Prosecution Insights
Last updated: July 17, 2026
Application No. 18/908,201

HOMOMORPHIC ENCRYPTION SYSTEM AND OPERATING METHOD THEREOF

Non-Final OA §101§103§112
Filed
Oct 07, 2024
Priority
Dec 05, 2023 — RE 10-2023-0174888
Examiner
ALI, AFAQ
Art Unit
2434
Tech Center
2400 — Computer Networks
Assignee
Samsung Electronics Co., Ltd.
OA Round
1 (Non-Final)
90%
Grant Probability
Favorable
1-2
OA Rounds
8m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 90% — above average
90%
Career Allowance Rate
123 granted / 137 resolved
+31.8% vs TC avg
Moderate +13% lift
Without
With
+13.3%
Interview Lift
resolved cases with interview
Typical timeline
2y 5m
Avg Prosecution
18 currently pending
Career history
168
Total Applications
across all art units

Statute-Specific Performance

§101
2.2%
-37.8% vs TC avg
§103
90.8%
+50.8% vs TC avg
§102
0.6%
-39.4% vs TC avg
§112
2.5%
-37.5% vs TC avg
Black line = Tech Center average estimate • Based on career data from 137 resolved cases

Office Action

§101 §103 §112
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Detailed Action Claims 1-20 are pending Priority This application is based on and claims priority under 35 U.S.C. § 119 to Korean Patent Application No. 10-2023-0174888, filed on Dec. 5, 2023. Therefore, the effective filing date of this application is 12/05/2023. Drawings The drawings are objected to because there is typo in S1230 of Figure 12 “PLURLAITY RESULT VALUES”. Examiner suggests correcting this to “PLURALITY OF RESULT VALUES”. Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. The figure or figure number of an amended drawing should not be labeled as “amended.” If a drawing figure is to be canceled, the appropriate figure must be removed from the replacement sheet, and where necessary, the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional replacement sheets may be necessary to show the renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance. Specification The specification filed on 10/07/2024 is acceptable for examination proceedings. Information Disclosure Statement The information disclosure statements (IDS) submitted on 10/07/2024 and 05/15/2025. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statements have been considered by the examiner. Claim Objections Claims 5 and 13 are objected to because they recite the limitation “a plurality of second operation values generated from performing at least one homomorphic operation based on the plurality of first operation values”. Examiner suggests amending this to “a plurality of second operation values generated by performing at least one homomorphic operation on the plurality of first operation values …”. Appropriate correction is required. Claim 16 is objected to because it recites the limitation “configured to perform, for a first conditional operation, performing a plurality of operations”. Examiner suggests amending this to “configured to perform, for a first conditional operation, a plurality of operations”. Appropriate correction is required. Claim Interpretation The following is a quotation of 35 U.S.C. 112(f): (f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art. The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is invoked. As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph: (A) the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; (B) the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and (C) the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier. Such claim limitation(s) are: “a host configured to generate an input ciphertext” in claim 16 “a host … configured to perform … a plurality of operations” in claim 16 “… the host is configured to perform a plurality of conditional operations on the input ciphertext” in claim 17 “… the host is configured to … generate an operation value for at least one operation corresponding to one condition path by performing a polynomial approximation operation” in claim 18 “… the host is configured to generate the input ciphertext by performing a multiplication operation on the ciphertext” in claim 19 “… the host is configured to generate a plurality of second operation values” in claim 20 Because these claim limitation(s) are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, they are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof. See para. [0132] for hardware support for “a host” See para. [0008, 0083] for functional support for “a host configured to generate an input ciphertext” See para. [0008, 0048, 0049] for functional support for “a host … configured to perform … a plurality of operations” See para. [0008, 0035, 0036] for functional support for “the host is configured to … generate an operation value for at least one operation corresponding to one condition path by performing a polynomial approximation operation” See para. [0008, 0083] for functional support for “… the host is configured to generate the input ciphertext by performing a multiplication operation on the ciphertext” See para. [0008, 0035, 0036] for functional support for “… the host is configured to generate a plurality of second operation values” If applicant does not intend to have these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, applicant may: (1) amend the claim limitation(s) to avoid them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. Claims 2, 3, 10, and 11 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Claims 2 and 10 recite the limitation " first conditional operation is selected among the plurality of conditional operations based on a number of the first conditional operation allocated to the homomorphic encryption device." It is not clear what is meant by “based on a number of the first conditional operation allocated”. Is it a rank of the first conditional operation or a number of times the first conditional operation is allocated? The specification of the current application states in para. 0072 “the homomorphic encryption operation device 200 may perform a first non-trivial operation as it is based on the number of times of non-trivial operations allocated to the homomorphic encryption device.” For the purpose of examination Examiner is interpreting this limitation as “first conditional operation is selected among the plurality of conditional operations based on a number of times the first conditional operation is allocated to the homomorphic encryption device.” Appropriate correction is required. Claims 3 and 11 depend on claims 2 and 10. Therefore, they also inherit the rejection. Double Patenting The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13. The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer. Claims 1, 9, and 16 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1, 9, 10, and 17 of U.S. Patent No. US 11818243 B2. Although the claims at issue are not identical, they are not patentably distinct from each other because the corresponding claims further recite similar/same limitations of the same subject matter. Current application 18/908,201 U.S. Patent No. US 11818243 B2 1. A homomorphic encryption device, comprising: an encryption circuit configured to encrypt original data into a ciphertext by using a homomorphic encryption algorithm, and provide, to a homomorphic encryption operation device, the ciphertext based on which an input ciphertext is generated and, for a first conditional operation, a plurality of operations corresponding to a plurality of condition paths are performed on the input ciphertext, each of the plurality of condition paths including at least one operation condition; a decryption circuit configured to receive, from the homomorphic encryption operation device, a plurality of first operation values generated from the plurality of operations, and decrypt the plurality of first operation values; and a post processor configured to receive, from the homomorphic encryption operation device, information about the input ciphertext and a plurality of operation conditions included in the plurality of condition paths, and select one of the plurality of decrypted first operation values based on the received information. 1. An encryption device, comprising: a parameter generating circuit configured to generate an encryption parameter including a number of initial valid bits based on an operation scenario; an encryption circuit configured to generate a cipher text by encrypting a plain text received from the outside, based on the encryption parameter; an operation circuit configured to generate a final cipher text by performing a plurality of operations on the cipher text according to the operation scenario and to tag, to the final cipher text, history information of the operations performed on the final cipher text; and a decryption circuit configured to generate a decrypted plain text by decrypting the final cipher text and to output a number of reliable bits of the decrypted plain text based on the history information. 9. The encryption device of claim 7, wherein the operation circuit is further configured to tag, to the cipher text, history information of operations performed on the cipher text while the plurality of operations included in the operation scenario are performed on the cipher text. 10. An operating method of an encryption device, the method comprising: generating an encryption parameter including a number of initial valid bits based on an operation scenario of a homomorphic operation 16. A solid state drive (SSD) system comprising: an SSD configured to encrypt original data into a ciphertext by using a homomorphic encryption algorithm; and a host configured to generate an input ciphertext based on the ciphertext and configured to perform, for a first conditional operation, performing a plurality of operations corresponding to a plurality of operation conditions on the input ciphertext, to generate a plurality of first operation values for the input ciphertext, wherein the SSD is further configured to decrypt the plurality of first operation values and select one of the plurality of decrypted first operation values based on information on the input ciphertext and the plurality of operation conditions. 17. A storage controller, comprising: a parameter generating circuit configured to generate an encryption parameter including a number of initial valid bits based on an operation scenario of a homomorphic operation and output the encryption parameter to a host; and an operation circuit configured to receive, from the host, a cipher text encrypted according to the encryption parameter, generate a final cipher text by performing at least one homomorphic operation on the cipher text according to the operation scenario, and output the final cipher text to the host, wherein the initial valid bits are valid bits included in the cipher text before the at least one homomorphic operation is or are performed, and wherein the operation scenario includes the at least one homomorphic operation to be performed on the cipher text. Claim 9 recites of similar features of claim 1. Therefore, claim 9 is also rejected in a similar manner. Claims 1, 9, and 16 are rejected on the ground of nonstatutory double patenting as being unpatentable over claim 12 of U.S. Application No. 17/872,180. Although the claims at issue are not identical, they are not patentably distinct from each other because the corresponding claims further recite similar/same limitations of the same subject matter. A Notice of Allowance has been issued for this application. However, a patent number has not been issued. Current application 18/908,201 U.S. Application No. 17/872,180 1. A homomorphic encryption device, comprising: an encryption circuit configured to encrypt original data into a ciphertext by using a homomorphic encryption algorithm, and provide, to a homomorphic encryption operation device, the ciphertext based on which an input ciphertext is generated and, for a first conditional operation, a plurality of operations corresponding to a plurality of condition paths are performed on the input ciphertext, each of the plurality of condition paths including at least one operation condition; a decryption circuit configured to receive, from the homomorphic encryption operation device, a plurality of first operation values generated from the plurality of operations, and decrypt the plurality of first operation values; and a post processor configured to receive, from the homomorphic encryption operation device, information about the input ciphertext and a plurality of operation conditions included in the plurality of condition paths, and select one of the plurality of decrypted first operation values based on the received information. 12. A storage system operating method for a storage system including a host and a storage device, the storage system operating method comprising: encrypting a first plaintext in the storage device to generate a first homomorphic ciphertext with a first level among a plurality of levels, wherein a level of the first homomorphic ciphertext is directly proportional to a maximum number of operations that can be performed on the first homomorphic ciphertext while preserving decryptability, and wherein a level of the first homomorphic ciphertext is directly proportional to a length of the first homomorphic ciphertext; communicating the first homomorphic ciphertext from the storage device to the host; performing, in the host, a bootstrapping operation using the first homomorphic ciphertext to generate a second homomorphic ciphertext with a second level greater than the first level; generating in the host a third homomorphic ciphertext with the first level by performing an operation between the second homomorphic ciphertext and another homomorphic ciphertext; communicating the third homomorphic ciphertext from the host to the storage device; and generating in the storage device a second plaintext by decrypting the third homomorphic ciphertext, wherein the length of the first homomorphic ciphertext and the third homomorphic ciphertext is a smallest length such that each of the first homomorphic ciphertext and the third homomorphic ciphertext is decryptable. Claims 9 and 16 recite of similar features of claim 1. Therefore, claims 9 and 16 are also rejected in a similar manner. Claims 1, 9, and 16 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims1 of U.S. Patent No. US 11575502 B2. Although the claims at issue are not identical, they are not patentably distinct from each other because the corresponding claims further recite similar/same limitations of the same subject matter. Current application 18/908,201 U.S. Patent No. US 11575502 B2 1. A homomorphic encryption device, comprising: an encryption circuit configured to encrypt original data into a ciphertext by using a homomorphic encryption algorithm, and provide, to a homomorphic encryption operation device, the ciphertext based on which an input ciphertext is generated and, for a first conditional operation, a plurality of operations corresponding to a plurality of condition paths are performed on the input ciphertext, each of the plurality of condition paths including at least one operation condition; a decryption circuit configured to receive, from the homomorphic encryption operation device, a plurality of first operation values generated from the plurality of operations, and decrypt the plurality of first operation values; and a post processor configured to receive, from the homomorphic encryption operation device, information about the input ciphertext and a plurality of operation conditions included in the plurality of condition paths, and select one of the plurality of decrypted first operation values based on the received information. 1. A homomorphic encryption processing device comprising: processing circuitry configured to generate ciphertext operation level information based on field information, the field information representing a technology field to which homomorphic encryption processing is applied, the ciphertext operation level information representing a maximum number of multiplication operations between homomorphic ciphertexts without a bootstrapping process; select and output a homomorphic encryption parameter based on the ciphertext operation level information; and perform one of a homomorphic encryption, a homomorphic decryption and a homomorphic operation, based on the homomorphic encryption parameter, wherein the field information corresponds to one of a plurality of technology fields, and the plurality of technology fields are classified according to a size of an amount of computational quantity of the homomorphic operation. Claims 9 and 16 recite of similar features of claim 1. Therefore, claims 9 and 16 are also rejected in a similar manner. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1-20 are rejected under 35 U.S.C. 101 because they directed to an abstract idea. Claim 1 is rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The claim recites a judicial exception (an abstract idea) that is not integrated into a practical application. Step 1: Statutory Category Claim 1 satisfies the statutory category requirement because it is directed to a homomorphic encryption device comprising circuits and a post processor claim under 35 U.S.C. 101(a). Step 2A, Prong 1 – Judicial Exception (Abstract Area) The claim recites a homomorphic encryption device, comprising: an encryption circuit configured to encrypt original data into a ciphertext by using a homomorphic encryption algorithm, and provide, to a homomorphic encryption operation device, the ciphertext based on which an input ciphertext is generated and, for a first conditional operation, a plurality of operations corresponding to a plurality of condition paths are performed on the input ciphertext, each of the plurality of condition paths including at least one operation condition; a decryption circuit configured to receive, from the homomorphic encryption operation device, a plurality of first operation values generated from the plurality of operations, and decrypt the plurality of first operation values; and a post processor configured to receive, from the homomorphic encryption operation device, information about the input ciphertext and a plurality of operation conditions included in the plurality of condition paths, and select one of the plurality of decrypted first operation values based on the received information. The limitation of an encryption circuit configured to encrypt original data into a ciphertext by using a homomorphic encryption algorithm, and provide, to a homomorphic encryption operation device, the ciphertext based on which an input ciphertext is generated and, for a first conditional operation, a plurality of operations corresponding to a plurality of condition paths are performed on the input ciphertext, each of the plurality of condition paths including at least one operation condition, as drafted, is a process that, under its broadest reasonable interpretation, covers steps that can be performed in the mind. A user can manually encrypt original data into a ciphertext by using a homomorphic encryption algorithm, generate input ciphertext a perform a plurality of operations corresponding to a plurality of condition paths on the input ciphertext. The limitation of a decryption circuit configured to receive, from the homomorphic encryption operation device, a plurality of first operation values generated from the plurality of operations, and decrypt the plurality of first operation values, as drafted, is a process that, under its broadest reasonable interpretation, covers steps that can be performed in the mind. A user can manually receive plurality of first operation values and decrypt the plurality of first operation values. The limitation of a post processor configured to receive, from the homomorphic encryption operation device, information about the input ciphertext and a plurality of operation conditions included in the plurality of condition paths, and select one of the plurality of decrypted first operation values based on the received information, as drafted, is a process that, under its broadest reasonable interpretation, covers steps that can be performed in the mind. A user can manually receive information about the input ciphertext and a plurality of operation conditions included in the plurality of condition paths, and select one of the plurality of decrypted first operation values based on the received information. Step 2A, Prong 2 – Integration into a practical Application This judicial exception is not integrated into a practical application. The claim recites of an encryption circuit encrypting original data into a ciphertext and sending to a homomorphic encryption operation device to perform operations, receiving at a decryption circuit operation values to decrypt, and a post processor selecting one of the plurality of decrypted first operation values based on the received information. The claim only recites of encrypting, performing operation on the encrypted data, decrypting, and selecting decrypted data. Merely selecting one of the plurality of decrypted first operation values based on the received information does not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. The claim is directed to an abstract idea. Step 2B- “Significantly More” (Inventive concept) The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception. In particular, the claim only recites additional elements of “circuit” and “processor” recited at a high-level of generality (i.e., as a generic processor and circuit) such that it amounts no more than mere instructions to apply the exception using a generic processor and circuit. Mere instructions to apply an exception using a generic processor and circuit cannot provide an inventive concept. The claim is not patent eligible. Claim 2 is rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. This claim recites of wherein a plurality of conditional operations are performed on the input ciphertext in the homomorphic encryption operation device, and the first conditional operation is selected among the plurality of conditional operations based on a number of the first conditional operation allocated to the homomorphic encryption device. Therefore, the limitations of this claim, as drafted, is a process that, under its broadest reasonable interpretation, covers steps that can also be performed in the mind. A user can manually perform a plurality of conditional operations and select the first conditional operation among the plurality of conditional operations based on a number of the first conditional operation allocated to the homomorphic encryption device. Claim 3 is rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. This claim recites of wherein the decryption circuit is further configured to receive, for each of remaining conditional operations of the plurality of conditional operations other than the first conditional operation, an operation value for at least one operation corresponding to one condition path from the homomorphic encryption operation device. Therefore, the limitations of this claim, as drafted, is a process that, under its broadest reasonable interpretation, covers steps that can also be performed in the mind. A user can manually receive, for each of remaining conditional operations of the plurality of conditional operations other than the first conditional operation, an operation value for at least one operation corresponding to one condition path from the homomorphic encryption operation device. Claim 4 is rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. This claim recites of wherein the post processor is further configured to receive information about the input ciphertext generated based on a multiplication operation on the ciphertext, from the homomorphic encryption operation device. Therefore, the limitations of this claim, as drafted, is a process that, under its broadest reasonable interpretation, covers steps that can also be performed in the mind. A user can manually receive information about the input ciphertext generated based on a multiplication operation on the ciphertext, from the homomorphic encryption operation device. Claim 5 is rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. This claim recites of wherein the decryption circuit is further configured to receive, from the homomorphic encryption operation device, a plurality of second operation values generated from performing at least one homomorphic operation based on the plurality of first operation values, and decrypt the plurality of second operation values, and wherein the post processor is further configured to select one of the plurality of decrypted second operation values based on the input ciphertext and the information about the plurality of operation conditions. Therefore, the limitations of this claim, as drafted, is a process that, under its broadest reasonable interpretation, covers steps that can also be performed in the mind. A user can manually receive, from the homomorphic encryption operation device, a plurality of second operation values generated from performing at least one homomorphic operation based on the plurality of first operation values, and decrypt the plurality of second operation values and select one of the plurality of decrypted second operation values based on the input ciphertext and the information about the plurality of operation conditions. Claim 6 is rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. This claim recites of wherein the first conditional operation comprises one of a Max operation, a Min operation, a pooling operation, a decision tree operation, a rectified linear unit (ReLU) operation, a leaky ReLU operation, and an activation operation. Therefore, the limitations of this claim, as drafted, is a process that, under its broadest reasonable interpretation, covers steps that can also be performed in the mind. A user can manually determine the first conditional operation comprises one of a Max operation, a Min operation, a pooling operation, a decision tree operation, a rectified linear unit (ReLU) operation, a leaky ReLU operation, and an activation operation. Claim 7 is rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. This claim recites of wherein the post processor is further configured to select a first operation value corresponding to one condition path determined based on the input ciphertext and the plurality of operation conditions from among the plurality of decrypted first operation values. Therefore, the limitations of this claim, as drafted, is a process that, under its broadest reasonable interpretation, covers steps that can also be performed in the mind. A user can manually select a first operation value corresponding to one condition path determined based on the input ciphertext and the plurality of operation conditions from among the plurality of decrypted first operation values. Claim 8 is rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. This claim recites of wherein the plurality of operations comprise an operation that generates the plurality of first operation values by bypassing the first conditional operation on the input ciphertext. Therefore, the limitations of this claim, as drafted, is a process that, under its broadest reasonable interpretation, covers steps that can also be performed in the mind. A user can manually generate the plurality of first operation values by bypassing the first conditional operation on the input ciphertext. Claim 9 is rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The claim recites a judicial exception (an abstract idea) that is not integrated into a practical application. Step 1: Statutory Category Claim 9 satisfies the statutory category requirement because it is directed to a method under 35 U.S.C. 101(a). Step 2A, Prong 1 – Judicial Exception (Abstract Area) The same Step 2A, Prong 1 analysis as seen in the rejection of claim 1 applies. Step 2A, Prong 2 – Integration into a practical Application The same Step 2A, Prong 2 analysis as seen in the rejection of claim 1 applies. Step 2B- “Significantly More” (Inventive concept) The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception. In particular, the claim only recites one additional element of “device” recited at a high-level of generality (i.e., as a generic processor implementing the instructions) such that it amounts no more than mere instructions to apply the exception using a generic device. Mere instructions to apply an exception using a generic device cannot provide an inventive concept. The claim is not patent eligible. Claims 10-15 are parallel to claims 2-5, 7, and 8. Therefore, the same rejection applies. Claim 16 is rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The claim recites a judicial exception (an abstract idea) that is not integrated into a practical application. Step 1: Statutory Category Claim 16 satisfies the statutory category requirement because it is directed to a solid state drive (SSD) system under 35 U.S.C. 101(a). Step 2A, Prong 1 – Judicial Exception (Abstract Area) The same Step 2A, Prong 1 analysis as seen in the rejection of claim 1 applies. Step 2A, Prong 2 – Integration into a practical Application The same Step 2A, Prong 2 analysis as seen in the rejection of claim 1 applies. Step 2B- “Significantly More” (Inventive concept) The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception. In particular, the claim only recites one additional element of “solid state drive (SSD)” recited at a high-level of generality (i.e., as a non-transitory memory device) such that it amounts no more than mere instructions to apply the exception using a generic non-transitory memory device. Mere instructions to apply an exception using a generic SSD cannot provide an inventive concept. The claim is not patent eligible. Claims 17, 18, and 20 recite features similar to that of claims 2, 3, and 5. Therefore, claims 17, 18, and 20 are rejected in a similar manner as in the rejection of claims 2, 3, and 5. Claim 19 is rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. This claim recites of wherein the host is configured to generate the input ciphertext by performing a multiplication operation on the ciphertext. Therefore, the limitations of this claim, as drafted, is a process that, under its broadest reasonable interpretation, covers steps that can also be performed in the mind. A user can manually generate the input ciphertext by performing a multiplication operation on the ciphertext. The dependent claims 2-8, 10-15, and 17-20 are directed to abstract ideas and do not include additional elements that are sufficient to amount to significantly more than the judicial exception. This judicial exception is not integrated into a practical application. Therefore, the claims are not patent eligible. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-7, and 9-14 are rejected under 35 U.S.C. 103 as being unpatentable over JACKSON (US-20220085972-A1) in view of KUMAR (US-20220414023-A1), hereinafter JACKSON-KUMAR. Regarding claim 1, JACKSON teaches “A homomorphic encryption device, comprising: an encryption circuit configured to encrypt original data into a ciphertext by using a homomorphic encryption algorithm, ([JACKSON, para. 0016] “Embodiments herein further provide operations that can be performed by a fully homomorphic encryption system including a client and a server.”) ([JACKSON, para. 0032] “In some embodiments based on a CKKS related FHE scheme, key generator 111 can generate private key 119, public key 116, and an evaluation key based on sampling a secret polynomial and modulo operations. Encryption generator 113 can use an encryption algorithm to generate a ciphertext ct based on sampling an ephemeral secret polynomial.”) ([JACKSON, para. 0032] “client 101 can also include key generator 111, encryption generator 113, and decryption generator 115, which together can form a fully homomorphic encryption scheme.”) ([JACKSON, para. 0029] “In some embodiments, message 106 can be encoded into one or more unencrypted numbers, e.g., unencrypted number 102 and unencrypted number 104. An error may be introduced when message 106 is encoded into one or more unencrypted number. Encryption generator 113 can receive unencrypted number 102, unencrypted number 104, some keys, such as public key 116, and generate one or more corresponding encrypted numbers, e.g., encrypted number 112 and encrypted number 114.”) and provide, to a homomorphic encryption operation device, the ciphertext based on which an input ciphertext is generated and, for a first conditional operation, a plurality of operations corresponding to a plurality of condition paths are performed on the input ciphertext, each of the plurality of condition paths including at least one operation condition; ([JACKSON, para. 0033] “In some embodiments, server 103 can include communication interface 131, operation evaluator 133, and memory 141 storing operation set 135. Communication interface 131 can receive, from client 101, public key 116 of a FHE scheme and one or more encrypted numbers, e.g., encrypted number 112 and encrypted number 114, which can be saved into memory 141. Operation evaluator 133 can perform a set of operations as indicated by operation set 135. Operation set 135 can include a square root function 137, a ReLU 134, or a multiplicative inverse function 136 on the one or more encrypted numbers, e.g., encrypted number 112 and encrypted number 114, to generate an encrypted operational result 138. Operation set 135 can further include a multiplication or an addition. The encrypted operational result 138 generated by operations in operation set 135 can be an approximation of performing an algebraic operation 132 on the one or more encrypted numbers.”) ([JACKSON, para. 0034] “In some embodiments, algebraic operation 132 can include many different algebraic operations, such as a maximum operation, a minimum operation”) ([JACKSON, para. 0035] “In some embodiments, when algebraic operation 132 is ReLU to be performed on encrypted number x …”) ([JACKSON, para. 0036] “In some embodiments, when algebraic operation 132 is a multiplicative inverse function”) ([JACKSON, para. 0038] “In some embodiments, algebraic operation 132 can further include an operation selected from general linear algebra, matrix inverse, polynomial regression, multiplicative depth of HE multiplication …”) a decryption circuit configured to receive, from the homomorphic encryption operation device, a plurality of first operation values generated from the plurality of operations, and decrypt the plurality of first operation values; and ([JACKSON, para. 0021] “In some embodiments, client 101 can include … a decryption generator 115”) ([JACKSON, para. 0028] “decryption generator 115 can decrypt an encrypted number using private keys 119 associated with public key 116.”) ([JACKSON, para. 0039] “In some embodiments, server 103 can transmit to client 101, the encrypted operational result 138. In client 101, the encrypted operational result 138 can be decrypted using at least private key 119 associated with the public key 116 to generate a decrypted operational result 118.”) ([JACKSON, para. 0046] “as shown in FIG. 1, server 103 can transmit encrypted operational result 138 to client 101. Client 101 can decrypt encrypted operational result 138 using at least private key 119 associated with public key 116 to generate decrypted operational result 118.”) ([JACKSON, para. 0009] “The computation results are in an encrypted form, which when decrypted obtain an output identical to that which would have been produced had the operations been performed on the unencrypted data.”) However, JACKSON does not teach “… a post processor configured to receive, from the homomorphic encryption operation device, information about the input ciphertext and a plurality of operation conditions included in the plurality of condition paths, and select one of the plurality of decrypted first operation values based on the received information.” In analogous teaching KUMAR teaches “… a post processor configured to receive, from the [homomorphic] encryption operation device, information about the input ciphertext and a plurality of operation conditions included in the plurality of condition paths, and select one of the plurality of decrypted first operation values based on the received information. ([KUMAR, para. 0021] “The computing environment 100 includes a … general purpose shared register files (GPRs) 125”) ([KUMAR, para. 0029] “Reference will now be made to various entities which may be involved in encrypted data processing (EDAP) of sensitive data. Within a computer network environment … a platform provider (PP) may provide virtual machines or other cloud infrastructure (e.g., CPU 122 and CPU 300) for computations.”) ([KUMAR, para. 0033] “In embodiments, the cleartext local buffer 335 only stores cleartext data which had tags 312 indicating the corresponding data was encrypted within GPRs 310. Thereafter, the reference thread ID 360 provided by, for example, the PP, can be received such that the thread can be authorized for computation by the ALU 340 with access to the cleartext local buffer 335.”) ([KUMAR, para. 0039] “each register entry within GPRs 310 can include tags 312 (e.g., a designated bit placeholder) indicating whether the data is in cleartext or ciphertext. Thus, the IFU 305 can be configured to read each register entry to determine whether data is encrypted or not”) ([KUMAR, para. 0041] “tags 312 associated with each piece of data can further indicate the owner of the data. For example, the tags 312 can indicate an owner of the data in addition to whether the data is in cleartext or ciphertext. As such, there may be a designated bit (or multiple bits) placeholder within tags 312 indicating a data owner and a second designated bit placeholder within tags 312 indicating whether or not the data is encrypted.”) ([KUMAR, para. 0037] “a determination can be made whether ciphertext data required to be processed from the GPRs 310 is already included in the cleartext local buffer 335. If the data is already included as cleartext within the cleartext local buffer 335 (e.g., a hit occurs), then multiplexer (MUX) 370 selects data from the cleartext local buffer 335. Otherwise, the MUX 370 selects the data which was decrypted by the decryption module 325. Similarly, the MUX 370 can receive a signal from the comparator 345 to determine whether the secure thread ID 330 is verified based on a comparison to the reference thread ID 360. If the secure thread ID 330 is verified, then the MUX 370 permits processing of the data within ALU 340. Otherwise, the MUX 370 can transmit a signal preventing processing of data within the ALU 340.”) [Examiner’s note: Examiner is interpreting the tags 312 of KUMAR to teach information about the input ciphertext and a plurality of operation conditions. KUMAR teaches the tag indicates indicate an owner of the data in addition to whether the data is in cleartext or ciphertext. Examiner is interpreting the owner of the data as information about the input ciphertext and the tag indicating whether the data has been encrypted or in plaintext as information about a plurality of operation conditions.] KUMAR does not teach of specifically homomorphic encryption. Examiner is relying on JACKSON to teach this limitation as seen in the rejection above. Thus, given the teaching of KUMAR, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teaching of selecting one of the plurality of decrypted first operation values based on the received information by KUMAR into a homomorphic encryption device by JACKSON. One of ordinary skill in the art would have been motivated to do so because KUMAR recognizes the need to improve performance of a computer system ([KUMAR, para. 0017] “decrypting and encrypting data of each instruction adds to the latency of instruction execution and can significantly slow down overall performance of the system. There is a need to maintain security within an EDAP design while improving performance of the underlying computer system.”) ([KUMAR, para. 0018] “Aspects of the present disclosure relate to a method for encrypted data processing. Ciphertext data within a register file can be accessed. A local buffer within a functional unit can be accessed to attempt to locate cleartext data corresponding to the ciphertext data within the register file.”) Regarding claim 9, this claim recites of a method that performs steps similar to the features of homomorphic encryption device of claim 1. Therefore, claim 9 is rejected in a similar manner as in the rejection of claim 1. Regarding claims 2 and 10, JACKSON-KUMAR teach all limitations of claims 1 and 9. JACKSON further teaches “wherein a plurality of conditional operations are performed on the input ciphertext in the homomorphic encryption operation device, and the first conditional operation is selected among the plurality of conditional operations based on a number of the first conditional operation allocated to the homomorphic encryption device. ([JACKSON, para. 0033] “In some embodiments, server 103 can include communication interface 131, operation evaluator 133, and memory 141 storing operation set 135. … Operation evaluator 133 can perform a set of operations as indicated by operation set 135. Operation set 135 can include a square root function 137, a ReLU 134, or a multiplicative inverse function 136 on the one or more encrypted numbers, e.g., encrypted number 112 and encrypted number 114, to generate an encrypted operational result 138. Operation set 135 can further include a multiplication or an addition. The encrypted operational result 138 generated by operations in operation set 135 can be an approximation of performing an algebraic operation 132 on the one or more encrypted numbers.”) ([JACKSON, para. 0041] “In some embodiments, the approximation of algebraic operation 132 are not arbitrary operations, instead the approximation is based on operation set 135 that includes only the square root function, the ReLU, the multiplicative inverse function, the multiplication, or the addition, without any other operations.”) Regarding claims 3 and 11, JACKSON-KUMAR teach all limitations of claims 2 and 10. JACKSON further teaches “wherein the decryption circuit is further configured to receive, for each of remaining conditional operations of the plurality of conditional operations other than the first conditional operation, an operation value for at least one operation corresponding to one condition path from the homomorphic encryption operation device. ([JACKSON, para. 0028] “decryption generator 115 can decrypt an encrypted number using private keys 119 associated with public key 116.”) ([JACKSON, para. 0039] “In some embodiments, server 103 can transmit to client 101, the encrypted operational result 138. In client 101, the encrypted operational result 138 can be decrypted using at least private key 119 associated with the public key 116 to generate a decrypted operational result 118.”) ([JACKSON, para. 0046] “as shown in FIG. 1, server 103 can transmit encrypted operational result 138 to client 101. Client 101 can decrypt encrypted operational result 138 using at least private key 119 associated with public key 116 to generate decrypted operational result 118.”) ([JACKSON, para. 0009] “The computation results are in an encrypted form, which when decrypted obtain an output identical to that which would have been produced had the operations been performed on the unencrypted data.”) ([JACKSON, para. 033] “Operation evaluator 133 can perform a set of operations as indicated by operation set 135. Operation set 135 can include a square root function 137, a ReLU 134, or a multiplicative inverse function 136 on the one or more encrypted numbers, e.g., encrypted number 112 and encrypted number 114, to generate an encrypted operational result 138.”) Regarding claims 4 and 12, JACKSON-KUMAR teach all limitations of claims 1 and 9. JACKSON further teaches “wherein the post processor is further configured to receive information about the input ciphertext generated based on a multiplication operation on the ciphertext, from the homomorphic encryption operation device. ([JACKSON, para. 0033] “Operation set 135 can further include a multiplication or an addition. The encrypted operational result 138 generated by operations in operation set 135 can be an approximation of performing an algebraic operation 132 on the one or more encrypted numbers.”) ([JACKSON, para. 0016] “The server can further transmit to the client the encrypted operational result. At the client, the encrypted operational result can be decrypted using at least a private key associated with the public key of the FHE scheme to generate a decrypted operational result. The decrypted operational result generated by the client is equivalent to a direct operational result obtained by performing the algebraic operation on one or more corresponding unencrypted numbers, where the one or more encrypted numbers are generated by encrypting the one or more corresponding unencrypted numbers using the public key.”) Regarding claims 5 and 13, JACKSON-KUMAR teach all limitations of claims 1 and 9. JACKSON further teaches “wherein the decryption circuit is further configured to receive, from the homomorphic encryption operation device, a plurality of second operation values generated from performing at least one homomorphic operation based on the plurality of first operation values, and decrypt the plurality of second operation values, and ([JACKSON, para. 0033] “In some embodiments, server 103 can include communication interface 131, operation evaluator 133, and memory 141 storing operation set 135. Communication interface 131 can receive, from client 101, public key 116 of a FHE scheme and one or more encrypted numbers, e.g., encrypted number 112 and encrypted number 114, which can be saved into memory 141. Operation evaluator 133 can perform a set of operations as indicated by operation set 135. Operation set 135 can include a square root function 137, a ReLU 134, or a multiplicative inverse function 136 on the one or more encrypted numbers, e.g., encrypted number 112 and encrypted number 114, to generate an encrypted operational result 138. Operation set 135 can further include a multiplication or an addition. The encrypted operational result 138 generated by operations in operation set 135 can be an approximation of performing an algebraic operation 132 on the one or more encrypted numbers.”) ([JACKSON, para. 0034] “In some embodiments, algebraic operation 132 can include many different algebraic operations, such as a maximum operation, a minimum operation”) ([JACKSON, para. 0039] “server 103 can transmit to client 101, the encrypted operational result 138. In client 101, the encrypted operational result 138 can be decrypted using at least private key 119 associated with the public key 116 to generate a decrypted operational result 118.”) KUMAR further teaches “… wherein the post processor is further configured to select one of the plurality of decrypted second operation values based on the input ciphertext and the information about the plurality of operation conditions. ([KUMAR, para. 0041] “tags 312 associated with each piece of data can further indicate the owner of the data. For example, the tags 312 can indicate an owner of the data in addition to whether the data is in cleartext or ciphertext. As such, there may be a designated bit (or multiple bits) placeholder within tags 312 indicating a data owner and a second designated bit placeholder within tags 312 indicating whether or not the data is encrypted.”) ([KUMAR, para. 0037] “ a determination can be made whether ciphertext data required to be processed from the GPRs 310 is already included in the cleartext local buffer 335. If the data is already included as cleartext within the cleartext local buffer 335 (e.g., a hit occurs), then multiplexer (MUX) 370 selects data from the cleartext local buffer 335. Otherwise, the MUX 370 selects the data which was decrypted by the decryption module 325. Similarly, the MUX 370 can receive a signal from the comparator 345 to determine whether the secure thread ID 330 is verified based on a comparison to the reference thread ID 360. If the secure thread ID 330 is verified, then the MUX 370 permits processing of the data within ALU 340. Otherwise, the MUX 370 can transmit a signal preventing processing of data within the ALU 340.”) The same motivation to modify JACKSON with KUMAR as in the rejection of claim 1 applies. Regarding claim 6, JACKSON-KUMAR teach all limitations of claim 1. JACKSON further teaches “wherein the first conditional operation comprises one of a Max operation, a Min operation, a pooling operation, a decision tree operation, a rectified linear unit (ReLU) operation, a leaky ReLU operation, and an activation operation. ([JACKSON, Abstract] “. A server can receive from a client, a public key of a fully homomorphic encryption scheme and one or more encrypted numbers, and perform a set of operations comprising a square root function, a rectified linear activation function (ReLU), or a multiplicative inverse function on the one or more encrypted numbers to generate an encrypted operational result.”) Regarding claims 7 and 14, JACKSON-KUMAR teach all limitations of claims 1 and 9. JACKSON further teaches “wherein the post processor is further configured to select a first operation value corresponding to one condition path determined based on the input ciphertext and the plurality of operation conditions from among the plurality of decrypted first operation values. ([JACKSON, para. 0045] “operation evaluator 133 of server 103 can perform operations included in operation set 135 that may include a square root function, a ReLU, a multiplicative inverse function, a multiplication, or an addition to generate encrypted operational result 138.”) ([JACKSON, para. 0039] “the encrypted operational result 138 can be decrypted using at least private key 119 associated with the public key 116 to generate a decrypted operational result 118.”) ([JACKSON, para. 0040] “Additionally and alternatively, direct operational result 125 can have an error 123 compared to decrypted operational result 118. Error 123 can be the difference between decrypted operational result 118 and direct operational result 125. Error 123 can be obtained by error estimator 121, which can detect the difference between decrypted operational result 118 and direct operational result 125. In some embodiments, error 123 between decrypted operational result 118 and the direct operational result 125 for performing the algebraic operations on an unencrypted number x”) Claims 8 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over JACKSON-KUMAR in view of KHEDR (US-20190268135-A1). Regarding claims 8 and 15, JACKSON-KUMAR teach all limitations of claims 1 and 9. However, JACKSON-KUMAR does not teach “wherein the plurality of operations comprise an operation that generates the plurality of first operation values by bypassing the first conditional operation on the input ciphertext.” In analogous teaching KHEDR teaches “wherein the plurality of operations comprise an operation that generates the plurality of first operation values by bypassing the first conditional operation on the input ciphertext.” ([KHEDR, para. 0021] “a homomorphic encryption system is disclosed. The homomorphic encryption system includes an integrated circuit (IC) homomorphic processor chip, and main memory external to the IC homomorphic processor chip.”) ([KHEDAR, para. 0035] “The method includes transforming ciphertext (Ctxt) symbols into a number theoretic transform (NTT) domain. The transforming includes, for a given processor slice, generating a mode control signal with local control circuitry. The mode control signal corresponds to one of multiple modes of operations involving homomorphic encryption.”) ([KHEDR, para. 0028] “The NTT butterfly circuit includes a high input word path including a first adder/subtractor, a first multiplier, and first selection circuitry. The first selection circuitry is coupled to the first adder/subtractor and the first multiplier and includes respective bypass paths to selectively bypass the first adder/subtractor and the first multiplier. The NTT butterfly circuit includes a low input word path including a second adder/subtractor, a second multiplier, and second selection circuitry. The second selection circuitry is coupled to the second adder/subtractor and the second multiplier and includes respective bypass paths to selectively bypass the second adder/subtractor and the second multiplier.”) Thus, given the teaching of KHEDR, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teaching of bypassing the first conditional operation by KHEDR into a homomorphic encryption device by JACKSON-KUMAR. One of ordinary skill in the art would have been motivated to do so because KHEDR recognizes the need to improve performance by minimizing latency ([KHEDR, para. 0109] “the FHE system 200 of FIG. 2 carries out computations including Ctxt addition, Ctxt subtraction, Ctxt multiplication and NTT/INTT processing. For some embodiments, plaintext computations may also be carried out. The manner in which certain operations are scheduled and handled, more fully described below, significantly improves performance by minimizing latency while contributing to a greatly reduced IC chip footprint.”) Claims 16-20 are rejected under 35 U.S.C. 103 as being unpatentable over JACKSON (US-20220085972-A1) in view of KUMAR (US-20220414023-A1), and further in view of HUANG (US-20250165407-A1), hereinafter JACKSON-KUMAR-HUANG. Regarding claim 16, this claim recites of some features similar to that of independent claim 1. Therefore, the features similar to claim 1 are rejected in a similar manner as seen in the rejection of claim 1. However, JACKSON-KUMAR does not teach “solid state drive (SSD) … an SSD configured to encrypt … the SSD is further configured to decrypt”. In analogous teaching HUANG teaches “solid state drive (SSD) … an SSD configured to encrypt … the SSD is further configured to decrypt” ([HUANG, para. 0003] “The present disclosure describes methods, devices, systems and techniques for managing data security in storage devices, e.g., solid-state drives (SSDs).”) ([HUANG, para. 0043] “Implementations of the present disclosure provide techniques for managing data security in storage devices such as solid-state drives (SSDs). Different from storage devices with one level or type of cryptography for all data, the techniques enable to perform different levels of cryptography on different security levels of data, e.g., by labelling data with corresponding security levels. The security levels of data can include non-confidential level, confidential level, highly confidential level, and top secret level. The levels of cryptography can include different types of cryptographic algorithms … fully homomorphic encryption (FHE)”) ([HUANG, para. 0044] “the storage device includes at least two types of encryption engines configured to encrypt data using different types of cryptographic algorithms,”) ([HUANG, para. 0044] “the storage device can store the encrypted data directly, without decryption. In some other cases, the storage device can decrypt the encrypted data to get the original data”) Thus, given the teaching of HUANG, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teaching of a solid state drive (SSD) by HUANG into a homomorphic encryption device by JACKSON-KUMAR. One of ordinary skill in the art would have been motivated to do so because HUANG recognizes the need to secure data ([HUANG, para. 0002] “Protecting data in storage devices from unintentional overwrites, malicious attacks and cloning is essential. To meet security requirements, the data stored in the storage devices can be encrypted.”) ([HUANG, para. 0039] “a self-encrypting drive (SED) can be a hard disk drive (HDD) or solid-state drive (SSD) designed to automatically encrypt and decrypt drive data without the need for user input or disk encryption software.”) ([HUANG, para. 0041] “In some implementations, homomorphic encryption (HE) is used to secure data in use.”) Regarding claim 17, JACKSON-KUMAR-HUANG teach all limitations of claim 16. This claim recites of features similar to that of claim 2. Therefore, the same rejection as seen in claim 2 applies. HUANG further teaches of a SSD as seen in the rejection of claim 16, the same rejection and motivation applies. Regarding claim 18, JACKSON-KUMAR-HUANG teach all limitations of claim 17. This claim recites of features similar to that of claim 3. Therefore, the same rejection as seen in claim 3 applies. Furthermore, JACKSON teaches of “… performing a polynomial approximation operation.” ([JACKSON, para. 0014] “In some embodiments, operations to approximate arithmetic or algebraic operations for homomorphic encryption schemes can improve efficiency and accuracy. A set of operations can be performed on one or more encrypted numbers to generate an encrypted operational result, which can be an approximation of performing an algebraic operation on the one or more encrypted number.”) Regarding claim 19, JACKSON-KUMAR-HUANG teach all limitations of claim 16. JACKSON further teaches “wherein the host is configured to generate the input ciphertext by performing a multiplication operation on the ciphertext.” ([JACKSON, para. 0029] “Communication interface 117 can transmit one or more encrypted numbers, e.g., encrypted number 112 and encrypted number 114, to server 103. Communication interface 117 can also transmit public key 116 to server 103. “) ([JACKSON, para. 0033] “Operation evaluator 133 can perform a set of operations as indicated by operation set 135. … Operation set 135 can further include a multiplication or an addition. The encrypted operational result 138 generated by operations in operation set 135 can be an approximation of performing an algebraic operation 132 on the one or more encrypted numbers.”) ([JACKSON, para. 0016] “The server can further transmit to the client the encrypted operational result.”) Regarding claim 20, JACKSON-KUMAR-HUANG teach all limitations of claim 16. This claim recites of features similar to that of claim 5. Therefore, the same rejection as seen in claim 5 applies. HUANG further teaches of a SSD as seen in the rejection of claim 16, the same rejection and motivation applies. Pertinent Art The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure. SHIM (US-20190363872-A1): This prior art teaches of a computer-implemented method for processing dynamic data by dynamic data processing device. The device comprises a homomorphic encryption module and a plurality of computing modules running in parallel. The method comprises carrying out, by the homomorphic encryption module, fully homomorphic encryption to dynamic data received from an object which generates the dynamic data; updating, by the computing module which is not in bootstrapping, the encrypted state variable; and carrying out, by the computing module which completes bootstrapping, the first update to the encrypted state variable. The first update to the encrypted state variable after completion of bootstrapping is carried out. FUKUDA (US-11849019-B2): This prior art teaches of an encryption system comprises a key generation apparatus that generates an encryption key relating to the authority to generate a ciphertext from a plaintext, a homomorphic operation key relating to the authority to execute a homomorphic operation on a ciphertext that remains encrypted and whose authority is weaker than that of the encryption key, and a decryption key relating to the authority to decrypt ciphertext; an encryption apparatus that generates a ciphertext from a plaintext using the encryption key; a homomorphic operation apparatus that executes a homomorphic operation on the ciphertext using the homomorphic operation key; and a decryption apparatus that decrypts ciphertext using the decryption key. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to AFAQ ALI whose telephone number is (571)272-1571. The examiner can normally be reached Mon - Fri 7:30am - 5:30pm EST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, ALI SHAYANFAR can be reached at (571) 270-1050. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /A.A./ 05/14/2026 /AFAQ ALI/Examiner, Art Unit 2434 /NOURA ZOUBAIR/Primary Examiner, Art Unit 2434
Read full office action

Prosecution Timeline

Oct 07, 2024
Application Filed
May 19, 2026
Non-Final Rejection mailed — §101, §103, §112
Jun 29, 2026
Interview Requested
Jul 08, 2026
Applicant Interview (Telephonic)
Jul 08, 2026
Examiner Interview Summary

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12665926
System And Methods Of Defense Against DDoS Attacks For Applications On A Multi-Substrate Multi-Ingress Shared Infrastructure With Multiple Cloud Architectures
1y 9m to grant Granted Jun 23, 2026
Patent 12639404
Authorization of Access Rights Licenses
2y 2m to grant Granted May 26, 2026
Patent 12627679
CYBER SECURITY SYSTEM APPLYING NETWORK SEQUENCE PREDICTION USING TRANSFORMERS
2y 3m to grant Granted May 12, 2026
Patent 12585791
ENCRYPTED COMMUNICATION METHOD AND ELECTRONIC DEVICE
3y 7m to grant Granted Mar 24, 2026
Patent 12572656
CONTROL FLOW INTEGRITY MONITORING BASED INSIGHTS
3y 2m to grant Granted Mar 10, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
90%
Grant Probability
99%
With Interview (+13.3%)
2y 5m (~8m remaining)
Median Time to Grant
Low
PTA Risk
Based on 137 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month