Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsSamsung Electronics Co., Ltd. › 18970220
Last updated: April 19, 2026
Application No. 18/970,220

INTEGRATED CIRCUIT FOR GENEREATING KEY ENCRYPTING KEY AND OPERATING METHOD THEREOF

Non-Final OA §103
Filed
Dec 05, 2024
Examiner
BHANDARI, SHREYAJ RAM
Art Unit
2434
Tech Center
2400 — Computer Networks
Assignee
Samsung Electronics Co., Ltd.
OA Round
1 (Non-Final)
Grant Probability
Favorable
1-2
OA Rounds
3y 1m
To Grant

Examiner Intelligence

BHANDARI, SHREYAJ RAM View full profile →
Grants only 0% of cases
0%
Career Allow Rate
0 granted / 0 resolved
-58.0% vs TC avg
Minimal +0% lift
Without
With
+0.0%
Interview Lift
resolved cases with interview
Typical timeline
3y 1m
Avg Prosecution
3 currently pending
Career history
3
Total Applications
across all art units

Statute-Specific Performance

§103
85.7%
+45.7% vs TC avg
§112
14.3%
-25.7% vs TC avg
Black line = Tech Center average estimate • Based on career data from 0 resolved cases

Office Action

§103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Claims 1-20 have been examined Drawings The drawings filed on December 5, 2024 are acceptable for examination proceedings. Specification The specification filed on December 5, 2024 is acceptable for examination proceedings. Priority Acknowledgment is made of applicant’s claim for foreign priority under 35 U.S.C. 119 (a)-(d). The certified copy has been filed with the current application on January 8, 2025. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1, 3-6, 9-14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Numata (US 20210103653 A1, hereinafter referred to as Numata) in view of Sakib (US 20220391510 A1, hereinafter referred to as Sakib) and in further view of Haidamous (EP 1429224 A1, hereinafter referred to as Haidamous). Regarding claim 1, Numata discloses: A method of operating an integrated circuit, the method being executed by at least one processor (Numata: Paragraph [0180] states, "Each of the various functions described in the present embodiment may be implemented by a circuit. An example of the process circuit includes a programmed processor, such as a central process unit (CPU). The processor performs described each function by executing a computer program or a group of commands stored in a memory. The processor may be a microprocessor that includes an electrical circuit. An example of the circuit also includes a digital signal processor (DSP), an application specific integrated circuit (ASIC), a microcontroller, a controller, and other electrical circuit components."), the method comprising: generating a key encryption key (KEK) using a random number generator (Numata: Paragraph [0109] states, "The KEK encryption key generation unit 416 generates an encryption key for encrypting a KEK (i.e., KEK encryption key) by using the volatile random number 511 generated by the random number generation unit 415."); generating log data corresponding to the KEK using a log generator (Paragraph [0098] states, "A hash value, a checksum, a hash-based message authentication code (HMAC), or the like may be used as the verification value 52." Paragraph [0111] states, "The verification value generation unit 418 generates the verification value 52 of the lock release information 51. The lock release information 51 includes the volatile random number 511 generated by the random number generation unit 415, a range index list 512 indicating a range whose lock is released, and an eKEK 513 generated by the KEK encryption unit 417." Paragraph [0180] states, "Each of the various functions described in the present embodiment may be implemented by a circuit. An example of the process circuit includes a programmed processor, such as a central process unit (CPU). The processor performs described each function by executing a computer program or a group of commands stored in a memory. The processor may be a microprocessor that includes an electrical circuit. An example of the circuit also includes a digital signal processor (DSP), an application specific integrated circuit (ASIC), a microcontroller, a controller, and other electrical circuit components."); and storing [the KEK and the log data] in a one-time programmable (OTP) memory, wherein the KEK is used to encrypt a master key of the integrated circuit for a cryptographic operation, and wherein the random number generator and the log generator are comprised in the integrated circuit (Numata: Paragraph [0040] states, "The e-Fuse 22 stores an e-Fuse Key 22A used for encryption." Paragraph [0061] states, "The first range 81, the second range 82, and the third range 83 are each encrypted, and a first encryption key for the encryption is referred to as a media encryption key (MEK)." Paragraph [0105] states, "The eMEK is data obtained by previously encrypting the MEK in a certain range by using the KEK as an encryption key." Paragraph [0098] states, "A hash value, a checksum, a hash-based message authentication code (HMAC), or the like may be used as the verification value 52." Paragraph [0111] states, "The verification value generation unit 418 generates the verification value 52 of the lock release information 51. The lock release information 51 includes the volatile random number 511 generated by the random number generation unit 415, a range index list 512 indicating a range whose lock is released, and an eKEK 513 generated by the KEK encryption unit 417." Paragraph [0180] states, "Each of the various functions described in the present embodiment may be implemented by a circuit. An example of the process circuit includes a programmed processor, such as a central process unit (CPU). The processor performs described each function by executing a computer program or a group of commands stored in a memory. The processor may be a microprocessor that includes an electrical circuit. An example of the circuit also includes a digital signal processor (DSP), an application specific integrated circuit (ASIC), a microcontroller, a controller, and other electrical circuit components."), but fails to explicitly disclose: storing the KEK and the log data in a one-time programmable (OTP) memory. However, in the same field of endeavor, Sakib discloses: storing [the KEK and] the log data in a one-time programmable (OTP) memory (Sakib: Paragraph [0024] states, "Each of fuse banks 220A, 220B, 220C, and 220D comprises a plurality of one-time programmable fuses. The fuses may be electronic fuses (i.e., eFuses) or anti-fuses that have one of two different states. An e-fuse is a microscopic fuse in a computer chip, which may be fabricated of a semiconductor material (e.g., silicon) and/or metal traces. An e-fuse may be blown by electromigration or in another suitable manner. However, the embodiments described herein are not so limited. Data may be written (or programmed) to a fuse bank by selectively blowing fuses in the fuse bank, where a blown fuse may correspond to a value of “1”, and an unblown fuse may correspond to a value of “0”, or vice versa. Each of fuse banks 220A, 220B, 220C, and 220D is configured to store a public key of a particular entity that owns SoC 102. As defined herein, an entity may include, but is not limited to, a person, a company, an organization, an enterprise, etc. In accordance with an embodiment, each of fuse banks 220A, 220B, 220C and 220D stores a hash representative of the public key."). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify the teaching of Numata and include the above limitation with the teaching of Sakib in order to mitigate the ability of "a malicious entity to hijack the firmware and insert their own malicious code into the firmware" (Sakib: [0002]). Sakib fails to explicitly disclose: storing the KEK…in a one-time programmable (OTP) memory. However, in the same field of endeavor, Haidamous discloses: storing the KEK…in a one-time programmable (OTP) memory (Haidmous: Paragraph [0240] states, "The KEK is a value generated from a random seed (Random Number Generator output) during device production and stored on-chip in an eFuse array."). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify the teaching of Numata as modified by Sakib and include the above limitation with the teaching of Haidmous in order for "detecting any "on the fly" firmware replacement by, for instance, physical memory devices substitution" (Haidmous: Paragraph [0010]). Regarding claim 3, Numata discloses: The method of claim 1, wherein the log generator comprises a hash logic (Numata: Paragraph [0098] states, "A hash value, a checksum, a hash-based message authentication code (HMAC), or the like may be used as the verification value 52." Paragraph [0111] states, "The verification value generation unit 418 generates the verification value 52 of the lock release information 51. The lock release information 51 includes the volatile random number 511 generated by the random number generation unit 415, a range index list 512 indicating a range whose lock is released, and an eKEK 513 generated by the KEK encryption unit 417."). Regarding claim 4, Numata discloses: The method of claim 3, wherein the generating the log data comprises: calculating a hash value for the KEK using the hash logic, wherein the hash value is the log data (Numata: Paragraph [0098] states, "A hash value, a checksum, a hash-based message authentication code (HMAC), or the like may be used as the verification value 52." Paragraph [0111] states, "The verification value generation unit 418 generates the verification value 52 of the lock release information 51. The lock release information 51 includes the volatile random number 511 generated by the random number generation unit 415, a range index list 512 indicating a range whose lock is released, and an eKEK 513 generated by the KEK encryption unit 417."). Regarding claim 5, Sakib discloses: The method of claim 1, wherein the storing [the KEK and] the log data in the OTP memory comprises: fusing an e-fuse to store [the KEK and] the log data in the OTP memory (Sakib: Paragraph [0024] states, "The fuses may be electronic fuses (i.e., eFuses) or anti-fuses that have one of two different states…In accordance with such an embodiment, each of fuse banks 220A, 220B, 220C, and 220D comprise 384 fuses. However, it is noted that the hash may comprise any number of bits, including, but not limited to 128 bits, 256 bits, etc., and each of fuse banks 220A, 220B, 220C, and 220D may comprise a corresponding number of fuses. After manufacturing, the fuses of a particular fuse bank (e.g., fuse bank 220A) may be programmed to store the public key of the first owner."). The same motivation to modify with Sakib, as in claim 1, applies. Sakib fails to explicitly disclose: storing the KEK…in the OTP memory. However, Haidamous further discloses: storing the KEK…in the OTP memory (Haidamous: Paragraph [0240] states, "The KEK is a value generated from a random seed (Random Number Generator output) during device production and stored on-chip in an eFuse array."). The same motivation to modify with Haidamous, as in claim 1, applies. Regarding claim 6, Sakib discloses: The method of claim 1, further comprising: receiving a key verification request from an external device (Sakib: Paragraph [0029] states, "To verify the public key, security processor core 202 may send a read request to fuse controller 212."). The same motivation to modify with Sakib, as in claim 1, applies. Regarding claim 9, Numata discloses: The method of claim 1, further comprising: encrypting an encryption key or data using the KEK (Numata: Paragraph [0094] states, "The controller 4 encrypts the generated MEK with the KEK and stores encrypted MEK in the system area 32." Paragraph [0061] states, "The first range 81, the second range 82, and the third range 83 are each encrypted, and a first encryption key for the encryption is referred to as a media encryption key (MEK)."). Regarding claim 10, Sakib discloses: The method of claim 1, wherein the integrated circuit comprises an OTP controller configured to control the OTP memory, and the OTP controller is configured to fuse [the KEK and] the log data to the OTP memory without software intervention from an external device (Sakib: Paragraph [0024] states, "The fuses may be electronic fuses (i.e., eFuses) or anti-fuses that have one of two different states…In accordance with such an embodiment, each of fuse banks 220A, 220B, 220C, and 220D comprise 384 fuses. However, it is noted that the hash may comprise any number of bits, including, but not limited to 128 bits, 256 bits, etc., and each of fuse banks 220A, 220B, 220C, and 220D may comprise a corresponding number of fuses. After manufacturing, the fuses of a particular fuse bank (e.g., fuse bank 220A) may be programmed to store the public key of the first owner." Paragraph [0027] states that "access enforcement logic 210 may only allow fuses in fuse array 214 to programmed during valid transfer of ownership operations. For instance, access enforcement logic 210 may send a first command to fuse controller 212, which causes fuse controller 212 to grant requests to program fuses in fuse array 214. When a determination is made that no transfer of ownership is to be performed, access enforcement logic 210 prevents the fuses in fuse array 214 from being programmed."). The same motivation to modify with Sakib, as in claim 1, applies. Sakib fails to explicitly disclose: fuse the KEK…to the OTP memory. However, Haidamous discloses: fuse the KEK…to the OTP memory (Haidamous: Paragraph [0240] states, "The KEK is a value generated from a random seed (Random Number Generator output) during device production and stored on-chip in an eFuse array."). The same motivation to modify with Haidamous, as in claim 1, applies. Claim 11 recites features similar to claim 1, therefore those features are rejected in a similar manner. Numata further discloses: a one-time programmable (OTP) memory (Numata: Paragraph [0040] states, "The CPU 12 is connected to a random access memory (RAM) 21, an electric fuse (e-Fuse) 22, and a mask ROM 23."). Regarding claim 12, Numata discloses: The integrated circuit of claim 11, wherein the key manager is implemented in software, hardware, or firmware (Numata: Paragraph [0097] states, "The main FW 34 includes a plurality of function units including an information verification unit 411, a lock management unit 412, a KEK generation unit 413, a MEK decryption unit 414, a random number generation unit 415, a KEK encryption key generation unit 416, a KEK encryption unit 417, a verification value generation unit 418, an information evacuation unit 419, and a KEK decryption unit 420." Paragraph [0098] states, "A hash value, a checksum, a hash-based message authentication code (HMAC), or the like may be used as the verification value 52." Paragraph [0111] states, "The verification value generation unit 418 generates the verification value 52 of the lock release information 51. The lock release information 51 includes the volatile random number 511 generated by the random number generation unit 415, a range index list 512 indicating a range whose lock is released, and an eKEK 513 generated by the KEK encryption unit 417." Paragraph [0180] states, "Each of the various functions described in the present embodiment may be implemented by a circuit. An example of the process circuit includes a programmed processor, such as a central process unit (CPU). The processor performs described each function by executing a computer program or a group of commands stored in a memory. The processor may be a microprocessor that includes an electrical circuit. An example of the circuit also includes a digital signal processor (DSP), an application specific integrated circuit (ASIC), a microcontroller, a controller, and other electrical circuit components."). Claim 13 recites features similar to those in claim 1, therefore it is rejected in a similar manner. Claim 14 recites features similar to those in claim 4, therefore it is rejected in a similar manner. Claim(s) 2 is/are rejected under 35 U.S.C. 103 as being unpatentable over Numata (US 20210103653 A1, hereinafter referred to as Numata) in view of Sakib (US 20220391510 A1, hereinafter referred to as Sakib) in further view of Haidamous (EP 1429224 A1, hereinafter referred to as Haidamous) and in further view of Erickson (US 20230163964 A1). Regarding claim 2, the combination of Numata as modified by Sakib and Haidamous disclose: The method of claim 1, but fails to explicitly disclose: wherein the random number generator comprises a true random number generator. However, in the same field of endeavor, Erickson discloses: wherein the random number generator comprises a true random number generator (Erickson: Paragraph [0030] states that "the secondary secure processor 220 could use a true random number generator (TRNG) to generate the key."). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify the teaching of Numata as modified by Sakib and Haidamous and include the above limitation with the teaching of Erickson since "the encryption keys, such as IDE keys, remain secured as they are never accessible to the primary processor in a cleartext format and, thus are not vulnerable to security breaches" (Erickson: [0009]). Claim(s) 7, 8, 15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Numata (US 20210103653 A1, hereinafter referred to as Numata) in view of Sakib (US 20220391510 A1, hereinafter referred to as Sakib) in further view of Haidamous (EP 1429224 A1, hereinafter referred to as Haidamous) and in further view of Hunsberger (US 20220400006 A1, hereinafter referred to as Hunsberger). Regarding claim 7, The combination of Numata as modified by Sakib and Haidamous disclose: The method of claim 6, further comprising: reading [the KEK and] the log data from the OTP memory in response to the key verification request (Sakib: Paragraph [0024] states, "The fuses may be electronic fuses (i.e., eFuses) or anti-fuses that have one of two different states…In accordance with such an embodiment, each of fuse banks 220A, 220B, 220C, and 220D comprise 384 fuses. However, it is noted that the hash may comprise any number of bits, including, but not limited to 128 bits, 256 bits, etc., and each of fuse banks 220A, 220B, 220C, and 220D may comprise a corresponding number of fuses. After manufacturing, the fuses of a particular fuse bank (e.g., fuse bank 220A) may be programmed to store the public key of the first owner." Paragraph [0029] states, "To verify the public key, security processor core 202 may send a read request to fuse controller 212. Fuse controller 212 reads each of fuse banks 220A, 220B, 220C, and 220D and returns the values stored therein to security processor core 202, along with the values represented by associated owner refuse fuses 222A, 222B, 222C, and 222D."). The same motivation to modify with Sakib, as in claim 1, applies. The combination of Numata as modified by Sakib and Haidamous but fail to explicitly disclose: reading the KEK. However, in the same field of endeavor, Hunsberger discloses: reading the KEK (Hunsberger: Paragraph [0055] states, "the KMF 160 provisions the communication device 120 with the KEK by deriving a symmetric touchless key provisioning (TKP) key based at least in part on the public key (i.e., public key imported at block 520) of the communication device. The KMF 160 encrypts the KEK assigned at block 530 with the symmetric TKP key to generate a key wrapped key encryption key or key wrapped KEK. The KMF 160 then transmits a key management message including the key wrapped KEK to the communication device 120 for decryption by the communication device 120. The KMF 160 may receive a response from the communication device 120 when the communication device 120 successfully decrypts the KEK from the key wrapped KEK and provisions the KEK."). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify the teaching of Numata as modified by Sakib and Haidamous and include the above limitation with the teaching of Hunsberger in order "for an efficient, convenient, and cost effective key delivery mechanism that eliminates the need to physically touch a target device with a key delivery device while still complying with the security standards for securely delivering trusted KEKs to the target device" (Hunsberger: Paragraph [0011]). This same motivation applies to the remainder of the claim. Sakib further discloses: and outputting [the KEK and] the log data, read from the OTP memory, to the external device (Sakib: Paragraph [0029] states, "To verify the public key, security processor core 202 may send a read request to fuse controller 212. Fuse controller 212 reads each of fuse banks 220A, 220B, 220C, and 220D and returns the values stored therein to security processor core 202, along with the values represented by associated owner refuse fuses 222A, 222B, 222C, and 222D. Security processor core 202 reads the values returned from fuse controller 212 and determines whether one of the values are equal to the public key associated with the first entity."). The same motivation to modify with Sakib, as in claim 1, applies. The combination of Numata as modified by Sakib and Haidamous but fail to explicitly disclose: outputting the KEK. However, Hunsberger further discloses: outputting the KEK (Hunsberger: Paragraph [0055] states, "the KMF 160 provisions the communication device 120 with the KEK by deriving a symmetric touchless key provisioning (TKP) key based at least in part on the public key (i.e., public key imported at block 520) of the communication device. The KMF 160 encrypts the KEK assigned at block 530 with the symmetric TKP key to generate a key wrapped key encryption key or key wrapped KEK. The KMF 160 then transmits a key management message including the key wrapped KEK to the communication device 120 for decryption by the communication device 120. The KMF 160 may receive a response from the communication device 120 when the communication device 120 successfully decrypts the KEK from the key wrapped KEK and provisions the KEK."). Regarding claim 8: The combination of Numata as modified by Sakib and Haidamous disclose: The method of claim 6, but fails to explicitly disclose: performing an authentication operation with the external device prior to the receiving the key verification request. However, Hunsberger discloses: performing an authentication operation with the external device prior to the receiving the key verification request (Hunsberger: Paragraph [0056] states, "prior to provisioning the KEK at the communication device 120, the KMF 160 determines whether the communication device 120 is an authenticated communication device."). The same motivation to modify with Hunsberger, as in claim 7, applies. Claim 15 recites features similar to those in claim 7, therefore it is rejected in a similar manner. Claim(s) 16, 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Numata (US 20210103653 A1, hereinafter referred to as Numata) in view of Sakib (US 20220391510 A1, hereinafter referred to as Sakib) and in further view of Hunsberger (US 20220400006 A1, hereinafter referred to as Hunsberger). Regarding claim 16, Numata discloses: A method of operating an integrated circuit, the method being executed by at least one processor (Numata: Paragraph [0180] states, "Each of the various functions described in the present embodiment may be implemented by a circuit. An example of the process circuit includes a programmed processor, such as a central process unit (CPU). The processor performs described each function by executing a computer program or a group of commands stored in a memory. The processor may be a microprocessor that includes an electrical circuit. An example of the circuit also includes a digital signal processor (DSP), an application specific integrated circuit (ASIC), a microcontroller, a controller, and other electrical circuit components."), but fails to explicitly disclose: the method comprising: receiving a key verification request from an external key verifier. However, Sakib further discloses: the method comprising: receiving a key verification request from an external key verifier (Sakib: Paragraph [0029] states, "To verify the public key, security processor core 202 may send a read request to fuse controller 212."); reading a [KEK and] log data [corresponding to the KEK] from a one-time programmable (OTP) memory in response to the key verification request (Sakib: Paragraph [0024] states, "The fuses may be electronic fuses (i.e., eFuses) or anti-fuses that have one of two different states…In accordance with such an embodiment, each of fuse banks 220A, 220B, 220C, and 220D comprise 384 fuses. However, it is noted that the hash may comprise any number of bits, including, but not limited to 128 bits, 256 bits, etc., and each of fuse banks 220A, 220B, 220C, and 220D may comprise a corresponding number of fuses. After manufacturing, the fuses of a particular fuse bank (e.g., fuse bank 220A) may be programmed to store the public key of the first owner." Paragraph [0029] states, "To verify the public key, security processor core 202 may send a read request to fuse controller 212. Fuse controller 212 reads each of fuse banks 220A, 220B, 220C, and 220D and returns the values stored therein to security processor core 202, along with the values represented by associated owner refuse fuses 222A, 222B, 222C, and 222D."). The same motivation to modify with Sakib, as in claim 1, applies. This motivation is applied for the rest of the claim. Sakib fails to explicitly disclose: reading a KEK…log data corresponding to the KEK. However, Hunsberger further discloses: reading a KEK[…log data corresponding to the KEK] (Hunsberger: Paragraph [0055] states, "the KMF 160 provisions the communication device 120 with the KEK by deriving a symmetric touchless key provisioning (TKP) key based at least in part on the public key (i.e., public key imported at block 520) of the communication device. The KMF 160 encrypts the KEK assigned at block 530 with the symmetric TKP key to generate a key wrapped key encryption key or key wrapped KEK. The KMF 160 then transmits a key management message including the key wrapped KEK to the communication device 120 for decryption by the communication device 120. The KMF 160 may receive a response from the communication device 120 when the communication device 120 successfully decrypts the KEK from the key wrapped KEK and provisions the KEK."). The same motivation to modify with Hunsberger, as in claim 1, applies. This motivation applies for the rest of the claim. Hunsberger fails to explicitly disclose: log data corresponding to the KEK. However, Numata further discloses: log data corresponding to the KEK (Numata: Paragraph [0098] states, "A hash value, a checksum, a hash-based message authentication code (HMAC), or the like may be used as the verification value 52." Paragraph [0111] states, "The verification value generation unit 418 generates the verification value 52 of the lock release information 51. The lock release information 51 includes the volatile random number 511 generated by the random number generation unit 415, a range index list 512 indicating a range whose lock is released, and an eKEK 513 generated by the KEK encryption unit 417." Paragraph [0180] states, "Each of the various functions described in the present embodiment may be implemented by a circuit. An example of the process circuit includes a programmed processor, such as a central process unit (CPU). The processor performs described each function by executing a computer program or a group of commands stored in a memory. The processor may be a microprocessor that includes an electrical circuit. An example of the circuit also includes a digital signal processor (DSP), an application specific integrated circuit (ASIC), a microcontroller, a controller, and other electrical circuit components."). Sakib further discloses: and outputting [the KEK and] the log data to the external key verifier, [wherein the KEK is used to encrypt a master key of the integrated circuit for a cryptographic operation] (Sakib: Paragraph [0029] states, "To verify the public key, security processor core 202 may send a read request to fuse controller 212. Fuse controller 212 reads each of fuse banks 220A, 220B, 220C, and 220D and returns the values stored therein to security processor core 202, along with the values represented by associated owner refuse fuses 222A, 222B, 222C, and 222D. Security processor core 202 reads the values returned from fuse controller 212 and determines whether one of the values are equal to the public key associated with the first entity."), but fails to explicitly disclose: outputting the KEK...wherein the KEK is used to encrypt a master key of the integrated circuit for a cryptographic operation. However, Hunsberger further discloses: outputting the KEK […wherein the KEK is used to encrypt a master key of the integrated circuit for a cryptographic operation] (Hunsberger: Paragraph [0029] states, "To verify the public key, security processor core 202 may send a read request to fuse controller 212. Fuse controller 212 reads each of fuse banks 220A, 220B, 220C, and 220D and returns the values stored therein to security processor core 202, along with the values represented by associated owner refuse fuses 222A, 222B, 222C, and 222D. Security processor core 202 reads the values returned from fuse controller 212 and determines whether one of the values are equal to the public key associated with the first entity."). Numata further discloses: wherein the KEK is used to encrypt a master key of the integrated circuit for a cryptographic operation (Numata: Paragraph [0061] states, "The first range 81, the second range 82, and the third range 83 are each encrypted, and a first encryption key for the encryption is referred to as a media encryption key (MEK)." Paragraph [0105] states, "The eMEK is data obtained by previously encrypting the MEK in a certain range by using the KEK as an encryption key."). Claim 17 recites features similar to features in claim 8 rejected over Hunsberger, therefore the similar features are rejected in a similar manner. Claim(s) 18-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Numata (US 20210103653 A1, hereinafter referred to as Numata) in view of Sakib (US 20220391510 A1, hereinafter referred to as Sakib) in further view of Hunsberger (US 20220400006 A1, hereinafter referred to as Hunsberger) and in further view of Haidamous (EP 1429224 A1, hereinafter referred to as Haidamous). Claim 18 depends on claim 16 which is rejected by Numata, Sakib, and Hunsberger. Claim 18 recites features similar to claim 10, rejected over Haidamous, therefore it is rejected in a similar manner. Claim 19 depends on claim 18 which is rejected over Numata, Sakib, Hunsberger, and Haidamous. Claim 19 recites features similar to claim 4, rejected over Numata, therefore the similar features are rejected in a similar manner. Claim 20 depends on claim 18 which is rejected by Numata, Sakib, Hunsberger, and Haidamous. Claim 20 recites features similar to claim 1, rejected over Numata, therefore the similar features are rejected in a similar manner. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHREYAJ RAM BHANDARI whose telephone number is (571)272-0727. The examiner can normally be reached 7:30-5:00. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ali Shayanfar can be reached at (571) 270-1050. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /SHREYAJ RAM BHANDARI/ Examiner, Art Unit 2434 /NOURA ZOUBAIR/ Primary Examiner, Art Unit 2434
Read full office action

Prosecution Timeline

Dec 05, 2024
Application Filed
Mar 20, 2026
Non-Final Rejection — §103 (current)

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

1-2
Expected OA Rounds
Grant Probability
3y 1m
Median Time to Grant
Low
PTA Risk
Based on 0 resolved cases by this examiner. Grant probability derived from career allow rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month