DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Objections
Claim(s) 1 is objected to because claim 1 key switching method claim limitation with “if” condition. Examiner submits that if the conditional limitation step is not reached, then the remaining limitation steps do not have to be performed and will render the remaining limitations not valid, therefore, it will not be required to show anticipation or obviousness for all paths of the conditional limitation. Examiner suggests replacing “if” with “when”.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Gentry (Pub. No. US 20150358153 A1) in view of Kreishan et al. (Pub. No. US 20220322083 A1)(hereinafter Kreishan) further in view of Church et al. (US 11425559 B1)(hereinafter Church) and further in view of Gentry (Pub. No. US 20130216044 A1)(hereinafter Gentry II).
Regarding Claim 1, Gentry teaches an electronic apparatus comprising: a communication device connected to a network(Gentry [0342]“The system 100 may include at least one communications component 114(i.e. communication device) that enables communication with at least one other component, system, device and/or apparatus. As non-limiting examples, (wherein a communication device connected to a network is disclosed further in [0342])the communications component 114(i.e. communication device) may include a transceiver configured to send and receive information, a transmitter configured to send information and/or a receiver configured to receive information. …the communications component 114 may comprise a modem or network card. The system 100 of FIG. 1 may be embodied in a computer or computer system, such as a desktop computer, a portable computer or a server, as non-limiting examples.”);
a memory for storing a public key generated using a homomorphic encryption method([0341]“ The system 100 may also include at least one memory 106 (e.g., a volatile memory device, a non-volatile memory device), and/or at least one storage 108. …The storage 108 may include a non-volatile memory device (e.g., EEPROM, ROM, PROM, RAM, DRAM, SRAM, flash, firmware, programmable logic, etc.), magnetic disk drive, optical disk drive and/or tape drive, as non-limiting examples. The storage 108 may comprise an internal storage device, an attached storage device and/or a network accessible storage device”)
([0343] “It should be noted that in accordance with the exemplary embodiments of the invention, one or more of the circuitry 102, processor(s) 104, memory 106, storage 108, program logic 110 and/or communications component 114 may store one or more of the various items (e.g., public/private key(s), ciphertexts, encrypted items, matrices, variables, equations, formula, operations, operational logic, logic) discussed herein. …one or more of the above-identified components may receive and/or store the information (e.g., to be encrypted, resulting from decryption) and/or the ciphertext (e.g., to be decrypted, to be operated on homomorphically, resulting from encryption”)(i.e. homomorphic encryption method)
Gentry teaches check whether the first encrypted data includes predetermined information by performing the homomorphic operation, which corresponds to a predetermined detection function, on the generated second encrypted data ([0018]“ What can one do with an encryption scheme that is fully homomorphic: a scheme ε with an efficient algorithm Evaluate, that, for any valid public key pk, any circuit C (not just a circuit consisting of multiplication gates as in RSA), and any ciphertexts ψ.sub.i←Encrypt.sub.ε(pk,π.sub.i), outputs
ψ←Evaluate.sub.ε(pk,C,ψ.sub.i, . . . ,ψ.sub.t),
a valid encryption of C(π.sub.1, . . . ,π.sub.1) under pk? Their answer: one can arbitrarily compute on encrypted data, i.e., one can process encrypted data (query it, write into it, do anything to it that can be efficiently expressed as a circuit) without the decryption key. As an application, they suggested private data banks. A user can store its data on an untrusted server in encrypted form. Later, the user can send a query on the data to the server, whereupon the server can express this query as a circuit(e.g. predetermined detection function) to be applied to the data, and use the Evaluate.sub.ε algorithm to construct an encrypted response to the user's query, which the user then decrypts”)
(Gentry describes searching over encrypted data, where a server applies a query circuit C (e.g. predetermined detection function) to encrypted inputs and returns ciphertexts corresponding to files satisfying the query on para.[0030][0031][0032][0033] (Gentry [0030] “One non-limiting application of fully homomorphic encryption is in a two-party setting. A simple example is making encrypted queries to search engines. Referring to FIG. 2, to perform an encrypted search a party (requestor 1)(i.e. first encrypted data) generates a public key pk for the fully homomorphic encryption scheme, and generates ciphertexts ψ.sub.1, . . . , ψ.sub.t that encrypt the query π.sub.1, . . . , π.sub.t under pk. (For example, each π.sub.i could be a single bit of the query.) Now, let the circuit C (e.g. predetermined detection function) express a search engine server 2(i.e. second encrypted data) search function for data stored in storage 3. The server 2(i.e. second encrypted data) sets ψ.sub.i.sup.*←Evaluate((pk, C.sub.i, ψ.sub.1, . . . , ψ.sub.i), where C.sub.i is the sub-circuit of C that computes the ith bit of the output. Note that, in practice, the evaluation of C.sub.i.sup.* and C.sub.j.sup.* may share intermediate results, in which case it may be needlessly inefficient to run independent instances of the Evaluate algorithm. The server 2(i.e. second encrypted data) sends these ciphertexts to the requestor 1(i.e. first encrypted data) . It is known that, by the correctness requirement, Decrypt(sk,ψ.sub.i.sup.*)=C.sub.i(π.sub.1, . . . , π.sub.t). These latter values constitute precisely the answer to the query, which is recoverable through decryption.”)
([0031]“ As another non-limiting application, the exemplary embodiments of this invention enable searching over encrypted data. In this scenario, assume that the requestor 1(i.e. first encrypted data) stores files on the server 2(i.e. second encrypted data) (e.g., on the Internet), so that the requestor 1(i.e. first encrypted data) can conveniently access these files without needing the requestor's computer. However, the requestor encrypts the files, otherwise the server 2(i.e. second encrypted data) could potentially read the private data. Let bits π.sub.1, . . . , π.sub.t represent the files, which are encrypted in the ciphertexts ψ.sub.1, . . . , ψ.sub.t. Assume then that the requestor 1(i.e. first encrypted data) later wants to download all encrypted files that satisfy a query, e.g., all files containing the word ‘homomorphic’ within 5 words of ‘encryption’, but not the word ‘evoting’. The requestor 1(i.e. first encrypted data) sends the query to the server 2(i.e. second encrypted data), which expresses it as a circuit C(e.g. predetermined detection function). The server sets ψ.sub.i.sup.*←Evaluate(pk, C.sub.i, ψ.sub.1, . . . , ψ.sub.t) and sends these ciphertexts to the requestor 1(i.e. first encrypted data). who decrypts the returned ciphertexts to recover C(π.sub.1, . . . ,π.sub.t)), the (bits of the) files that satisfy the query.”)
[0032] Note that in this application, as in the encrypted search application, the requestor preferably provides an upper bound on the number of bits that the response should have, and the encrypted response from the server 2(i.e. second encrypted data) is padded or truncated to meet the upper bound.
[0033] Fully homomorphic encryption has numerous applications. For example, it enables private search engine queries where the search engine responds to a query without knowledge of the query, i.e., a search engine can provide a succinct encrypted answer to an encrypted (Boolean) query without knowing what the query was. It also enables searching on encrypted data; one can store encrypted data on a remote server and later have the server retrieve only files that (when decrypted) satisfy some Boolean constraint, even though the server cannot decrypt the files on its own. More broadly, fully homomorphic encryption improves the efficiency of secure multiparty computation.
Gentry fails to explicitly teach, and an evaluation key used for an homomorphic operation; and
However, Kreishan teaches and an evaluation key used for an homomorphic operation(Kreishan ([0108]“ In processing operation 340, the communication management resource 145 applies homomorphic encryption (such as via retrieved encryption key 129) to the code vectors of the biometric information 199 using the encryption key 129 (such as secret key of the communication device 110) to produce encrypted biometric information 199-ENC1. In one embodiment, the encryption key 129 also supports wireless communications between the communication device 110 and the wireless network 190.”)
([0109] “In processing operation 350, the communication management resource 145 and corresponding communication device 110 transmit a username and/or device ID XXXY (such as assigned network address or other suitable information) along with the encrypted code vectors and an evaluation key (such as biometric information 199-ENC1) to the wireless service provider (carrier) system (such as communication management resource 195) during registration. As previously discussed, the code vectors in the encrypted biometric information 199-ENC1) are encrypted using homomorphic encryption.”; [0032] … the authentication resource applies an evaluation key to the comparison evaluation information to retrieve evaluation results of comparing the first encrypted biometric information and the second encrypted biometric information… [0148]–[0151] using the evaluation key to decrypt or interpret the comparison result.); and
Gentry and Kreishan are analogues in that they both are in the same field of communication and wireless network environment. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Gentry to incorporate the teachings of Kreishan about an evaluation key used for an homomorphic operation. Doing so would aid in the network standards, the authentication will contain the credentials in this case they are the device ID or username, encrypted code vectors and the evaluation key. [0014] Kreishan
The combination of Gentry in view of Kreishan fails to explicitly teach a processor configured to generate second encrypted data by using first encrypted data, the public key.
However, Church teaches a processor configured to generate second encrypted data by using first encrypted data(Church Col. 2 Ln. 53-63 “the encryption module 102(i.e. processor) is configured to encrypt the first encrypted data 108 so as to generate second encrypted data 112. The encryption module 102 may also use Layer 2 encrypted tunneling during the encryption of the first encrypted data 106 and the encryption may be provided in accordance with AES 256 encryption algorithms. Since the data 106 is encrypted into the first encrypted data 108 and the first encrypted data 108 is encrypted(e.g. using first encrypted data) into the second encrypted data 112, the encryption module 102 is configured to provide double data encryption to the data 106”),
the public key(Church Col. 2 Ln. 65-67 and Col. 3 Ln. 1-5 “The encryption module 102 may encrypt the data 106 to generate the first encrypted data 108 and encrypt the first encrypted data 108 so as to generate the second encrypted data 112 using one or more pre-placed public keys (PPPKs). Thus, a different PPPK may be used by the encryption module 102 to generate the first encrypted data 108 from the data 106 and to generate the second encrypted data 112 from the first encrypted data 108. ”), and
Gentry, Kreishan and Church are analogues in that they are in the same field of communication and wireless network environment. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Gentry in view of Kreishan to incorporate the teachings of Church about a processor configured to generate second encrypted data by using first encrypted data, the public key. Doing so would aid in by providing the double encryption in a single device, the data transmission network device has greater spectral efficiency and is a much more cost-effective solution than what is currently provided in the market. [Summary] Church
The combination of Gentry in view of Kreishan further in view of Church fails to explicitly teach a key switching method if the first encrypted data transmitted and received through the network is acquired through the communication device.
However, Gentry II teaches a key switching method(Gentry II [0006]“ In an exemplary embodiment, a method is disclosed that includes performing homomorphic evaluation of a function on one or more input ciphertexts, where the one or more input ciphertexts were encrypted using a public key of an encryption scheme that also comprises a plurality of secret keys and a phi ht of moduli, where the moduli are integers. Performing the homomorphic evaluation of the function comprises performing one or more operations on the input ciphertexts. Performing the one or more operations comprises: performing a key-switching transformation on selected ones of the one or more input ciphertexts, where performing a key-switching transformation on a selected ciphertext comprises converting a first version of the selected ciphertext with respect to a first of the plurality of secret keys and a first modulus to a second version of the selected ciphertext with respect to a second of the plurality of secret keys and a second modulus, where the second modulus is an integer factor p times the first modulus, where p>1, and where each of the key switching transformations is performed prior to or after the one or more operations are more results of the one or more operations.”)
([0064]“ Key Switching”) ([0065]“ The public key of BGV-type cryptosystems includes additional components to enable converting a valid ciphertext with respect to one key into a valid ciphertext encrypting the same plaintext with respect to another key. For example, this is used to convert the product ciphertext which is valid with respect to a high-dimension key back to ciphertext with respect to the original low-dimension key.”) if the first encrypted data transmitted and received through the network is acquired through the communication device([0029]“ communications device 114… the communications component 114 may include a transceiver configured to send and receive information, transmitter configured to send information and/or a receiver configured to receive information. …”)
([0030] “communications component 114 may store one or more of the various items (e.g., public/private key(s), ciphertexts, encrypted items, matrices, variables, equations, formula, operations, operational logic, logic)… one or more of the above-identified components may receive and/or store the plaintext (e.g., to be encrypted or resulting from decryption) and/or the ciphertext (e.g., to be decrypted, to be operated on homomorphically, or resulting from encryption). As a further non-limiting example, one or more of the above-identified components may receive and/or store the encryption function(s) and/or the decryption function(s), as described herein.”) , and
Gentry, Kreishan, Church, and Gentry II are analogues in that they are in the same field of communication and wireless network environment. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Gentry in view of Kreishan further in view of Church to incorporate the teachings of Gentry II about a key switching method if the first encrypted data transmitted and received through the network is acquired through the communication device. Doing so would aid in how a key switching transformation converts a ciphertext with respect to a first secret key and a first modulus to a ciphertext with respect to a second secret key and a second modulus. [Abstract] Gentry II
Regarding Claim 8, claim 8 is a method claim that further recites similar limitations as claim 1 and is being rejected based on the same rational as claim 1 above.
Regarding Claim 15, claim 15 recites similar limitations as claim 1 and is being rejected based on the same rational as claim 1 above Gentry further teaches a non-transitory computer-readable recording medium storing a program for executing (Gentry [0375] “The exemplary embodiments of the invention, as discussed herein and as particularly described with respect to exemplary methods, may be implemented in conjunction with a program storage device (e.g., at least one memory, computer-readable memory, computer-readable medium, computer-readable storage medium, computer-readable storage device, non-transitory computer-readable medium such as memory”).
Regarding Claim 2, Gentry in view of Kreishan further in view of Church and further in view of Gentry II teach the apparatus as claimed in claim 1, outlined above.
The combination of Gentry in view of Kreishan further in view of Church fails to explicitly teach wherein the processor is configured to acquire the first encrypted data and a session key ciphertext, which is generated by homomorphically encrypting a session key used for encrypting the first encrypted data, the session key ciphertext being generated by homomorphically encrypting the session key using the public key, and use the key switching method to generate the second encrypted data capable of being decrypted using a secret key corresponding to the public key by using the session key which is a decryption key for the first encrypted data.
Gentry II further teaches wherein the processor is configured to acquire the first encrypted data(Gentry II [0007] “An apparatus includes one or more memories comprising computer-readable program code and one or more processors”.)
and a session key ciphertext, which is generated by homomorphically encrypting a session key used for encrypting the first encrypted data, the session key ciphertext being generated by homomorphically encrypting the session key using the public key and use the key switching method to generate the second encrypted data capable of being decrypted using a secret key corresponding to the public key by using the session key which is a decryption key for the first encrypted data(Gentry II [0008] “An apparatus(i.e. processor) comprises means for performing homomorphic evaluation of a function on one or more input ciphertexts(i.e. first encrypted data), where the one or more input ciphertexts(i.e. first encrypted data), were encrypted using a public key of an encryption scheme that also comprises a plurality of secret keys(i.e. secret key) and a plurality of moduli, where the moduli are integers(i.e. session keys), and where the means for performing the homomorphic evaluation of the function comprises means for performing one or more operations on the input ciphertexts(i.e. first encrypted data), and where the means for performing the one or more operations comprises: means for performing a key-switching transformation on selected ones of the one or more input ciphertexts(i.e. first encrypted data), were performing a key-switching transformation on a selected ciphertext comprises converting a first version of the selected ciphertext(i.e. first encrypted data) with respect to a first of the plurality of secret keys(i.e. secret key) and a first modulus(i.e. session key) to a second version of the selected ciphertext(i.e. second encrypted data) with respect to a second of the plurality of secret keys(i.e. second secret key) and a second modulus(i.e. second session key), where the second modulus(i.e. second session key) is an integer factor p times the first modulus(i.e. which is a decryption key for the first encrypted data), where p>1, where each of the key switching transformations is performed prior to or after the one or more operations are evaluated; and means for outputting one or more results of the one or more operations.”)
(“[0030] It should be noted that in accordance with the exemplary embodiments of the invention, one or more of the circuitry 102, processor(s) 104, memory 106, storage 108, program logic 110 and/or communications component 114 may store one or more of the various items (e.g., public/private key(s), ciphertexts, encrypted items, matrices, variables, equations, formula, operations, operational logic, logic) discussed herein. As a non-limiting example, one or more of the above-identified components may receive and/or store the plaintext (e.g., to be encrypted or resulting from decryption) and/or the ciphertext (e.g., to be decrypted, to be operated on homomorphically, or resulting from encryption).”)
Gentry, Kreishan, and Church are analogues in that they are in the same field of communication, electronic devices and wireless network environment. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Gentry in view of Kreishan further in view of Church to incorporate the teachings of Gentry II about the processor is configured to acquire the first encrypted data and a session key ciphertext, which is generated by homomorphically encrypting a session key used for encrypting the first encrypted data, the session key ciphertext being generated by homomorphically encrypting the session key using the public key, and use the key switching method to generate the second encrypted data capable of being decrypted using a secret key corresponding to the public key by using the session key which is a decryption key for the first encrypted data. Doing so would aid in performing the homomorphic evaluation of the function comprises performing one or more operations on the input ciphertexts. Gentry II [0006]
Regarding Claim 9, claim 9 is the method as claim in 8 that further recites similar limitations as claim 2 and is being rejected based on the same rational as claim 2 above.
Regarding Claim 3, Gentry in view of Kreishan further in view of Church and further in view of Gentry II teaches the apparatus as claimed in claim 1, outlined above.
The combination of Gentry in view of Kreishan further in view of Church fails to explicitly teach wherein the first encrypted data is data encrypted using a derived public key that is generated by calculating the public key and a session key, and the processor is configured to acquire the first encrypted data and a session key ciphertext, which is generated by homomorphically encrypting the session key using the public key, and uses the key switching method to generate the second encrypted data capable of being decrypted using a secret key corresponding to the public key by using the derived public key which is a decryption key for the first encrypted data.
However, Gentry II teaches wherein the first encrypted data is data encrypted using a derived public key that is generated by calculating the public key and a session key, and the processor is configured to acquire the first encrypted data and a session key ciphertext, which is generated by homomorphically encrypting the session key using the public key, and uses the key switching method to generate the second encrypted data capable of being decrypted using a secret key corresponding to the public key by using the derived public key which is a decryption key for the first encrypted data(Gentry II [0009]“ Note that the flow in FIG. 3A may be performed by the system 100 (see FIG. 1), e.g., by the one or more processors 104 and/or circuitry 102, e.g., in response to execution of the code 112 in program logic 110. The system 100 may be the search engine server 2, in an exemplary embodiment. In block 300, the system 100 performs the operation of performing homomorphic evaluation of a function on one or more input ciphertexts. The one or more input ciphertexts were encrypted using a public key of an encryption scheme that also comprises a plurality of secret keys and a plurality of moduli, where the moduli are integers. The performing the homomorphic evaluation of the function comprises performing one or more operations on the input ciphertexts. In an example, a function is to be evaluated, where the function comprises one or multiple operations such as the semantic operations addition, multiplication, and automorphism, described above in Section 2.2.”) ([0091] “In block 310, the system 100 performs the operation of performing a key-switching transformation on selected ones of the one or more input ciphertexts. Performing a key-switching transformation on a selected ciphertext comprises converting a first version of the selected ciphertext with respect to a first of the plurality of secret keys and a first modulus to a second version of the selected ciphertext with respect to a second of the plurality of secret keys and a second modulus. The second modulus is an integer factor p times the first modulus, where p>1. In block 320, each of the key switching transformations is performed prior to or after the one or more operations are evaluated. That is, a key switching transformation may be performed, e.g., after a multiplication operation, after an automorphism, or before other operations (such as modulus switching). In block 330, the system 100 performs the operation of outputting one or more results of the one or more operations. The one or more results may be output to, e.g., the storage 108, the memories 106, or the communications component 114. In block 340, file system 100 performs the operation of outputting one or more results of the evaluation of the function.”).
([0033] “ As previously described, a simple example is making encrypted queries to search engines. Referring to FIG. 2, to perform an encrypted search a party (requestor 1) generates a public key pk (and a plurality, N, of secret keys, s.sup.k) for the homomorphic encryption scheme, and generates ciphertexts c.sub.1, . . . c.sub.i that encrypt the query .pi..sub.1, . . . , .pi..sub.t under pk. For example, each .pi..sub.i could be a single bit of the query. Now, let the circuit C express a search engine server 2 search function for data stored in storage 3. The server 2 sets c.sub.i*.rarw.Evaluate (p.sub.k, C.sub.i, c.sub.1, . . . , c.sub.t) where C.sub.i is the sub-circuit of C that computes the i'th bit of the output. Note that, in practice, the evaluation of c.sub.i* and c.sub.j* may share intermediate results, in which case it may be needlessly inefficient to run independent instances of the Evaluate algorithm. The server 2 sends these ciphertexts to the requester 1. It is known that Decrypt(s.sup.k,c.sub.i*)=C.sub.i(.pi..sub.1, . . . , .pi..sub.t). These latter values constitute precisely the answer to the query, which is recoverable through decryption.”).
Gentry, Kreishan, Church and Gentry II are analogues in that they are in the same field of communication, electronic devices and wireless network environment. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Gentry in view of Kreishan further in view of Church to incorporate the teachings of Gentry II about the first encrypted data is data encrypted using a derived public key that is generated by calculating the public key and a session key, and the processor is configured to acquire the first encrypted data and a session key ciphertext, which is generated by homomorphically encrypting the session key using the public key, and uses the key switching method to generate the second encrypted data capable of being decrypted using a secret key corresponding to the public key by using the derived public key which is a decryption key for the first encrypted data. Doing so would aid in performing homomorphic evaluation of a function on one or more input ciphertexts, where the one or more input ciphertexts were encrypted using a public key of an encryption scheme that also comprises a plurality of secret keys. Gentry II [0006]
Regarding Claim 10, claim 10 is the method as claim in 8 that further recites similar limitations as claim 3 and is being rejected based on the same rational as claim 3 above.
Regarding Claim 4, Gentry in view of Kreishan further in view of Church and further in view of Gentry II teach the apparatus as claimed in claim 1, outlined above.
The combination of Gentry in view of Kreishan further in view of Gentry II fails to explicitly teach wherein the first encrypted data is data encrypted using a symmetric key method, and the second encrypted data is data homomorphically encrypted using a public key method.
Moreover, Church teaches wherein the first encrypted data is data encrypted using a symmetric key method (Church Col. 2 Ln. 53-67 and Col. 3 Ln 1-5 “the encryption module 102(i.e. processor) is configured to encrypt the first encrypted data 108 so as to generate second encrypted data 112. The encryption module 102 may also use Layer 2 encrypted tunneling(i.e. symmetric key method) during the encryption of the first encrypted data 106 and the encryption may be provided in accordance with AES 256 encryption algorithms. Since the data 106 is encrypted into the first encrypted data 108 and the first encrypted data 108 is encrypted(e.g. using first encrypted data) into the second encrypted data 112, and
Gentry, Kreishan, Church, and Gentry II are analogues in that they are in the same field of communication, electronic devices and wireless network environment. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Gentry in view of Kreishan further in view of Gentry II to incorporate the teachings of Church about the first encrypted data is data encrypted using a symmetric key method. Doing so would aid in the more efficient systems for providing secure RF computer networking links. Church Col. 1 Ln. 35-36
The combination of Gentry further in view of Church and further in view of Gentry II teach fails to explicitly teach the second encrypted data is data homomorphically encrypted using a public key method.
Moreover, Kreishan teaches the second encrypted data is data homomorphically encrypted using a public key method(Kreishan “[0108] In processing operation 340, the communication management resource 145 applies homomorphic encryption (such as via retrieved encryption key 129) to the code vectors of the biometric information 199 using the encryption key 129(wherein the public key is used in the encryption of the code vectors as disclosed in [0083])(such as secret key of the communication device 110) to produce encrypted biometric information 199-ENC1(i.e. second encrypted data).
Gentry, Kreishan, Church, and Gentry II are analogues in that they are in the same field of communication, electronic devices and wireless network environment. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Gentry further in view of Church further in view of Gentry II to incorporate the teachings of Kreishan about the second encrypted data is data homomorphically encrypted using a public key method. Doing so would aid in the communication management hardware communicates the first encrypted biometric information and an identity of the mobile communication device over a wireless network to an authentication resource that authenticates subsequent use of the wireless network by the mobile communication device. Kreishan [0018]
Regarding Claim 11, claim 11 is the method as claim in 8 that further recites similar limitations as claim 4 and is being rejected based on the same rational as claim 4 above.
Regarding Claim 5, Gentry in view of Kreishan further in view of Church and further in view of Gentry II teach the apparatus as claimed in claim 1, outlined above.
The combination of Gentry further in view of Church and further in view of Gentry II fails to explicitly teach wherein the processor is configured to control the communication device to transmit a homomorphic ciphertext, on which the homomorphic operation is performed, to an external device having a secret key corresponding to the public key, and check whether the first encrypted data includes the predetermined information based on a verification result notified by the external device.
Moreover, Kreishan teaches wherein the processor is configured to control the communication device to transmit a homomorphic ciphertext(Kreishan [0109] “In processing operation 350, the communication management resource 145 and corresponding communication device 110 transmit a username and/or device ID XXXY (such as assigned network address or other suitable information) along with the encrypted code vectors(i.e. ciphertext) and an evaluation key (such as biometric information 199-ENC1) to the wireless service provider (carrier) system (such as communication management resource 195) during registration. As previously discussed, the code vectors in the encrypted biometric information 199-ENC1) are encrypted using homomorphic encryption.”),
on which the homomorphic operation is performed, to an external device having a secret key corresponding to the public key, and check whether the first encrypted data includes the predetermined information based on a verification result notified by the external device([0032]“To authenticate the mobile communication device, the authentication resource performs a comparison of the first encrypted biometric information and the second encrypted biometric information. Based on the comparison, the authentication resource produces comparison evaluation information. In one embodiment, the authentication resource applies an evaluation key to the comparison evaluation information to retrieve evaluation results of comparing the first encrypted biometric information and the second encrypted biometric information. As further discussed herein, one embodiment includes implementing so-called homomorphic encryption, which allows computation on encrypted data (such as vectors). For example, such a form of encryption allows computations to be carried out on cipher text, allows the match to be conducted on an encrypted dataset without decrypting the reference biometric, and returns an encrypted match result. Based on the evaluation results, the authentication resource produces a notification indicating a decision to grant (or not to grant) the mobile communication device use of the wireless network. The authentication resource or other suitable entity communicates the notification to the mobile communication device.”).
Gentry, Kreishan, Church, and Gentry II are analogues in that they are in the same field of communication, electronic devices and wireless network environment. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Gentry further in view of Church further in view of Gentry II to incorporate the teachings of Kreishan about the processor is configured to control the communication device to transmit a homomorphic ciphertext, on which the homomorphic operation is performed, to an external device having a secret key corresponding to the public key, and check whether the first encrypted data includes the predetermined information based on a verification result notified by the external device. Doing so would aid in how the ID information is used to authenticate a subscriber on multiple applications such as to provide access to wireless mobile networks. Kreishan [0007]
Regarding Claim 12, claim 12 is the method as claim in 8 that further recites similar limitations as claim 5 and is being rejected based on the same rational as claim 5 above.
Regarding Claim 6, Gentry in view of Kreishan further in view of Church and further in view of Gentry II teach the apparatus as claimed in claim 5, outlined above.
The combination of Gentry further in view of Church and further in view of Gentry II fails to explicitly teach wherein the processor is configured to control the communication device to transmit the first encrypted data to the external device based on the verification result notified by the external device, and verify the inclusion of the predetermined information by using plaintext data decrypted by the external device.
Moreover, Kreishan teaches wherein the processor is configured to control the communication device to transmit the first encrypted data to the external device based on the verification result notified by the external device, and verify the inclusion of the predetermined information by using plaintext data decrypted by the external device(Kreishan [0032]“Based on the evaluation results, the authentication resource produces a notification indicating a decision to grant (or not to grant) the mobile communication device use of the wireless network. The authentication resource or other suitable entity communicates the notification to the mobile communication device.”).
Gentry, Kreishan, Church, and Gentry II are analogues in that they are in the same field of communication, electronic devices and wireless network environment. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Gentry further in view of Church and further in view of Gentry II to incorporate the teachings of Kreishan about the processor is configured to control the communication device to transmit the first encrypted data to the external device based on the verification result notified by the external device, and verify the inclusion of the predetermined information by using plaintext data decrypted by the external device. Doing so would aid in how to authenticate the mobile communication device. Kreishan [0032]
Regarding Claim 13, claim 13 is the method as claim in 12 that further recites similar limitations as claim 6 and is being rejected based on the same rational as claim 6 above.
Regarding Claim 7, Gentry in view of Kreishan further in view of Church and further in view of Gentry II teach the apparatus as claimed in claim 1, outlined above.
The combination of Gentry further in view of Church and further in view of Gentry II fails to explicitly teach wherein the processor is configured to check whether the first encrypted data includes the predetermined information in the encrypted data transmitted to an internet protocol (IP) address other than a predetermined IP address in case of acquiring sender IP address information and receiver IP address information, corresponding to the first encrypted data.
Moreover, Kreishan teaches wherein the processor is configured to check whether the first encrypted data includes the predetermined information in the encrypted data transmitted to an internet protocol (IP) address other than a predetermined IP address in case of acquiring sender IP address information and receiver IP address information, corresponding to the first encrypted data(Kreishan [0109] “] In processing operation 350, the communication management resource 145 and corresponding communication device 110 transmit a username and/or device ID XXXY (such as assigned(i.e. predetermined) network address or other suitable information) along with the encrypted code vectors and an evaluation key (such as biometric information 199-ENC1) to the wireless service provider (carrier) system (such as communication management resource 195) during registration. As previously discussed, the code vectors in the encrypted biometric information 199-ENC1) are encrypted using homomorphic encryption.”).
Gentry, Kreishan, Church, and Gentry II are analogues in that they are in the same field of communication, electronic devices and wireless network environment. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Gentry further in view of Church and further in view of Gentry II to incorporate the teachings of Kreishan about the processor is configured to check whether the first encrypted data includes the predetermined information in the encrypted data transmitted to an internet protocol (IP) address other than a predetermined IP address in case of acquiring sender IP address information and receiver IP address information, corresponding to the first encrypted data. Doing so would aid and supports wireless communications between the communication device and the wireless network. Kreishan [0108]
Regarding Claim 14, claim 14 is the method as claim in 8 that further recites similar limitations as claim 7 and is being rejected based on the same rational as claim 7 above.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure.
Cheon et al. (Pub. No. US 20230344617 A1) teaches apparatus for bootstrap processing homomorphic encrypted message and method thereof.
Moon et al. (Pub. No. US 20230141837 A1) teaches device for supporting homomorphic encryption operation and operating method thereof.
REN et al. (Pub. No. US 20170048058 A1) teaches a method and system for generating/decrypting ciphertext, and method and system for searching ciphertexts in a database.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MALA BOYD whose telephone number is (571)272-6450. The examiner can normally be reached M-F 7:30-4:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached at (571)-272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Mala Boyd/
Patent Examiner, Art Unit 2497
/ELENI A SHIFERAW/ Supervisory Patent Examiner, Art Unit 2497