Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
DETAILED ACTION
Claims 1-20 are presented for examination.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 11/14/2024 has been considered. The submission is in compliance with the provisions of 37 CFR 1.97. Form PTO-1449 is signed and attached hereto.
Drawings
The drawings filed on 11/14/2024 are accepted by the examiner.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following claims 1-11 and 19-20 are rejected under 35 U.S.C. 112(b), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA the applicant regards as the invention.
The examiner considers claims 1 and 19 invoking 112(f)having “an encryption unit" and “a decryption unit” performing functional limitations. However, the claim is rejected under 112(b) as being indefinite because there is no corresponding structure disclosed for the recited modules in the specification.
Dependent claims inherit the deficiencies of the above independent claims 1 and 19 and therefore are rejected under 35 U.S.C. 112(b) by virtue of their dependency.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
1. Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Nourry et al. (US Pub No. 2008/0187134, hereinafter “Nourry”) in view of Abdelhameed et al. (US Pub No. 2023/0353469, hereinafter “Abdelhameed”).
Regarding claim 1, Nourry does disclose, a vehicle network security system using a time synchronization-based counter mode, the vehicle network security system comprising: an encryption unit configured to obtain a key stream through a first counter (CTR), and obtain cipher text by performing an operation on plain text to be encrypted and the key stream (Nourry, (para. [0014-0016]), for each data block to be encrypted, steps consisting in: obtaining a counter C, by combining said time reference and said value of the initialization vector; obtaining a series of encryption bits via an encryption function taking said encryption key K and said counter C as input parameters; encrypting said data block by combining it with said series of encryption bits); and a decryption unit configured to obtain the key stream through a second counter, and obtain the plain text by performing the operation on the cipher text and the key stream (Nourry, (para. [0036-0038]), the decryption method comprises, for each data block to be decrypted, steps consisting in: obtaining a counter, by combining said time reference and said value of the initialization vector; obtaining a series of decryption bits via a decryption function taking said encryption key and said counter as input parameters, said decryption function being equivalent to the encryption function used in said encryption method; decrypting said encrypted data block by combining it with said series of decryption bits, via a combination that is the reverse of that used in said encryption method)
Nourry does not explicitly disclose but the analogous art Abdelhameed discloses, wherein the first counter and the second counter use a factor synchronized with time data transferred from hardware clocks (HCs) included in electronic control units (ECUs) in a vehicle network (Abdelhameed, (para. [0069]), every synchronized ECU 2, 3, 4, 5, 6 has after synchronization the same global time available typically referred to a local instance of global time, i.e. a local clock, derived from its underlying local hardware counter, e.g. an oscillator, that maintains the synchronized time or global time, respectively. This implies that synchronized slave clocks 21, 31, 41, 51, 61 are bounded to global time of the master clock 8).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Nourry by including wherein the first counter and the second counter use a factor synchronized with time data transferred from hardware clocks (HCs) included in electronic control units (ECUs) in a vehicle network taught by Abdelhameed for the advantage of providing a high safety level, e.g. a safety level fulfilling ASIL D requirements, and fulfill the “Freedom from Interference” functional safety requirements according to ISO 26262 (Abdelhameed, (para. [0010])).
Regarding claim 2, the combination of Nourry-Abdelhameed does disclose the vehicle network security system of claim 1, wherein the key stream is obtained through an advanced encryption standard (AES) encryption algorithm (Nourry, (para. [0084]), AES (CW, x) is used to denote the series of encryption bits obtained via the AES encryption function taking the encryption key CW and a counter x as input parameters).
Regarding claim 3, the combination of Nourry-Abdelhameed does disclose the vehicle network security system of claim 1, wherein the operation performed with the key stream in the encryption unit or the decryption unit includes an exclusive OR (XOR) operation (Nourry, (para. [0086]), the encryption function E is defined so that, for each sub-block B.sub.i of a data block to be encrypted, i being between 1 and m-1, the following equation applies: E(B.sub.i)=B.sub.iXOR AES (CW, C+i)).
Regarding claim 4, the combination of Nourry-Abdelhameed does disclose the vehicle network security system of claim 1, wherein the encryption unit and the decryption unit are configured to perform encryption and decryption, respectively, using a same key stream (Nourry, (para. [0068]), the decryption method uses the same encryption function as that used in the encryption method used at the sending end).
Regarding claim 5, the combination of Nourry-Abdelhameed does disclose the vehicle network security system of claim 1, wherein an ECU, among the ECUs in the vehicle network, includes: an application layer including an application software program; a hardware layer including a hardware configuration; and an adaptive platform layer for an interaction between the application layer and the hardware layer (Abdelhameed, (para. [0049]), the gateway ECU 6, which would be a Flexray-Ethernet gateway ECU in the above example, is configured to provide interoperability between the first and the second ECU 2, 3 using the first communication standard, here the Flexray standard, and the third and the fourth ECU 4, 5 using the second communication standard, here the Ethernet standard. Therefore, the gateway ECU 6 is configured to do unidirectional or bidirectional protocol translation between the first and the second communication standard).
Regarding claim 6, the combination of Nourry-Abdelhameed does disclose the vehicle network security system of claim 5, wherein a hardware clock is included in the hardware layer, and wherein the hardware clock includes a hardware clock for an Ethernet-based precision time protocol (PTP) (Abdelhameed, (para. [0006, 0069]), time synchronization of an Ethernet bus is done according to IEEE 802.1AS for a TSN (time sensitive network) and IEEE 1588 with respect to the PTP (Precision Time Protocol). However, for time synchronization via PTP there are several measures that can be taken in addition to the respective standards, so that the integrity of the synchronization process and thus the integrity of the distributed time-base can be ensured).
Regarding claim 7, the combination of Nourry-Abdelhameed does disclose the vehicle network security system of claim 5, wherein the factor synchronized with time data is acquired using a pulse per second (PPS) signal (Abdelhameed, (para. [0048]), the master clock 8 is thus configured to provide timing signals to synchronize the slave clocks 21, 31, 41, 51, 61 of the devices 2, 3, 6 using the first communication standard and the devices 4, 5, 6 using the second communication standard of the network 1).
Regarding claim 8, the combination of Nourry-Abdelhameed does disclose the vehicle network security system of claim 7, wherein the PPS signal is acquired by i) connecting a software defined pin (SDP) output of an Ethernet controller included in the hardware layer to an SDP Input and ii) performing a setting so that a pulse is periodically emitted from the SDP output (Abdelhameed, (para. [0013]), the communication network comprises a master clock, the first ECU having a first slave clock, the validator having a second slave clock, and a first communication bus connecting the first ECU, the validator and the master clock to each other; (para. [0048]), the master clock 8 is thus configured to provide timing signals to synchronize the slave clocks 21, 31, 41, 51, 61 of the devices 2, 3, 6 using the first communication standard and the devices 4, 5, 6 using the second communication standard of the network 1).
Regarding claim 9, the combination of Nourry-Abdelhameed does disclose the vehicle network security system of claim 8, wherein: a signal handler used to process a rising edge of the pulse is registered in the application software program; and the time data is acquired within the registered signal handler (Nourry, (para. [0069-0070]), on receiving an encrypted data block, the same operation of combining the value of the initialization vector and the time reference of the encrypted data block is performed to obtain the same counter as the one obtained in the encryption method used for encrypting the transmitted data).
Regarding claim 10, the combination of Nourry-Abdelhameed does disclose the vehicle network security system of claim 1, wherein the first counter and the second counter have a time error value of 100 nanosecond (ns) or less by using the factor synchronized with the time data (Nourry, (para. [0099]), the decryption method advantageously uses the same encryption algorithm as the one used in the encryption method. It preferably generates the same counter as the one generated in the encryption method from the time reference associated with the encrypted data block, which is identical to the one associated with the corresponding data block to be encrypted. The value of the initialization counter is synchronized between the end sending the encrypted data and the receiving end where error value is well known programming preference).
Regarding claim 11, the combination of Nourry-Abdelhameed does disclose the vehicle network security system of claim 1, wherein the first counter and the second counter use time data in a microsecond (μs) or more (Nourry, (para. [0099]), the decryption method advantageously uses the same encryption algorithm as the one used in the encryption method. It preferably generates the same counter as the one generated in the encryption method from the time reference associated with the encrypted data block, which is identical to the one associated with the corresponding data block to be encrypted. The value of the initialization counter is synchronized between the end sending the encrypted data and the receiving end where error value is well known programming preference).
Regarding claim 12, the substance of the claimed invention is similar to that of claim 1. Accordingly, this claim is rejected under the same rationale.
Regarding claim 13, the substance of the claimed invention is similar to that of claim 7. Accordingly, this claim is rejected under the same rationale.
Regarding claim 14, the combination of Nourry-Abdelhameed does disclose the vehicle network security communication method of claim 13, wherein the decryption step includes: a second counter generation step of acquiring a factor synchronized with the time data through a pulse per second (PPS) signal received by an application software program included in an application layer of the ECU and generating the second counter using the factor; a key stream generation step of obtaining the key stream through the second counter; and a second operation step of performing the operation on the cipher text and the key stream to obtain the plain text (Abdelhameed, (para. [0049]), the gateway ECU 6, which would be a Flexray-Ethernet gateway ECU in the above example, is configured to provide interoperability between the first and the second ECU 2, 3 using the first communication standard, here the Flexray standard, and the third and the fourth ECU 4, 5 using the second communication standard, here the Ethernet standard. Therefore, the gateway ECU 6 is configured to do unidirectional or bidirectional protocol translation between the first and the second communication standard).
Regarding claim 15, the combination of Nourry-Abdelhameed does disclose the vehicle network security communication method of claim 14, wherein the first counter generation step performed in the encryption step and the second counter generation step performed in the decryption step are performed at a same point in time (Nourry, (para. [0068]), the decryption method uses the same encryption function as that used in the encryption method used at the sending end).
Regarding claim 16, the combination of Nourry-Abdelhameed does disclose the vehicle network security communication method of claim 14, wherein the key stream generation step performed in the encryption step and the key stream generation step performed in the decryption step are performed at a same point in time (Nourry, (para. [0068]), the decryption method uses the same encryption function as that used in the encryption method used at the sending end).
Regarding claim 17, the combination of Nourry-Abdelhameed does disclose the vehicle network security communication method of claim 14, wherein a time required for the first calculation step and the cipher text transmission step performed in the encryption step is longer than a time required for the second counter generation step and the key stream generation step performed in the decryption step (Nourry, (para. [0099]), the decryption method advantageously uses the same encryption algorithm as the one used in the encryption method. It preferably generates the same counter as the one generated in the encryption method from the time reference associated with the encrypted data block, which is identical to the one associated with the corresponding data block to be encrypted. The value of the initialization counter is synchronized between the end sending the encrypted data and the receiving end where error value is well known programming preference).
Regarding claim 18, the combination of Nourry-Abdelhameed does disclose the vehicle network security communication method of claim 14, wherein: the PPS signal used in the first counter generation step performed in the encryption step and the second counter generation step performed in the decryption step is acquired by connecting a software defined pin (SDP) output of an Ethernet controller included in a hardware layer to an SDP Input and then performing a setting so that a pulse is periodically emitted from the SDP output; and a period of the pulse is longer than a time required for the first counter generation step, the key stream generation step, the first calculation step, and the cipher text transmission step included in the encryption step (Abdelhameed, (para. [0013]), the communication network comprises a master clock, the first ECU having a first slave clock, the validator having a second slave clock, and a first communication bus connecting the first ECU, the validator and the master clock to each other; (para. [0048]), the master clock 8 is thus configured to provide timing signals to synchronize the slave clocks 21, 31, 41, 51, 61 of the devices 2, 3, 6 using the first communication standard and the devices 4, 5, 6 using the second communication standard of the network 1).
Regarding claim 19, the substance of the claimed invention is similar to that of claim 1. Accordingly, this claim is rejected under the same rationale.
Regarding claim 20, the substance of the claimed invention is similar to that of claim 11. Accordingly, this claim is rejected under the same rationale.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US Pub. No. 2019/0229901, “offer significant technical improvements in data transmission in a platform for maintaining the confidentiality of the data. Counter mode encryption used in each pair of cryptographic engines connected via a link in a platform can maintain the confidentiality of transiting data while offering the unique advantage of being transparent both in bandwidth and latency, as only an exclusive OR (XOR) gate is added to the data path and an XOR gate can typically be absorbed by the controller cycle time. Thus, embodiments with counter mode encryption incur no or negligible impact to the link bandwidth. Additionally, by detecting and recovering from counters being out of sync, embodiments described herein can maintain link reliability such that the encryption scheme is prevented from generating infinite error propagation on the link”.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MORSHED MEHEDI whose telephone number is (571) 270-7640. The examiner can normally be reached on M - F, 8:00 am to 4:00 pm EST. If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Linglan Edwards can be reach on (571) 270-5440. The fax number for the organization where this application or proceeding is assigned is (571) 273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from their Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (In USA or Canada) or 571-272-1000.
/MORSHED MEHEDI/Primary Examiner, Art Unit 2408
Prosecution Insights