Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Detail action
Claims 1-19 have been cancelled.
Claims 20-36 are pending and being considered.
Specification
The specification filed on December 10, 2024 is accepted.
Drawings
The drawings filed on December 10, 2024 are accepted.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claim 20 is rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The claim recites receiving public key, generating decryption key based on first decryption key share and second decryption key share, wherein first and second decryption key shares are generated using the public key, assigning identification information to the decryption key, transmitting the first and the second decryption share key with the identification information to different management service, encrypting data using encryption key and transmitting the encrypted data to user device.
The limitations receiving public key, generating decryption key based on first decryption key share and second decryption key share, wherein first and second decryption key shares are generated using the public key, assigning identification information to the decryption key, transmitting the first and the second decryption share key with the identification information to different management service, encrypting data using encryption key and transmitting the encrypted data to user device is a process that, under its broadest reasonable interpretation, covers performance of the limitations in the mind mentally or physically nothing in the claim precludes the steps from practically being performed in the mind or using paper and pencil. Receiving public key, generating decryption key based on first decryption key share and second decryption key share, wherein first and second decryption key shares are generated using the public key, assigning identification information to the decryption key, transmitting the first and the second decryption share key with the identification information to different management service, encrypting data using encryption key and transmitting the encrypted data to user device as drafted is a process that, under its broadest reasonable interpretation, covers performance of the limitations in the mind. If a claim limitation, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components, then it falls within the “Mental Processes” grouping of abstract ideas. Accordingly, the claim recites an abstract idea.
This judicial exception is not integrated into a practical application because the claim recites additional element such as memory storing instructions executed by processor. These elements in the claim are recited at a high-level of generality such that it amounts no more than mere instructions to apply the exception using a generic computer component. Accordingly, this additional element does not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. The claim is directed to an abstract idea.
The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional element of devices to perform receiving public key, generating decryption key based on first decryption key share and second decryption key share, wherein first and second decryption key shares are generated using the public key, assigning identification information to the decryption key, transmitting the first and the second decryption share key with the identification information to different management service, encrypting data using encryption key and transmitting the encrypted data to user device, steps amounts to no more than mere instructions to apply the exception using a generic computer component see spec para of instant application [0097]. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. The claim is not patent eligible.
Further recited elements within dependent claims 21-36 taken individually do not amount to “significantly more” than just the abstract idea as previously identified above. Therefore, the claims do not amount to significantly more than the previously defined abstract idea. Some of the evidences of “significantly more” are a) improvement to another technology or field; b) applying judicial exception with or by a “particular machine’; c) transforming particular article/data into different state or thing; d) adding unconventional or non-routine steps, producing useful application; and e) other meaningful limitations beyond generic link to particular technological environment.
As a result, the claims are directed to non-statutory subject matter. See Also Alice, 134 S. Ct. at 2360. Under Alice, that is not sufficient "to transform an abstract idea into a patent-eligible invention." See Alice Corporation v. CLS Bank International, (S.Ct.2014) and Ultramercial, Inc. v. Hulu, LLC. (Fed.
Claim Rejections - 35 USC § 112
A. The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.
The following is a quotation of the first paragraph of pre-AIA 35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.
Claim 20 rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA 35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. The claim recites the limitation “and generating the second decryption key share based, at least in part, on the decryption key and the public device key”. The limitation recites that the second decryption key share is generated based on public device key and the decryption key. The spec fails to describe in such a way as to reasonably convey to one skilled in the art. The closest teaching can be found on [0075] discloses “the second license service 102b may generate an encrypted second key share [x 2]n using the second key share received from the content service 100 and the device public key” this portion only describes that the encrypted second key share is generated by encrypting the second key share using the device public key.
B. The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claim 20 rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. The claim recites “generating a first decryption key share and a second decryption key share, wherein the first decryption key share when multiplied by the second decryption key share generates an encrypted decryption key, the encrypted decryption key comprising the decryption key encrypted using the public device key” further recites “and generating the second decryption key share based, at least in part, on the decryption key and the public device key.” In other words, the claim simply recites that the decryption key is generated by multiplying first decryption key share and second decryption key share and then it recites that the second decryption key share is generated based on the decryption key itself, which cannot be true because decryption key is the product of first decryption key share and the second decryption key share. Therefore, the limitation “and generating the second decryption key share based, at least in part, on the decryption key and the public device key” is indefinite.
Dependent claims 21-36 are also rejected under the same rationales as set forth above.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 20-23 and 27-35 are rejected under 35 U.S.C. 103 as being unpatentable over Kamara (US 20150149763) in view of Flurscheim et al (hereinafter Flurscheim) (US 20160140545).
Regarding claim 20 Kamara teaches a method for managing electronic data performed by a service system comprising a processor and a non-transitory computer-readable medium storing instructions that, when executed by the processor, cause the service system to perform the method, the method comprising: (Kamara on [Abstract] teaches a method for providing a server-aided private set intersection protocol which allows two parties to transfer some of the information about their elements via an untrusted third party. See on [0100-0103] teaches computer readable instruction stored in memory executed by a processor);
generating a decryption key configured to be used to decrypt encrypted electronic data (Kamara on [0050 and 0086] teaches generating secret key (i.e., decryption key) from plurality of key shares to decrypt the data);
generating a first decryption key share and a second decryption key share (Kamara on [0047-0050] teaches generating first and second share of secret key);
wherein the first decryption key share when multiplied by the second decryption key share generates an (Kamara on [0050 and 0055] teaches XORing the first and the second share to recover the secret key and then using the key to decrypt the data);
generating key identification information associated with the decryption key (Kamara on [0050] teaches using the labels, the identifiers (i.e., identification information associated with the secret key) and the first and second share of the two-share secret key to recover the secret key);
transmitting the first decryption key share and the key identification information to a first data access management service (Kamara on [0059, 0074 and 0086] teaches the first party sends to the third party comprising the identifier, the first key share and the label);
transmitting the second decryption key share and the key identification information to a second data access management service different than the first data access management service (Kamara on [0059, 0074 and 0086] teaches the first party sends to the second party comprising the identifier, the second key share and the label i.e., different from the third party);
and transmitting the encrypted electronic data to a user device (Kamara on [0074-0075] teaches transmitting encrypted electronic data).
Kamara fails to explicitly teach receiving a public device key, the encrypted decryption key comprising the decryption key encrypted using the public device key, wherein generating the first decryption key share and the second decryption key share comprises: generating the first decryption key share based, at least in part, on the public device key and generating the second decryption key share based, at least in part, on the decryption key and the public device key, encrypting the electronic data using an encryption key corresponding to the decryption key to generate the encrypted electronic data, however Flurscheim from analogous art teaches
receiving a public device key (Flurscheim on [0194] teaches receiving first encryption key (i.e., public device key) maintained at cloud-based platform or host system);
the encrypted decryption key comprising the decryption key encrypted using the public device key (Flurscheim on [0196] teaches the second encryption key 1008 may be divided into two portions. The first portion of the second encryption key 1008 may be generated by encrypting the account information 1004 using the first encryption key 1002. The second portion of the second encryption key 1008 may be generated by inverting the account information 1004 and encrypting the inverted account information using the first encryption key 1002 i.e., second encryption key as decryption key generated by encrypting it based on first encryption key);
wherein generating the first decryption key share and the second decryption key share comprises: generating the first decryption key share based, at least in part, on the public device key and generating the second decryption key share based, at least in part, on the decryption key and the public device key (Flurscheim on [0196] teaches the second encryption key 1008 may be divided into two portions. The first portion of the second encryption key 1008 may be generated by encrypting the account information 1004 using the first encryption key 1002. The second portion of the second encryption key 1008 may be generated by inverting the account information 1004 and encrypting the inverted account information using the first encryption key 1002 i.e., second encryption key as decryption key);
encrypting the electronic data using an encryption key corresponding to the decryption key to generate the encrypted electronic data (Flurscheim on [0202] teaches encrypting transaction data using limited use key (LUK) to generated encrypted data, wherein the limited use key is generated using the second encryption key i.e., encryption key corresponds to decryption key).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Flurscheim into the teaching of Kamara by generating plurality of key shares of using public key. One would be motivated to do so in order to enhance security of decryption key decrypting plurality of key shares using public key of the device (Flurscheim on [0006-0008]).
Regarding claim 21 the combination of Kamara and Flurscheim teaches all the limitations of claim 20 above, Flurscheim further teaches wherein the public device key is received from the user device (Flurscheim on [0194] teaches receiving first encryption key (i.e., public device key) maintained at cloud-based platform or host system).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Flurscheim into the teaching of Kamara by generating plurality of key shares of using public key. One would be motivated to do so in order to enhance security of decryption key decrypting plurality of key shares using public key of the device (Flurscheim on [0006-0008]).
Regarding claim 22 the combination of Kamara and Flurscheim teaches all the limitations of claim 21 above, Flurscheim further teaches wherein the public device key is associated with the user device (Flurscheim on [0194] teaches receiving first encryption key (i.e., public device key) maintained at cloud-based platform or host system).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Flurscheim into the teaching of Kamara by generating plurality of key shares of using public key. One would be motivated to do so in order to enhance security of decryption key decrypting plurality of key shares using public key of the device (Flurscheim on [0006-0008]).
Regarding claim 23 the combination of Kamara and Flurscheim teaches all the limitations of claim 21 above, Flurscheim further teaches wherein the public device key is associated with a user of the user device (Flurscheim on [0194] teaches the first encryption key 1002 may be a base key that is associated with the issuer of the user's account, and the base key may be associated with a group of accounts).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Flurscheim into the teaching of Kamara by generating plurality of key shares of using public key. One would be motivated to do so in order to enhance security of decryption key decrypting plurality of key shares using public key of the device (Flurscheim on [0006-0008]).
Regarding claim 27 the combination of Kamara and Flurscheim teaches all the limitations of claim 20 above, Flurscheim further teaches wherein encrypting the electronic data using an encryption key corresponding to the decryption key to generate the encrypted electronic data comprises generating a derived encryption key using the encryption key to generate the encrypted electronic data (Flurscheim on [0202] teaches encrypting transaction data using limited use key (LUK) to generated encrypted data, wherein the limited use key is generated using the second encryption key i.e., encryption key corresponds to decryption key).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Flurscheim into the teaching of Kamara by generating plurality of key shares of using public key. One would be motivated to do so in order to enhance security of decryption key decrypting plurality of key shares using public key of the device (Flurscheim on [0006-0008]).
Regarding claim 28 the combination of Kamara and Flurscheim teaches all the limitations of claim 27 above, Kamara further teaches wherein the decryption key configured to be used generate a derived decryption key is used to decrypt the encrypted electronic data (Kamara on [0050] teaches the second party can then decrypt the data associated with each element in the intersection of the sets using the labels, the identifiers and the first and second share of the two-share secret key, as shown in block 212. This can be done by XORing the shares to recover the key and then using the key to decrypt the data).
Regarding claim 29 the combination of Kamara and Flurscheim teaches all the limitations of claim 20 above, Kamara further teaches wherein generating the first decryption key share is further based, at least in part, on a message (Kamara on [0055] teaches generating the first share z.sub.x,1 by applying a pseudo-random permutation to element x (i.e., randomly generated message), concatenated with a first string using key K.sub.e. Similarly the second share z.sub.x,2 is generated by applying a pseudo random permutation to element x (i.e., randomly generated message),, concatenated with a second string using key K.sub.e).
Regarding claim 30 the combination of Kamara and Flurscheim teaches all the limitations of claim 29 above, Kamara further teaches wherein generating the second decryption key share is further based, at least in part, on the message (Kamara on [0055] teaches generating the first share z.sub.x,1 by applying a pseudo-random permutation to element x (i.e., randomly generated message), concatenated with a first string using key K.sub.e. Similarly the second share z.sub.x,2 is generated by applying a pseudo random permutation to element x (i.e., randomly generated message), concatenated with a second string using key K.sub.e).
Regarding claim 31 the combination of Kamara and Flurscheim teaches all the limitations of claim 30 above, Kamara further teaches wherein the message is randomly generated (Kamara on [0055] teaches generating the first share z.sub.x,1 by applying a pseudo-random permutation to element x (i.e., randomly generated message), concatenated with a first string using key K.sub.e. Similarly the second share z.sub.x,2 is generated by applying a pseudo random permutation to element x (i.e., randomly generated message), concatenated with a second string using key K.sub.e).
Regarding claim 32 the combination of Kamara and Flurscheim teaches all the limitations of claim 20 above, Kamara further teaches wherein the first data access management service comprises an untrusted system by the service system (Kamara on [0030 and 0065] teaches parties to a described protocol that are not the server or untrusted third party may be referred to as clients. The terms the third party, untrusted third party and server may also be used interchangeably. See on [0060] teaches the second party P.sub.2 generates labels for the elements in P.sub.2's set S.sub.2 by permuting the elements using key K.sub.l and a PRP, and sends the labels for each element in set S.sub.2 to the untrusted third party. See on [claim 7] teaches wherein the third party is an untrusted third party.)
Regarding claim 33 the combination of Kamara and Flurscheim teaches all the limitations of claim 32 above, Kamara further teaches wherein the second data access management service comprises an untrusted system by the service system (Kamara on [0030 and 0065] teaches parties to a described protocol that are not the server or untrusted third party may be referred to as clients. The terms the third party, untrusted third party and server may also be used interchangeably. See on [0060] teaches the second party P.sub.2 generates labels for the elements in P.sub.2's set S.sub.2 by permuting the elements using key K.sub.l and a PRP, and sends the labels for each element in set S.sub.2 to the untrusted third party. See on [claim 7] teaches wherein the third party is an untrusted third party).
Regarding claim 34 the combination of Kamara and Flurscheim teaches all the limitations of claim 20 above, Kamara further teaches wherein the first data access management service comprises a first license service system (Kamara on [0030 and 0065] teaches parties to a described protocol that are not the server or untrusted third party may be referred to as clients. The terms the third party, untrusted third party and server may also be used interchangeably).
Regarding claim 35 the combination of Kamara and Flurscheim teaches all the limitations of claim 20 above, Kamara further teaches wherein the second data access management service comprises a second license service system (Kamara on [0030 and 0065] teaches parties to a described protocol that are not the server or untrusted third party may be referred to as clients. The terms the third party, untrusted third party and server may also be used interchangeably).
Claims 24-26 and 36 are rejected under 35 U.S.C. 103 as being unpatentable over Kamara (US 20150149763) in view of Flurscheim et al (hereinafter Flurscheim) (US 20160140545) and further in view of KESELMAN et al (hereinafter KESELMAN) (US 20200112429).
Regarding claim 24 the combination of Kamara and Flurscheim teaches all the limitations of claim 20 above, the combination fails to explicitly teach wherein the encrypted decryption key is configured to be decrypted using a private device key corresponding to the public device key to generate the decryption key, however KESELMAN from analogous art teaches
wherein the encrypted decryption key is configured to be decrypted using a private device key corresponding to the public device key to generate the decryption key (KESELMAN on [0009 and 0014] teaches Client 150 may generate public/private key pairs, use the public key to request an blinded derived key from RCC 120, and use the private key to decrypt, or unblind, the blinded derived key)
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of KESELMAN into the combined teaching of Kamara and Flurscheim by homomorphically encrypting/decrypting keys based public-private key pair associated with user device. One would be motivated to do so in order to ensure security in the system based on homomorphically key derivation method (KESELMAN on [0006]).
Regarding claim 25 the combination of Kamara, Flurscheim and KESELMAN teaches all the limitations of claim 24 above, KESELMAN further teaches wherein the private device key is associated with the user device (KESELMAN on [0044] teaches Client 150 may generate public/private key pairs i.e., client device 150 generating public/private key associated with user [0010 and 0055]).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of KESELMAN into the combined teaching of Kamara and Flurscheim by homomorphically encrypting/decrypting keys based public-private key pair associated with user device. One would be motivated to do so in order to ensure security in the system based on homomorphically key derivation method (KESELMAN on [0006]).
Regarding claim 26 the combination of Kamara, Flurscheim and KESELMAN teaches all the limitations of claim 24 above, KESELMAN further teaches wherein the private device key is associated with a user of the user device (KESELMAN on [0044] teaches Client 150 may generate public/private key pairs i.e., client device 150 generating public/private key associated with user [0010 and 0055]).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of KESELMAN into the combined teaching of Kamara and Flurscheim by homomorphically encrypting/decrypting keys based public-private key pair associated with user device. One would be motivated to do so in order to ensure security in the system based on homomorphically key derivation method (KESELMAN on [0006]).
Regarding claim 36 the combination of Kamara and Flurscheim teaches all the limitations of claim 20 above, the combination fails to explicitly teach wherein the encrypted decryption key comprises the decryption key encrypted with the public device key using a homomorphic encryption algorithm, however KESELMAN from analogous art teaches
wherein the encrypted decryption key comprises the decryption key encrypted with the public device key using a homomorphic encryption algorithm (KESELMAN on [0007, 0014 and 0024] teaches performing homomorphic encryption).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of KESELMAN into the combined teaching of Kamara and Flurscheim by homomorphically encrypting/decrypting keys based public-private key pair associated with user device. One would be motivated to do so in order to ensure security in the system based on homomorphically key derivation method (KESELMAN on [0006]).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Humphrey et al (US 20100208889) is directed towards a secure storage system secures confidential information of a client by first encrypting the information with a first key to generate first-key encrypted data. The secure storage system then encrypts with a second key the first key to generate a second-key encrypted first key. The secure storage system divides the first-key encrypted data into a first portion and a second portion. The secure storage system generates an identifier for the information and provides the client with the identifier and the first portion and the second-key encrypted first key.
SCHOINIANAKIS et al (US 20210281570) is directed towards communication networks and enabling access to devices in such networks.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOEEN KHAN whose telephone number is (571)272-3522. The examiner can normally be reached 7AM-5PM EST M-TH Alternate Fridays.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached at (571)272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MOEEN KHAN/Primary Examiner, Art Unit 2436