DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Status of Claims
In response to communications filed on 05 December 2025, claims 1-7 and 15-27 are presently pending in the application, of which, claims 1, 15, and 16 are presented in independent form. The Examiner acknowledges amended claims1, 15, and 16. Claims 8-14 were previously cancelled.
Priority
Receipt is acknowledged of certified copies of papers required by 37 CFR 1.55.
Response to Remarks/Arguments
All objections and/or rejections issued in the previous Office Action, mailed 09 September 2025, have been withdrawn, unless otherwise noted in this Office Action.
Applicant’s arguments with respect to claims 1-7 and 15-27 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-7 and 15-27 are rejected under 35 U.S.C. 103 as being unpatentable by de Perthuis, Hugues (U.S. 2016/0020903 and known hereinafter as de Perthius) in view of a non-patent literature titled “Information Leakage in Encrypted Deduplication via Frequency Analysis: Attacks and Defenses,” published 29 March 2020, by Li, Jingwei, et al (known hereinafter as Li).
As per claim 1, de Perthuis teaches a data sorting method, wherein the method comprises:
determining a to-be-processed array, and selecting a reference ciphertext from the to-be- processed array (e.g. dePerthius, see paragraphs [0057-0063], which discloses a block cipher to be encrypted based on the address in memory.);
for each non-reference ciphertext, determining a first noise value of a non-reference ciphertext, determining a first specified parameter based on an upper limit of a value range of the first noise value, and determining a to-be-compared ciphertext of the non-reference ciphertext based on the first specified parameter and the first noise value (e.g. de Perthius, see paragraphs [0061-0069], which discloses using the nonce and key are provided as inputs to the block cipher which encrypts the value of the plaintext to generate the ciphertext, which is then written to memory with the additional information and parameters associated with it);
updating the reference ciphertext based on the first specified parameter, and comparing a size of an updated reference ciphertext with a size of the to-be-compared ciphertext of the non- reference ciphertext to obtain a first comparison result of the non-reference ciphertext (e.g. de Perthius, see paragraphs [0066-0073], which discloses using the nonce is composed from a combination of elements (e.g. parameters), which may include one or more of the type of data bits being encrypted, the access rights to the data bits, the status of the microprocessor, the value of a counter, security status, etc.);
preventing a first leakage of the first noise value at the electronic device from causing a second leakage of the first comparison result at the electronic device based on linking the first noise value to a ciphertext random number;
dividing the to-be-processed array based on a first comparison result of each non-reference ciphertext, to obtain two subarrays (e.g. de Perthius, see paragraphs [0069-0077], which discloses the nonce is factored in to obtain both decryption and encryption, where each may be a subarray, where the plaintext is a non-referenced ciphertext that is to be compared.);
for each obtained subarray, re-using an obtained subarray as a to-be-processed array, continuing to select a reference ciphertext for comparison with a non-reference ciphertext, and continuing to determine each subarray until a determined subarray comprises a single ciphertext (e.g. de Perthius, see paragraphs [0069-0077], which discloses for each encryption and decryption, a hint is provided that describes how the configuration of the nonce needs to change to match the needed nonce generated for the next piece of code.); and
determining a sorting result of each ciphertext based on a size relationship between the arrays (e.g. de Perthius, see paragraphs [0066-0073], which discloses using the nonce is composed from a combination of elements (e.g. parameters), which may include one or more of the type of data bits being encrypted, the access rights to the data bits, the status of the microprocessor, the value of a counter, security status, etc. and in which the nonce is stored based on the counter value.).
de Perthuis does not explicitly disclose preventing a first leakage of the first noise value at the electronic device from causing a second leakage of the first comparison result at the electronic device based on linking the first noise value to a ciphertext random number.
Li teaches preventing a first leakage of the first noise value at the electronic device from causing a second leakage of the first comparison result at the electronic device based on linking the first noise value to a ciphertext random number (e.g. Li, see page 18, section 5.3.3, which discloses various leakage rates, where the inference rates of the attacks for different leakage rates about the target backup being inferred. The slight increase in the leakage rate can lead to a significant increase in the inference rate. See further page 27, which discloses encrypted deduplication, where random convergent encryption uses random keys for chunk encryption by adding deterministic tags into ciphertext chunks for checking any duplicates so that the adversary can count the deterministic tags to obtain the frequency distribution.).
De Perthuis is directed to encrypting and decrypting blocks of data using a block cipher with a nonce. Li is directed to information leakage in encrypted deduplication. Both are analogous art because they utilize ciphertext and therefore it would have been obvious to one of ordinary skilled in the art at the time the invention was filed to modify the teachings of De Perthuis with the teachings of Li to include the claimed features with the motivation to improve data privacy using ciphertext.
As per claim 15, de Perthuis teaches a non-transitory computer-readable storage medium, wherein the storage medium stores a computer program, and when the computer program us executed by a processor, the processor is caused to implement a data sorting method, and the method comprising:
determining a to-be-processed array, and selecting a reference ciphertext from the to-be- processed array (e.g. dePerthius, see paragraphs [0057-0063], which discloses a block cipher to be encrypted based on the address in memory.);
for each non-reference ciphertext, determining a first noise value of a non-reference ciphertext, determining a first specified parameter based on an upper limit of a value range of the first noise value, and determining a to-be-compared ciphertext of the non-reference ciphertext based on the first specified parameter and the first noise value (e.g. de Perthius, see paragraphs [0061-0069], which discloses using the nonce and key are provided as inputs to the block cipher which encrypts the value of the plaintext to generate the ciphertext, which is then written to memory with the additional information and parameters associated with it);
updating the reference ciphertext based on the first specified parameter, and comparing a size of an updated reference ciphertext with a size of the to-be-compared ciphertext of the non- reference ciphertext to obtain a first comparison result of the non-reference ciphertext (e.g. de Perthius, see paragraphs [0066-0073], which discloses using the nonce is composed from a combination of elements (e.g. parameters), which may include one or more of the type of data bits being encrypted, the access rights to the data bits, the status of the microprocessor, the value of a counter, security status, etc.);
dividing the to-be-processed array based on a first comparison result of each non-reference ciphertext, to obtain two subarrays (e.g. de Perthius, see paragraphs [0069-0077], which discloses the nonce is factored in to obtain both decryption and encryption, where each may be a subarray, where the plaintext is a non-referenced ciphertext that is to be compared.);
for each obtained subarray, re-using an obtained subarray as a to-be-processed array, continuing to select a reference ciphertext for comparison with a non-reference ciphertext, and continuing to determine each subarray until a determined subarray comprises a single ciphertext (e.g. de Perthius, see paragraphs [0069-0077], which discloses for each encryption and decryption, a hint is provided that describes how the configuration of the nonce needs to change to match the needed nonce generated for the next piece of code.); and
determining a sorting result of each ciphertext based on a size relationship between the arrays (e.g. de Perthius, see paragraphs [0066-0073], which discloses using the nonce is composed from a combination of elements (e.g. parameters), which may include one or more of the type of data bits being encrypted, the access rights to the data bits, the status of the microprocessor, the value of a counter, security status, etc. and in which the nonce is stored based on the counter value.).
de Perthuis does not explicitly disclose preventing a first leakage of the first noise value at the electronic device from causing a second leakage of the first comparison result at the electronic device based on linking the first noise value to a ciphertext random number.
Li teaches preventing a first leakage of the first noise value at the electronic device from causing a second leakage of the first comparison result at the electronic device based on linking the first noise value to a ciphertext random number (e.g. Li, see page 18, section 5.3.3, which discloses various leakage rates, where the inference rates of the attacks for different leakage rates about the target backup being inferred. The slight increase in the leakage rate can lead to a significant increase in the inference rate. See further page 27, which discloses encrypted deduplication, where random convergent encryption uses random keys for chunk encryption by adding deterministic tags into ciphertext chunks for checking any duplicates so that the adversary can count the deterministic tags to obtain the frequency distribution.).
De Perthuis is directed to encrypting and decrypting blocks of data using a block cipher with a nonce. Li is directed to information leakage in encrypted deduplication. Both are analogous art because they utilize ciphertext and therefore it would have been obvious to one of ordinary skilled in the art at the time the invention was filed to modify the teachings of De Perthuis with the teachings of Li to include the claimed features with the motivation to improve data privacy using ciphertext.
As per claim 16, de Perthuis teaches an electronic device, comprising a memory, a processor, and a computer program that is stored in the memory and that is capable of running on the processor, wherein when the processor executes the program, the processor is caused to implement a data sorting method, and the method comprises:
determining a to-be-processed array, and selecting a reference ciphertext from the to-be- processed array (e.g. dePerthius, see paragraphs [0057-0063], which discloses a block cipher to be encrypted based on the address in memory.);
for each non-reference ciphertext, determining a first noise value of a non-reference ciphertext, determining a first specified parameter based on an upper limit of a value range of the first noise value, and determining a to-be-compared ciphertext of the non-reference ciphertext based on the first specified parameter and the first noise value (e.g. de Perthius, see paragraphs [0061-0069], which discloses using the nonce and key are provided as inputs to the block cipher which encrypts the value of the plaintext to generate the ciphertext, which is then written to memory with the additional information and parameters associated with it);
updating the reference ciphertext based on the first specified parameter, and comparing a size of an updated reference ciphertext with a size of the to-be-compared ciphertext of the non- reference ciphertext to obtain a first comparison result of the non-reference ciphertext (e.g. de Perthius, see paragraphs [0066-0073], which discloses using the nonce is composed from a combination of elements (e.g. parameters), which may include one or more of the type of data bits being encrypted, the access rights to the data bits, the status of the microprocessor, the value of a counter, security status, etc.);
dividing the to-be-processed array based on a first comparison result of each non-reference ciphertext, to obtain two subarrays (e.g. de Perthius, see paragraphs [0069-0077], which discloses the nonce is factored in to obtain both decryption and encryption, where each may be a subarray, where the plaintext is a non-referenced ciphertext that is to be compared.);
for each obtained subarray, re-using an obtained subarray as a to-be-processed array, continuing to select a reference ciphertext for comparison with a non-reference ciphertext, and continuing to determine each subarray until a determined subarray comprises a single ciphertext (e.g. de Perthius, see paragraphs [0069-0077], which discloses for each encryption and decryption, a hint is provided that describes how the configuration of the nonce needs to change to match the needed nonce generated for the next piece of code.); and
determining a sorting result of each ciphertext based on a size relationship between the arrays (e.g. de Perthius, see paragraphs [0066-0073], which discloses using the nonce is composed from a combination of elements (e.g. parameters), which may include one or more of the type of data bits being encrypted, the access rights to the data bits, the status of the microprocessor, the value of a counter, security status, etc. and in which the nonce is stored based on the counter value.).
de Perthuis does not explicitly disclose preventing a first leakage of the first noise value at the electronic device from causing a second leakage of the first comparison result at the electronic device based on linking the first noise value to a ciphertext random number.
Li teaches preventing a first leakage of the first noise value at the electronic device from causing a second leakage of the first comparison result at the electronic device based on linking the first noise value to a ciphertext random number (e.g. Li, see page 18, section 5.3.3, which discloses various leakage rates, where the inference rates of the attacks for different leakage rates about the target backup being inferred. The slight increase in the leakage rate can lead to a significant increase in the inference rate. See further page 27, which discloses encrypted deduplication, where random convergent encryption uses random keys for chunk encryption by adding deterministic tags into ciphertext chunks for checking any duplicates so that the adversary can count the deterministic tags to obtain the frequency distribution.).
De Perthuis is directed to encrypting and decrypting blocks of data using a block cipher with a nonce. Li is directed to information leakage in encrypted deduplication. Both are analogous art because they utilize ciphertext and therefore it would have been obvious to one of ordinary skilled in the art at the time the invention was filed to modify the teachings of De Perthuis with the teachings of Li to include the claimed features with the motivation to improve data privacy using ciphertext.
As per claims 2, 17, and 22, the modified teachings of de Perthuis with Li teaches the method according to claim 1, the non-transitory computer-readable storage medium of claim 15, and the electronic device according to claim 16, respectively, wherein the determining a first noise value of a non-reference ciphertext comprises:
generating a ciphertext random number of the non-reference ciphertext in a cryptographic form as the first noise value of the non-reference ciphertext (e.g. dePerthius, see paragraphs [0057-0063], which discloses a block cipher to be encrypted based on the address in memory.).
As per claims 3, 18, and 23, the modified teachings of de Perthuis with Li teaches the method according to claim 1, the non-transitory computer-readable storage medium of claim 15, and the electronic device according to claim 16, respectively, wherein the updating the reference ciphertext based on the first specified parameter comprises:
determining a second noise value of the reference ciphertext within the value range of the first noise value of the non-reference ciphertext (e.g. dePerthius, see paragraphs [0057-0063], which discloses a block cipher to be encrypted based on the address in memory.);
weighting the reference ciphertext by using the first specified parameter as a weight (e.g. de Perthius, see paragraphs [0061-0069], which discloses using the nonce and key are provided as inputs to the block cipher which encrypts the value of the plaintext to generate the ciphertext, which is then written to memory with the additional information and parameters associated with it); and
updating the reference ciphertext based on a weighted reference ciphertext and the second noise value of the reference ciphertext (e.g. de Perthius, see paragraphs [0066-0073], which discloses using the nonce is composed from a combination of elements (e.g. parameters), which may include one or more of the type of data bits being encrypted, the access rights to the data bits, the status of the microprocessor, the value of a counter, security status, etc.).
As per claims 4, 19, and 24, de Perthuis teaches the method according to claim 1, the non-transitory computer-readable storage medium of claim 15, and the electronic device according to claim 16, respectively, wherein before the comparing a size of an updated reference ciphertext with a size of the to-be-compared ciphertext of the non-reference ciphertext, the method further comprises:
updating the non-reference ciphertext based on the to-be-compared ciphertext of the non- reference ciphertext (e.g. de Perthius, see paragraphs [0061-0069], which discloses using the nonce and key are provided as inputs to the block cipher which encrypts the value of the plaintext to generate the ciphertext, which is then written to memory with the additional information and parameters associated with it); and
the comparing a size of an updated reference ciphertext with a size of the to-be-compared ciphertext of the non-reference ciphertext to obtain a first comparison result of the non- reference ciphertext comprises (e.g. de Perthius, see paragraphs [0069-0077], which discloses the nonce is factored in to obtain both decryption and encryption, where each may be a subarray, where the plaintext is a non-referenced ciphertext that is to be compared.):
comparing the size of the updated reference ciphertext with a size of an updated non- reference ciphertext to obtain the comparison result of the non-reference ciphertext (e.g. de Perthius, see paragraphs [0066-0073], which discloses using the nonce is composed from a combination of elements (e.g. parameters), which may include one or more of the type of data bits being encrypted, the access rights to the data bits, the status of the microprocessor, the value of a counter, security status, etc.).
As per claims 5, 20, and 25, the modified teachings of de Perthuis with Li teaches the method according to claim 1, the non-transitory computer-readable storage medium of claim 15, and the electronic device according to claim 16, respectively, wherein the method further comprises:
determining a second specified parameter based on a reciprocal of the first specified parameter (e.g. dePerthius, see paragraphs [0057-0063], which discloses a block cipher to be encrypted based on the address in memory.); and
for each sorted ciphertext, weighting the sorted ciphertext by using the second specified parameter as a weight, and updating the sorted ciphertext by using an integer part of a weighting result (e.g. de Perthius, see paragraphs [0066-0073], which discloses using the nonce is composed from a combination of elements (e.g. parameters), which may include one or more of the type of data bits being encrypted, the access rights to the data bits, the status of the microprocessor, the value of a counter, security status, etc.).
As per claims 6, 21, and 26, the modified teachings of de Perthuis with Li teaches the method according to claim 1, the non-transitory computer-readable storage medium of claim 15, and the electronic device according to claim 16, respectively, wherein before the dividing the to-be-processed array based on a first comparison result of each non-reference ciphertext, the method further comprises:
for each non-reference ciphertext, determining whether a size of the non-reference ciphertext is equal to the size of the reference ciphertext (e.g. dePerthius, see paragraphs [0057-0063], which discloses a block cipher to be encrypted based on the address in memory.); and
upon determining that the size of the non-reference ciphertext is equal to the size of the reference ciphertext, generating a random number, and determining a second comparison result of the non-reference ciphertext based on a size relationship between the random number and a value threshold within a value range of the random number (e.g. de Perthius, see paragraphs [0061-0069], which discloses using the nonce and key are provided as inputs to the block cipher which encrypts the value of the plaintext to generate the ciphertext, which is then written to memory with the additional information and parameters associated with it); or
upon determining that the size of the non-reference ciphertext is not equal to the size of the reference ciphertext, determining a second comparison result of the non-reference ciphertext based on a size relationship between the non-reference ciphertext and the reference ciphertext (e.g. de Perthius, see paragraphs [0066-0073], which discloses using the nonce is composed from a combination of elements (e.g. parameters), which may include one or more of the type of data bits being encrypted, the access rights to the data bits, the status of the microprocessor, the value of a counter, security status, etc.).
As per claims 7 and 27 the modified teachings of de Perthuis with Li teaches the method according to claim 6 and the electronic device according to claim 26, respectively, wherein the dividing the to-be- processed array based on a first comparison result of each non-reference ciphertext comprises:
determining whether a first comparison result of the non-reference ciphertext is the same as a second comparison result of the non-reference ciphertext (e.g. de Perthius, see paragraphs [0066-0073], which discloses using the nonce is composed from a combination of elements (e.g. parameters), which may include one or more of the type of data bits being encrypted, the access rights to the data bits, the status of the microprocessor, the value of a counter, security status, etc. and in which the nonce is stored based on the counter value.); and
upon determining that the first comparison result of the non-reference ciphertext is the same as a second comparison result of the non-reference ciphertext, determining, based on the first comparison result of the non-reference ciphertext, a subarray corresponding to the non- reference ciphertext (e.g. de Perthius, see paragraphs [0069-0077], which discloses the nonce is factored in to obtain both decryption and encryption, where each may be a subarray, where the plaintext is a non-referenced ciphertext that is to be compared.); or
upon determining that the first comparison result of the non-reference ciphertext is not the same as a second comparison result of the non-reference ciphertext, randomly re- generating a third comparison result of the reference ciphertext, and determining a subarray corresponding to the non-reference ciphertext based on the third comparison result of the reference ciphertext (e.g. de Perthius, see paragraphs [0066-0073], which discloses using the nonce is composed from a combination of elements (e.g. parameters), which may include one or more of the type of data bits being encrypted, the access rights to the data bits, the status of the microprocessor, the value of a counter, security status, etc.).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure. See attached PTO-892 that includes additional prior art of record describing the general state of the art in which the invention is directed to.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to FARHAN M SYED whose telephone number is (571)272-7191. The examiner can normally be reached M-F 8:30AM-5:30PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Apu Mofiz can be reached at 571-272-4080. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/FARHAN M SYED/Primary Examiner, Art Unit 2161 February 24, 2026