Encryption of Encoded Data in a Storage Network

§103 §DP

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Status of Claims Claims 1-20 are pending. Information Disclosure Statement The information disclosure statement (IDS) submitted on 10/15/2024 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. The information disclosure statement (IDS) submitted on 10/15/2024 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. The information disclosure statement (IDS) submitted on 10/15/2024 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. The information disclosure statement (IDS) submitted on 10/15/2024 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. Double Patenting The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13. The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer. Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 12,130,704. Although the claims at issue are not identical, they are not patentably distinct from each other because each and every limitation of the instant claims is broader than, and therefore anticipated by, the corresponding claims of the patent. The only apparent difference between both sets of claims is as follows: Instant application, claim 1 Patent, claim 1 generating a first encryption key corresponding to the first encoded data slice associated with the first vault… generating a first encryption key corresponding to the first encoded data slice based on a first vault identifier associated with the first vault… The corresponding subject matter can also be found in independent claims 8 and 15 of both the instant application and the patent. Claims 1-20 are further rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 11,157,366. Although the claims at issue are not identical, they are not patentably distinct from each other because of the following correspondence: Instant application, claim 1 Patent, claim 1 A method for execution by a processing system of a storage network that includes a processor, the method comprising: receiving a first encoded data slice for storage by the storage network, wherein the first encoded data slice is associated with a first vault; A method for execution by a dispersed storage and task (DST) execution unit that includes a processor, the method comprising: receiving a first encoded data slice for storage by the DST execution unit, wherein a slice identifier associated with the first encoded data slice indicates a first vault; generating a first encryption key corresponding to the first encoded data slice associated with the first vault; generating a first encryption key corresponding to the first encoded data slice by performing a deterministic function on a first vault identifier associated with the first vault and a memory identifier associated with one of a plurality of memory devices of the DST execution unit; utilizing the first encryption key to generate a first encrypted data slice and that corresponds to, and is based on, the first encoded data slice; generating a first encrypted data slice using the first encryption key; storing the first encrypted data slice in a first storage unit of the storage network; receiving a request to retrieve the first encoded data slice; storing the first encrypted data slice in a file of the one of the plurality of memory devices of the DST execution unit; receiving a request to retrieve the first encoded data slice; retrieving the first encrypted data slice corresponding to the first encoded data slice from the first storage unit of the storage network; retrieving the first encrypted data slice corresponding to the first encoded data slice from the one of the plurality of memory devices; generating a first decryption key corresponding to the first encoded data slice, wherein the first decryption key is different from the first encryption key; generating a first decryption key corresponding to the first encoded data slice by performing a second deterministic function on the first vault identifier and the memory identifier, wherein the first decryption key is different from the first encryption key; and regenerating the first encoded data slice using the first decryption key. regenerating the first encoded data slice using the first decryption key. As can be seen above, while the limitations are not identical, the limitations of the instant claim are broader than those of the patent. Claim 1 of the patent therefore anticipates claim 1 of the instant application. Further, claims 1-3, 5, 7-10, 12, 14-17, 19 of the instant application correspond to claims 1-3, 5, 7-10, 12, 14-18, 20, respectively, of the patent. Claims 1-20 are further rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 10,467,096. Although the claims at issue are not identical, they are not patentably distinct from each other because of the following correspondence: Instant application, claim 1 Patent, claim 1 A method for execution by a processing system of a storage network that includes a processor, the method comprising: receiving a first encoded data slice for storage by the storage network, wherein the first encoded data slice is associated with a first vault; A method for execution by a dispersed storage and task (DST) execution unit that includes a processor, the method comprises: receiving a first encoded data slice for storage by the DST execution unit, wherein a slice identifier associated with the first encoded data slice indicates a first vault; generating a first encryption key corresponding to the first encoded data slice associated with the first vault; generating a first encryption key corresponding to the first encoded data slice by performing a deterministic function on a first vault identifier associated with the first vault and a memory identifier associated with one of a plurality of memory devices of the DST execution unit; utilizing the first encryption key to generate a first encrypted data slice and that corresponds to, and is based on, the first encoded data slice; generating a first encrypted data slice by utilizing the first encryption key;… storing the first encrypted data slice in a first storage unit of the storage network; receiving a request to retrieve the first encoded data slice; …storing the first encrypted data slice and the second encrypted data slice in a file of the one of the plurality of memory devices of the DST execution unit, wherein the file and the one of the plurality of memory devices are common to the first encrypted data slice and the second encrypted data slice; receiving a request to retrieve the first encoded data slice; retrieving the first encrypted data slice corresponding to the first encoded data slice from the first storage unit of the storage network; retrieving the first encrypted data slice corresponding to the first encoded data slice from the one of the plurality of memory devices; generating a first decryption key corresponding to the first encoded data slice, wherein the first decryption key is different from the first encryption key; generating a first decryption key corresponding to the first encoded data slice by performing a second deterministic function on the first vault identifier and the memory identifier, wherein the first decryption key is different from the first encryption key; and regenerating the first encoded data slice using the first decryption key. regenerating the first encoded data slice by utilizing the first decryption key. As can be seen above, while the limitations are not identical, the limitations of the instant claim are broader than those of the patent. Claim 1 of the patent therefore anticipates claim 1 of the instant application. Further, claims 1, 3, 7-8, 10, 14-15, 17 of the instant application correspond to claims 1-2, 6-8, 12-14, respectively, of the patent. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1-3, 8-10, 15-17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Bashyam et al (PGPUB 2016/0352511), and further in view of Yanovsky et al (PGPUB 2017/0048021) and Howe (PGPUB 2016/0028696). Regarding Claims 1, 8, and 15: Bashyam teaches a method for execution by a processing system of a storage network that includes a processor, a non-transitory computer readable storage medium comprising at least one memory that stores operational instructions that, when executed by a processing system of a storage network having a processor, causes the processing system to perform operations ([0050] these interfaces may include ports appropriate for communication with the appropriate media; in some cases, they may also include an independent processor and, in some instances, volatile RAM; [0051] system 200 uses memory 203 to store data and program instructions for operations), and a processing system of a storage network comprising: an interface ([0049]-[0050] interface); and processing circuitry, coupled to the interface, configured by operational instructions to perform operations that include ([0050] these interfaces may include ports appropriate for communication with the appropriate media; in some cases, they may also include an independent processor and, in some instances, volatile RAM; [0051] system 200 uses memory 203 to store data and program instructions for operations): receiving a first data slice for storage by the storage network ([0053], data stream parsed into chunks at a first client machine and transmitted to remote server or networked storage device; [0051] system uses memory to store data and program instructions, i.e. vault; [0035] first and second client devices; networked storage system configured to process file-related requests from each device; [0040] first and second client devices use communication protocol interfaces to communicate with networked storage system and support operations such as creating a file or writing to a file), wherein the first data slice is associated with a first vault ([0053], data stream parsed into chunks at a first client machine and transmitted to remote server or networked storage device; [0051] system uses memory to store data and program instructions, i.e. vault); generating a first encryption key corresponding to the first data slice associated with the first vault ([0033], [0055]-[0061], key derived from data chunk; [0114] key generated at remote server); utilizing the first encryption key to generate a first encrypted data slice and that corresponds to, and is based on, the first data slice ([0053], [0066], [0111]-[0114] data chunk encrypted with data chunk encryption key); storing the first encrypted data slice in a first storage unit of the storage network ([0113]-[0114], Fig. 7, encrypted data chunks stored at networked storage system; [0039], [0049] network storage device memory); receiving a request to retrieve the first data slice ([0118] request received to provide data chunk to client device); retrieving the first encrypted data slice corresponding to the first data slice from the first storage unit of the storage network ([0119] data chunk and identifying hash value are located on network storage device); generating a first decryption key corresponding to the first data slice ([0124] data chunk encryption key constructed from hash value); and regenerating the first data slice using the first decryption key ([0125] data chunk decrypted with data chunk encryption key). Bashyam does not explicitly teach wherein the data slice is an encoded data slice. However, Yanovsky teaches the concept wherein a data slice is an encoded data slice (abstract, method for distributed storage; [0060] client-side processor (CSP) uploads file to storage nodes network (SNN) by splitting file into slices and encrypting (i.e. encoding), and sending sliced files to front-end data processor (FEDP); [0061] FEDP divides and further encrypts the slices). It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the encoded data slice teachings of Yanovsky with the dispersed storage and task system of Bashyam, in order to protect data chunks/slices from interception during transit by malicious agents by first encrypting the slice at the client, and then further protecting the file from theft or discovery using server side encryption to increase the entropy of the security environment. Neither Bashyam nor Yanovsky explicitly teaches wherein the first decryption key is different from the first encryption key. However, Howe teaches the concept wherein a first decryption key is different from a first encryption key (abstract, system for encrypting data and transferring or storing data securely may include a computing device including an encryptor configured to generate an encryption key from a network resource and encrypt data using the encryption key to generate encrypted data, and a decryptor configured to generate a decryption key from the network resource and decrypt the encrypted data to generate the non-encrypted data; [0068] the encryption key 48 and the decryption key 49 may be different). It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the different encryption and decryption key teachings of Howe with the dispersed storage and task system of Bashyam, in order to provide the benefit of asymmetric key encryption systems, such as enabling safe and secure key distribution without the risk of an attacker or eavesdropper capturing the decryption key during transmission, as typically only the encrypting key of the key pair is passed around in the open. Regarding Claims 2, 9, and 16: Bashyam in view of Yanovsky and Howe teaches the method of claim 1, the processing system of claim 8, and the non-transitory computer readable storage medium of claim 15. In addition, Bashyam teaches wherein the operations further include: receiving a second data slice for storage by the storage network, wherein the second data slice is associated with a second vault ([0035] first and second client devices; networked storage system configured to process file-related requests from each device; therefore same process applies to chunks sent from second client device; [0053] data stream parsed into chunks at client machine and transmitted to remote server or networked storage device; [0051] system uses memory to store data and program instructions, i.e. vault); generating a second encryption key corresponding the second data slice associated with the second vault ([0033], [0055]-[0061] key derived from data chunk; [0114] key generated at remote server); generating a second encrypted data slice using the second encryption key ([0053], [0066], [0111]-[0114] data chunk encrypted with data chunk encryption key); and storing the second encrypted data slice in a second storage unit of the storage network ([0113]-[0114] Fig. 7, encrypted data chunks stored at networked storage system; [0039], [0049] network storage device memory); and Yanovsky teaches the concept wherein a data slice is an encoded data slice (abstract, method for distributed storage; [0060] client-side processor (CSP) uploads file to storage nodes network (SNN) by splitting file into slices and encrypting (i.e. encoding), and sending sliced files to front-end data processor (FEDP); [0061] FEDP divides and further encrypts the slices). The rationale to combine Bashyam and Yanovsky is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 2. Regarding Claims 3, 10, and 17: Bashyam in view of Yanovsky and Howe teaches the method of claim 2, the processing system of claim 9, and the non-transitory computer readable storage medium of claim 16, wherein the operations further include: receiving a third data slice for storage by the storage network, wherein the third data slice is associated with the first vault ([0053], data stream parsed into chunks, i.e. “first and third data slices” at a first client machine and transmitted to remote server or networked storage device; [0051] system uses memory to store data and program instructions, i.e. vault; [0035] first and second client devices; networked storage system configured to process file-related requests from each device; [0040] first and second client devices use communication protocol interfaces to communicate with networked storage system and support operations such as creating a file or writing to a file); generating a third encrypted data slice by utilizing the first encryption key ([0055] a shared encryption key construction technique is identified; according to various embodiments, the shared encryption key construction technique may be any technique that can be derived from two sets of information; the first set of information is derived from the chunk itself; the second set of information includes secret keys, strings, or procedures arranged in advance between two network endpoints, where the same keys, strings, or procedures apply to potentially many chunks of data to be encrypted); and storing the third encrypted data slice in the first storage unit of the storage network ([0113]-[0114], Fig. 7, encrypted data chunks stored at networked storage system; [0039], [0049] network storage device memory); and Yanovsky teaches the concept wherein a data slice is an encoded data slice (abstract, method for distributed storage; [0060] client-side processor (CSP) uploads file to storage nodes network (SNN) by splitting file into slices and encrypting (i.e. encoding), and sending sliced files to front-end data processor (FEDP); [0061] FEDP divides and further encrypts the slices). The rationale to combine Bashyam and Yanovsky is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 2. Claim(s) 4-7, 11-14, 18-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Bashyam in view of Yanovsky and Howe, and further in view of Dhuse et al (PGPUB 2012/0311345). Regarding Claims 4, 11, and 18: Bashyam in view of Yanovsky and Howe teaches the method of claim 2, the processing system of claim 9, and the non-transitory computer readable storage medium of claim 16. Neither Bashyam nor Yanovsky nor Howe explicitly teaches wherein the first encryption key is generated by performing a deterministic function on a first vault identifier. However, Dhuse teaches the concept wherein a first encryption key is generated by performing a deterministic function on a first vault identifier ([0101] encryption key generated by masking shared secret to produce masked shared secret; masking includes performing deterministic function on shared secret and one or more key elements; key elements include source name, slice revision number, requesting entity ID, and rebuilding participants list; [0067] in example of storing data, gateway module receives incoming data object that includes user ID field, object name field, and data field; gateway module authenticates user associated with data object by verifying the user ID; [0068] when user is authenticated, gateway module obtains user information from user device including vault identifier; vault ID therefore associated with first vault, i.e. user device associated with user which provides incoming data object; [0069] gateway module uses user information to assign source name to the data object; source name contains file ID, vault generation number, reserved field, and vault ID; therefore, deterministic encryption key function uses source name including vault ID associated with user device). It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the vault identifier encryption key teachings of Dhuse with the data slice and dispersed storage and task system of Bashyam in view of Yanovsky and Howe, in order to capitalize on known information for use in generating an encryption key, and allowing use of a key to be tied to a specific device or user, and allowing reproduction of the key in the event of loss of the key and preventing theft of the key by not requiring that the key be stored. Regarding Claims 5, 12, and 19: Bashyam in view of Yanovsky, Howe, and Dhuse teaches the method of claim 4, the processing system of claim 11, and the non-transitory computer readable storage medium of claim 18. In addition, Bashyam teaches wherein the first encryption key is generated by performing the deterministic function further on a slice identifier of the first data slice ([0033], [0057] encryption key derived from fingerprint used for identification of a data chunk; [0058]-[0060] key constructed using fingerprint information, agreed upon value, and algorithm, e.g. HMAC; [0035] first and second client devices; therefore same process applies to chunks sent from second client device); and Yanovsky teaches the concept wherein a data slice is an encoded data slice (abstract, method for distributed storage; [0060] client-side processor (CSP) uploads file to storage nodes network (SNN) by splitting file into slices and encrypting (i.e. encoding), and sending sliced files to front-end data processor (FEDP); [0061] FEDP divides and further encrypts the slices). The rationale to combine Bashyam and Yanovsky is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 4. Regarding Claims 6, 13, and 20: Bashyam in view of Yanovsky, Howe, and Dhuse teaches the method of claim 4, the processing system of claim 11, and the non-transitory computer readable storage medium of claim 18. In addition, Dhuse teaches wherein the encryption key is generated by performing the deterministic function on a vault identifier ([0101] encryption key generated by masking shared secret to produce masked shared secret; masking includes performing deterministic function on shared secret and one or more key elements; key elements include source name, slice revision number, requesting entity ID, and rebuilding participants list; [0067] in example of storing data, gateway module receives incoming data object that includes user ID field, object name field, and data field; gateway module authenticates user associated with data object by verifying the user ID; [0068] when user is authenticated, gateway module obtains user information from user device including vault identifier; vault ID therefore associated with first vault, i.e. user device associated with user which provides incoming data object; [0069] gateway module uses user information to assign source name to the data object; source name contains file ID, vault generation number, reserved field, and vault ID; therefore, deterministic encryption key function uses source name including vault ID associated with user device); and Bashyam teaches wherein the encryption key is a second encryption key, and the vault is a second vault ([0035] first and second client devices (i.e. “vaults”); networked storage system configured to process file-related requests from each device; therefore same process applies to chunks sent from second client device; [0053] data stream parsed into chunks at client machine and transmitted to remote server or networked storage device; [0051] system uses memory to store data and program instructions, i.e. vault; [0033], [0055]-[0061] key derived from data chunk; [0114] key generated at remote server). The rationale to combine Bashyam and Dhuse is the same as provided for claim 4, due to the overlapping subject matter between claims 4 and 6. Regarding Claims 7 and 14: Bashyam in view of Yanovsky and Howe teaches the method of claim 1, and the processing system of claim 8. Neither Bashyam nor Yanovsky nor Howe explicitly teaches wherein the operations further include: re-encrypting the first encoded data slice with a new encryption key in response to a transfer of the first encoded data slice from the first storage unit to another storage unit. However, Dhuse teaches the concept of re-encrypting a first encoded data slice with a new encryption key in response to a transfer of the first encoded data slice from a first storage unit to another storage unit ([0087] system includes a plurality of sites 1-4 that includes, in totality, a set of dispersed storage (DS) units associated with a set of encoded data slices; [0090] each DS unit of DS units 1, 3, 4, 5, and 6 encrypts the slice partial corresponding to the DS unit utilizing an encryption function, wherein the encryption function utilizes an encryption algorithm and one or more keys; for example, DS unit 3 utilizes a shared secret key (K3-5) shared between DS units 3 and 5, DS unit 5 utilizes the shared secret key between DS units 3 and 5, DS unit 4 utilizes a shared secret key (K1-4) between DS units 1 and 4, DS unit 6 utilizes a shared secret key (K1-6) between DS units 1 and 6, and DS unit 1 utilizes the shared secret key between DS units 1 and 4 the shared secret key between DS units 1 and 6; [0092] next, each DS unit outputs an encrypted slice partial in accordance with a rebuilding topology of the rebuilding parameters; for example, DS unit 1 sends the encrypted slice partial associated with DS unit 1 directly to DS unit 2 and DS unit 3 sends the encrypted slice partial associated with DS unit 3 to DS unit 4 (e.g., at the same site) in accordance with the rebuilding topology). It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine encrypted data distribution teachings of Dhuse with the data slice and dispersed storage and task system of Bashyam in view of Yanovsky and Howe. Dhuse raises the issue that “To reduce the risk of data loss, data on a RAID device is typically copied on to one or more other RAID devices. While this addresses the loss of data issue, it raises a security issue since multiple copies of data are available, which increases the chances of unauthorized access” (e.g. Dhuse, [0014]). Therefore, it would be obvious to incorporate the solution of Dhuse to improve the security environment by using encryption to prevent unauthorized access in a distributed data system. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to FORREST L CAREY whose telephone number is (571)270-7814. The examiner can normally be reached 9:00AM-5:30PM M-F. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Amir Mehrmanesh can be reached at (571) 270-3351. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /FORREST L CAREY/Examiner, Art Unit 2491 /WILLIAM R KORZUCH/Supervisory Patent Examiner, Art Unit 2491