Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Information Disclosure Statement
The information disclosure statement (IDS) submitted by applicant dated 11/01/2024 have been considered by the examiner.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-10 are rejected under 35 U.S.C. 103 as being unpatentable over O'Hare (US20180367509A1) in view of Aspinall, David (“Give Me Letters 2, 3 and 6!”: Partial Password Implementations & Attacks), April 2013, in view of Seiler (US 20130051558 A1)
Regarding claim 1, O'Hare teaches a method for reading an encryption/decryption key including at least one first word comprising a plurality of bits, the method comprising:
delivering at least one first set of bits of the first word of the encryption/decryption key (Fig. 35. Para [0202]: the data storage facilities D1 transmit their respective portions of the cryptographic key corresponding to the signing party to the cryptographic engine 220.);
delivering at least one second set of bits of the first word of the encryption/decryption key (Fig. 35. Para [0202]: the data storage facilities D2 transmit their respective portions of the cryptographic key corresponding to the signing party to the cryptographic engine 220.), a combination of the sets of bits of the first word forming the first word (Para [0203]: In step 1120, the cryptographic engine 220 assembles the foregoing cryptographic keys.).
O'Hare does not explicitly disclose comparing, with a first comparison, a first set of bits of an unlocking word including a plurality of bits and of a first set of bits of an access key, the first set of bits of the access key including at least one first bit of the plurality of bits of the access key; (Perform an action) if the first set of bits of the unlocking word is identical to the first set of bits of the access key, the first set of bits being selected from among the plurality of bits of the first word; comparing, with at least one second comparison, a second set of bits of the unlocking word different from the first set of bits of the unlocking word and of a second set of bits of the access key, the second set of bits of the access key including at least one second bit of the plurality of bits of the access key different from the first bit; (perform an action) if the second set of bits of the unlocking word is identical to the second set of bits of the access key.
Aspinall, David teaches comparing, with a first comparison, a first set of bits of an unlocking word including a plurality of bits and of a first set of bits of an access key, the first set of bits of the access key including at least one first bit of the plurality of bits of the access key (Fig. 1. P. 4: Login-The user is presented with a challenge from the password. The user responds by projecting out the requested positions. If the correct response is given between the password and the user response in the correct position, the user has completed partial password authentication. P. 5: the challenge format: the challenge asks for characters in m unique pass word positions, where 1≤m≤n. The positions are queried in ascending order.);
(Perform an action) if the first set of bits of the unlocking word is identical to the first set of bits of the access key, the first set of bits being selected from among the plurality of bits of the first word (Fig. 1. P. 4: Login The user is presented with a challenge from the password. The user responds by projecting out the requested positions. If the correct response is given between the password and the user response in the correct position, the user has completed partial password authentication. P. 5: the challenge format: the challenge asks for characters in m unique pass word positions, where 1≤m≤n. The positions are queried in ascending order.);
comparing, with at least one second comparison, a second set of bits of the unlocking word different from the first set of bits of the unlocking word and of a second set of bits of the access key, the second set of bits of the access key including at least one second bit of the plurality of bits of the access key different from the first bit (Fig. 1. P. 4: the user is presented with a new challenge. The user is presented with a challenge from the password. The user responds by projecting out the requested positions. If the correct response is given between the password and the user response in the correct position, the user has completed partial password authentication. P. 5: the challenge format: the challenge asks for characters in m unique pass word positions, where 1≤m≤n. The positions are queried in ascending order.);
(perform an action) if the second set of bits of the unlocking word is identical to the second set of bits of the access key (Fig. 1. P. 4: the user is presented with a new challenge. The user is presented with a challenge from the password. The user responds by projecting out the requested positions. If the correct response is given between the password and the user response in the correct position, the user has completed partial password authentication. P. 5: the challenge format: the challenge asks for characters in m unique pass word positions, where 1≤m≤n. The positions are queried in ascending order.).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of O'Hare with the teachings of Aspinall, David to include comparing, with a first comparison, a first set of bits of an unlocking word including a plurality of bits and of a first set of bits of an access key, the first set of bits of the access key including at least one first bit of the plurality of bits of the access key; (Perform an action) if the first set of bits of the unlocking word is identical to the first set of bits of the access key, the first set of bits being selected from among the plurality of bits of the first word; comparing, with at least one second comparison, a second set of bits of the unlocking word different from the first set of bits of the unlocking word and of a second set of bits of the access key, the second set of bits of the access key including at least one second bit of the plurality of bits of the access key different from the first bit; (perform an action) if the second set of bits of the unlocking word is identical to the second set of bits of the access key in order to reduced risk of password theft by the attackers (Aspinall, David P.3-P.4).
O'Hare in view of Aspinall, David does not explicitly disclose the first set of bits being selected from among the plurality of bits of the first word; the second set of bits being selected from among the plurality of bits of the first word and different from the bits of the first set of bits.
Seiler teaches the first set of bits being selected from among the plurality of bits of the first word (Para [0027]: the randomizing module 113 selects one or more bits, such as bits e1, e2, e3, e4, e5, e6, e7, e8, e9, e10, e11 (e1-e11) in the (interleaved) physical layer data frame L1, at random positions.);
the second set of bits being selected from among the plurality of bits of the first word and different from the bits of the first set of bits (Para [0027]: the randomizing module 113 selects one or more bits, such as bits e1, e2, e3, e4, e5, e6, e7, e8, e9, e10, e11 (e1-e11) in the (interleaved) physical layer data frame L1, at random positions.).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of O'Hare in view of Aspinall, David with the teachings Seiler to include the first set of bits being selected from among the plurality of bits of the first word; the second set of bits being selected from among the plurality of bits of the first word and different from the bits of the first set of bits in order to enhance the security by increasing the difficulty for an attacker to decipher communication (Seiler Para [0007]).
Regarding claim 2, O'Hare in view of Aspinall, David in view of Seiler teaches the method of claim 1, the encryption/decryption key including at least one second word comprising a plurality of bits, the method further comprising:
delivering at least one first set of bits of the second word of the encryption/decryption key when the first set of bits of the unlocking word is identical to the first set of bits of the access key (O'Hare Fig. 35. Para [0202]: the data storage facilities D1 transmit their respective portions of the cryptographic key corresponding to the signing party to the cryptographic engine 220. Aspinall, David Fig. 1. P. 4: Login The user is presented with a challenge from the password. The user responds by projecting out the requested positions. If the correct response is given between the password and the user response in the correct position, the user has completed partial password authentication. P. 5: the challenge format: the challenge asks for characters in m unique pass word positions, where 1≤m≤n. The positions are queried in ascending order.), the first set of bits of the second word being selected from among the plurality of bits of the second word (Seiler Para [0027]: the randomizing module 113 selects one or more bits, such as bits e1, e2, e3, e4, e5, e6, e7, e8, e9, e10, e11 (e1-e11) in the (interleaved) physical layer data frame L1, at random positions.); and
delivering at least one second set of bits of the second word of the encryption/decryption key if the second set of bits of the unlocking word is identical to the second set of bits of the access key (O'Hare Fig. 35. Para [0202]: the data storage facilities D2 transmit their respective portions of the cryptographic key corresponding to the signing party to the cryptographic engine 220.), the second set of bits of the second word being selected from among the plurality of bits of the second word and different from the bits of the first set of bits of the second word (Seiler Para [0027]: the randomizing module 113 selects one or more bits, such as bits e1, e2, e3, e4, e5, e6, e7, e8, e9, e10, e11 (e1-e11) in the (interleaved) physical layer data frame L1, at random positions.), a combination of the sets of bits of the second word forming the second word and the first word and the second word forming the encryption/decryption key (O'Hare Para [0203]: In step 1120, the cryptographic engine 220 assembles the foregoing cryptographic keys.).
Regarding claim 3, O'Hare in view of Aspinall, David in view of Seiler teaches the method of claim 1, wherein the bits of at least one set of bits of the encryption/decryption key are selected so that the bits do not follow one another (Seiler Para [0027]: Specifically, in step S31, the randomizing module 113 selects one or more bits, such as bits e1, e2, e3, e4, e5, e6, e7, e8, e9, e10, e11 (e1-e11) in the (interleaved) physical layer data frame L1, at random positions.)
Regarding claim 4, O'Hare in view of Aspinall, David in view of Seiler teaches the method of claim 1, wherein when a set of bits of the unlocking word is not identical to a set of bits of the access key, the method further comprising delivering a set of predetermined bits having the same size as the set of bits associated with a comparison (Aspinall, David Fig. 1. P. 4: Login The user is presented with a challenge from the password. The user responds by projecting out the requested positions. If the correct response is given between the password and the user response in the correct position, the user has completed partial password authentication. P. 5: the challenge format: the challenge asks for characters in m unique pass word positions, where 1≤m≤n. The positions are queried in ascending order. Seiler Para [0007]: For making it more difficult for an attacker, randomizing "dummy bits" included in a call, whereby 15 "dummy bits" are defined as bits with pre-defined values reserved for future applications by the protocol.).
Regarding claim 5, O'Hare in view of Aspinall, David in view of Seiler teaches the method of claim 1, wherein the first set of bits of the access key includes the first bit of the access key and a first combination of bits selected from among the plurality of bits of the access key (O'Hare Fig. 35. Para [0202]: the data storage facilities D1 transmit their respective portions of the cryptographic key corresponding to the signing party to the cryptographic engine 220. Aspinall, David Fig. 1. P. 4: Login The user is presented with a challenge from the password. The user responds by projecting out the requested positions. If the correct response is given between the password and the user response in the correct position, the user has completed partial password authentication. P. 5: the challenge format: the challenge asks for characters in m unique pass word positions, where 1≤m≤n. The positions are queried in ascending order. Seiler Para [0027]: the randomizing module 113 selects one or more bits, such as bits e1, e2, e3, e4, e5, e6, e7, e8, e9, e10, e11 (e1-e11) in the (interleaved) physical layer data frame L1, at random positions.), and the second set of bits of the access key includes the second bit and a second combination of bits selected from among the plurality of bits of the unlocking word, the bits of the second combination being different from the first bit, from the second bit and from the bits of the first combination (Seiler Para [0027]: the randomizing module 113 selects one or more bits, such as bits e1, e2, e3, e4, e5, e6, e7, e8, e9, e10, e11 (e1-e11) in the (interleaved) physical layer data frame L1, at random positions.).
As per claims 6-10, the claims claim the system essentially corresponding to themethod claims 1-5 above, and they are rejected, at least for the same reasons.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JUDY BAZNA whose telephone number is (703)756-1258. The examiner can normally be reached Monday - Friday 08:30 AM-05:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached at (571) 272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/JUDY BAZNA/ Examiner, Art Unit 2495
/PONNOREAY PICH/ Primary Examiner, Art Unit 2495