distribution device). The claim additionally recites a “calculation result” in line 9. It is not clear what calculation this is a result of, and the absence of such a calculation appears to be an omission of essential subject matter and/or a gap in the claim. The claim also recites “to each of the destination devices” in line 9. It is not grammatically clear what this phrase is intended to modify; by the placement of the phrase, it appears to be intended to modify “using the common key” but it is not clear how that would be used to each destination device. The claim further recites “thereby causing each of the destination devices to decrypt the calculation result” in line 10. It is not clear how merely distributing the first encrypted data to the destination devices would positively cause the decryption (further, such decryption by the destination devices does not clearly limit the claimed distribution device). The above ambiguities render the claim indefinite.
Claim 3 recites “the destination devices” in line 2. However, although the clam refers to Claim 2, there is not clear antecedent basis for this limitation in the claims. Claim 3 further recites “some of the destination devices” in line 3. The term “some” is by definition an indefinite quantity. The claim further recites “in the first protection region” in line 6. It is not grammatically clear what this phrase is intended to modify; that is, it is not clear whether verifier is in the first protection region or if the each of the destination devices is in the first protection region, noting that the latter is implied by the placement of the phrase but is then unclear how the destination devices would be in the result distribution device that includes the first protection region. The claim additionally recites “the verifier verifies” in line 7; it is not clear how the claimed system would include this step of verifying, although it appears that this may be intended to recite that the verifier is configured to perform this verification. The claim also recites “the destination device” in lines 7 and 8; however, it is not clear to which of the plural destination devices these limitations are intended to refer.
Claim 4 recites “an own signature” in lines 3-4. This is grammatically unclear and not in clear idiomatic English, and further, it is not clear what is actually signed. The claim further recites “the destination device” in line 7; however, it is not clear to which of the plural destination devices this is intended to refer. The claim additionally recites “in the second protection region” in line 8. It is not grammatically clear what this phrase is intended to modify; although the placement suggests that it modifies the offload destination device, it is not clear how that device would be in the second protection region.
Claim 5 recites “a public key paired with a secret key individually possessed by each of the destination devices” in lines 6-7. First, the use of “secret key” as paired with a public key is contrary to the established definition of a secret key as a symmetric key (whereas the asymmetric key paired with a public key is known as a private key), and the specification has not explicitly redefined the term “secret key” as required by MPEP § 2173.05(a) III. Further, the phrase “individually possessed by each of the destination devices” is not clear as to whether each destination device possesses the same secret (private) key (paired with a single public key) or if there are to be plural public/private key pairs. The claim further recites “thereby causing each of the destination devices to decrypt the common key” in lines 8-9. It is not clear how merely distributing the first encrypted data to the destination devices would positively cause the decryption (further, such decryption by the destination devices does not clearly limit the claimed distribution device). The claim additionally recites a “calculation result” in lines 10-11. It is not clear what calculation this is a result of, and the absence of such a calculation appears to be an omission of essential subject matter and/or a gap in the claim. The claim also recites “to each of the destination devices” in line 11. It is not grammatically clear what this phrase is intended to modify; by the placement of the phrase, it appears to be intended to modify “using the common key” but it is not clear how that would be used to each destination device. The claim further recites “thereby causing each of the destination devices to decrypt the calculation result” in lines 11-12. It is not clear how merely distributing the first encrypted data to the destination devices would positively cause the decryption (further, such decryption by the destination devices does not clearly limit the claimed distribution device). The above ambiguities render the claim indefinite.
Claims not explicitly referred to above are rejected due to their dependence on a rejected base claim.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1, 2, and 5 are rejected under 35 U.S.C. 103 as being unpatentable over Imbayashi, US Patent Application Publication 2022/0385455 (cited by Applicant), in view of Matsuzaki et al, US Patent 6813357.
In reference to Claim 1, Imbayashi discloses a distribution device that includes a common key distributer that generates a common key shared by plural devices (Figure 4, step S113; paragraph 0066, system key is common/symmetric key), generates first encrypted data by encrypting the common key by a public key paired with a private key possessed by a destination device (Figure 5, step S217; paragraph 0077, key encrypted by public key), and distributing the first encrypted data to the destination device which decrypts the common key (Figure 5, steps S219 and S221; paragraphs 0077-0078, key transmitted and decrypted); and a data output circuit that distributes second encrypted data, obtained by encrypting a calculation result using the common key, to the destination device which decrypts the calculation result (Figure 6, steps S315-S317; paragraph 0087, encrypted result is stored for later decryption). However, Imbayashi does not explicitly disclose a plurality of destination devices.
Matsuzaki discloses a distribution device that generates a common key that is distributed to plurality of destination devices and encrypted by a public key (for example, see Figures 1-3, base station 0 corresponding to distribution device and terminals 1-5 corresponding to destination devices; see also column 11, line 36-column 12, line 28). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the device of Imbayashi to include multiple destination devices as taught by Matsuzaki, in order to allow distribution of a common key to plural terminals while allowing exclusion of certain terminals (see Matsuzaki, column 11, lines 36-55).
In reference to Claim 2, Imbayashi and Matsuzaki further disclose a first protection region for protecting stored data from unauthorized data access where data used for processing by the distributer and output circuit are stored in the first protection region (Imbayashi, paragraph 0087, encrypted data can be stored in secure storage 116).
Claim 5 is directed to a method corresponding to the functionality of the distribution device of Claim 1, and is rejected by a similar rationale.
Claims 3 and 4 are rejected under 35 U.S.C. 103 as being unpatentable over Imbayashi in view of Matsuzaki as applied to Claim 2 above, and further in view of Hanna, US Patent 8104073.
In reference to Claim 3, Imbayashi and Matsuzaki disclose a system that includes a calculation result distribution device as detailed above in reference to Claim 2 (see above) and a plurality of destination devices (Matsuzaki, terminals 1-5, as described above). However, neither Imbayshi nor Matsuzaki explicitly discloses a second protection region in the destination devices and verifying the presence of the second protection region. Hanna discloses a system in which destination devices have a second protection region for protecting stored data from unauthorized access (Figure 1, endpoint device 4, TPM chip 22) where a verifier on a distribution device (health evaluation module 26 on access control device 20) verifies whether or not a destination device has a second protection region based on device information and if the verification passes allowing data to be sent to the destination device (column 4, line 63-column 5, line 64, determining presence of TPM, corresponding to second protection region; column 9,line 48-column 10, line 34, packets are sent if endpoint has acceptable configuration and signature from TPM is valid). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to further modify the system of Imbayashi and Matsuzaki to include the verification of second protection regions on the destination devices as taught by Hanna, in order to allow secure exchange of network access control information (see Hanna, column 1, line 55-column 2, line 7).
In reference to Claim 4, Imbayashi, Matsuzaki, and Hanna further discloses an offload destination device calculating the calculation result (Imbayshi, calculation server 100) where the offload device transmits the calculation result and a signature (Imbayshi, step S317; Matsuzaki, column 16, lines 13-17, signature added to distributed data to improve security), the data output circuit distributes the second encrypted data and signature to each destination device (Imbayashi, step S317; Matsuzaki, plural destination devices terminals 1-5, and column 16, lines 13-17, signature), and the destination device verifies the result by decrypting the signature (Matsuzaki, column 16, lines 46-50, verifying signature).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Nishioka et al, US Patent 6041408, discloses a method for sharing common key information to a plurality of receivers.
Ueda et al, US Patent 9026794, discloses a system where an encryption key is stored in a protected area of a storage unit.
Wakai, US Patent 10691832, discloses a system with a key management device that distributes a shared key to plural devices.
Chaiken et al, US Patent 10936460, discloses a method that includes verifying presence of motherboard resources such as a TPM.
Rahn et al, US Patent 11438162, discloses determining whether a device includes a TPM and allowing connection to a remote server if the TPM is present.
Tanji et al, US Patent 11522685, discloses a system with a common key distribution unit to transmit encrypted common keys to a plurality of terminals.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Zachary A Davis whose telephone number is (571)272-3870. The examiner can normally be reached Monday-Friday, 9:00am-5:30pm, Eastern Time.
Examiner interviews are available via telephone and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Rupal D Dharia can be reached at (571) 272-3880. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Zachary A. Davis/Primary Examiner, Art Unit 2492