DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13.
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer.
Claims 21-39 are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 1-19 of USPN 11,550,933 (Appl. No: 17/196743). Although the claims at issue are not identical, they are not patentably distinct from each other. (see Claim-Comparison Table below for independent claim 21 of the instant application against Claim 1 of 11,550,933).
Claim
Application#18/895194
Claim
USPN # 11,550,933
21
A method for performing at least one cryptographic operation on first data, the method being performed by a device comprising a processor and non-transitory computer-readable medium storing instructions that, when executed by the processor, cause the device to perform the method, the method comprising:
retrieving, by an application executing on the device, a first private key package from secure storage associated with the device;
extracting, from the first private key package, an encrypted wrapped private key;
sending, by the application to a security service associated with the device, the encrypted wrapped private key for decryption;
receiving, by the application from the security service, a wrapped private key;
sending, by the application to a software cryptographic service associated with the device, the wrapped private key for unwrapping;
sending, by the application to the software cryptographic service, the first data for use in performing the at least one cryptographic operation; and
receiving, by the application from the software cryptographic service, second data, the second data being generated using the first data and a first-private key generated at least in part by unwrapping the wrapped private key.
1
A method for digitally signing data performed by a device comprising a processor and non-transitory computer-readable medium storing instructions that, when executed by the processor, cause the device to perform the method, the method comprising:
retrieving, by an application executing on the device, a first private key package from storage associated with the device; extracting, from the first private key package, an encrypted wrapped private key;
sending, by the application to an operating system security service associated with the device, the encrypted wrapped private key for decryption;
receiving, by the application from the operating system security service, a wrapped private key;
sending, by the application to a software cryptographic service associated with the device, the wrapped private key for unwrapping;
sending, by the application to the software cryptographic service, data to be signed by the software cryptographic service; and receiving, by the application from the software cryptographic service, a digital signature associated with the data generated using a private signing key generated at least in part by decrypting the wrapped private key.
Claims 22-39 of the instant application is equivalent in scope with Claims 2-19 of USPN 11,550,933.
Claims 21-39 are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 1-20 of USPN 12,124,594 (Appl. No: 18/094179). Although the claims at issue are not identical, they are not patentably distinct from each other. They both involve retrieving key package, extracting encrypted wrapped private key, sending the encrypted wrapped private key, receiving a wrapped private key, sending the wrapped private key and data, and receiving second data based on the wrapped private key.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 21-22 and 24-39 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
As per claim 21, the claim recites “sending, by the application to a security service associated with the device, the encrypted wrapped private key for decryption; receiving, by the application from the security service, a wrapped private key”. It is unclear if the security service decrypts the encrypted wrapped private or if another device/entity decrypts the encrypted wrapped private and then provides the wrapped private key to the security service which then provides it to the application. The examiner notes that dependent claim 23 clarifies the issues.
Dependent claims 22 and 24-39 depend on claim 21 and they do not further clarify the issues therefore they are also rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph.
Allowable Subject Matter
Claims 21-39 would be allowable if a terminal disclaimer is timely filed to overcome the double patenting rejection, and if rewritten or amended to overcome the rejection(s) under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), 2nd paragraph, set forth in this Office action.
The closest prior art made of record are:
Hwangbo US 2003/0154376 teaches a system and method for a public key infrastructure(PKI)-based private key and a digital certificate for certificate for certification and security. Issuing the private key and digital certificate and providing a digital signature and may be used in conjunction with a memorized password by the user.
Zhang et al. US 2013/0091353 teaches a system and method for secure communication. Transferring a client device certificate and an associated encrypted client private key to a client device from a secure device. The secure device receives over a secure connection, a secure device certificate, a secure device private key and a plurality of client device certificates. Each client certificate is associated with a bootstrap public key but is not assigned to any particular client device. A plurality of encrypted client private keys is also received. The encrypted client private keys are stored in double encrypted protected form.
Monica et al. US 2021/0056548 teaches systems and methods for receiving a request to take an action in a cryptoasset custodial system for an account holder; authenticating a policy map associated with the action, and validating endorsement messages for the action by checking digital signatures of the received endorsement messages, wherein at least one of the validated endorsement messages has been generated by digital signing with a first private key of a person, who is associated with the account holder, and at least one of the validated endorsement messages has been generated by digital signing with a second private key of a program, which is associated with the account holder.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HENRY TSANG whose telephone number is (571)270-7959. The examiner can normally be reached M-F 9am - 5pm EST.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached at (571) 272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/HENRY TSANG/ Primary Examiner, Art Unit 2495