DETAILED ACTION
This Office Action is filed responsive to the initial filing of application 19/003,225 filed 27 December 2024. Claims 1-20, as originally filed, are currently pending and have been fully considered below.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Information Disclosure Statement
The information disclosure statements (IDS) submitted on 31 March 2025 and 1 April 2025 are in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statements are being considered by the examiner.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claim(s) 1, 3-11, and 13-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over HARS et al (US PGPub 2013/0117577) in further view of BRANDT et al (US PGPub 2023/0269076).
With respect to Claim 1, HARS discloses a memory access circuit having a secure access mechanism configured to access a memory, wherein the memory comprises a plurality of memory blocks categorized into a plurality of memory areas each configured to have a security mode (¶[0036] – “a single SMTU accessing multiple memory blocks will have a different security mode value for each memory block, thereby assuring different encryption even if the same memory address is accessed in a different memory block”), the memory access circuit comprising:
a command translation circuit (Figure 1 – Transaction Arbiter 110 is illustrated as a component of the SMTU that is directly coupled to PPC Interface 12) configured to receive and translate an access command from a processor to generate access address information matching an encryption and decryption addressing of the memory blocks (¶[0028] – “One of the data interfaces PPC 12 is coupled to microprocessor core 30 via PLB bus 35 to receive control information e.g. requests to read data from, and write data to, the memory”; ¶[0029] – “All three interfaces 12, 15, and 18 conform to a bus specification, consisting of Header (TH), Address, (TA), and Data (TD) buses, and the two Request-Response (TX-TR) control pins”; ¶[0030] – “The format of the SMTU command control interface signal is also essentially arbitrary, but it receives input signals identifying the CPU making the request, bits to designate a flush of key material, indications that a command is being received together with the op code information, read address and data”; ¶[0033] – “The SMTU acts as a slave unit serving read and write requests initiated by the PowerPC 30 or by units coupled to the Transaction Bus 60. Devices requesting data are collectively referred to as the "Requestor" herein. The SMTU then initiates the read or write as requested from the memory address”; ¶[0027] – “The SMTU 10 encrypts and decrypts data transfers between the microprocessor core 30 and memory coupled to interface 68 to provide a high level of security for these transactions”);
an address block check circuit configured to, according to the access address information, determine the security mode corresponding thereto to generate mode information (¶[0035] – “The use of the SMTU can be further controlled by mode of operation. In the preferred embodiment there are two registers that control the SMTU mode of operation. These are the global mode register and the window mode register”; ¶[0056] – “Each of the three key generators 420, 430, and 440 also receives the random numbers 450 earlier stored or generated in the key material store memories, together with the security mode information 460”);
an address generation circuit (Figure 2 – Address Translation Unit 130);
a command generation circuit configured to generate an actual access command for accessing the flash memory according to the access block address (¶[0062] – “In summary, a read data operation is performed as follows:”; ¶[0063] – “1. Translate the logical address {analogous to ‘access address information’} into the memory physical address {analogous to ‘access block address’}”; ¶[0064] – “2. Read 32 bytes of the encrypted data from the memory at the specified address”; ¶[0003] – “During read transactions, previously encrypted data are retrieved from the memory by the SMTU, decrypted, and authenticated against signs of tampering”); and
an access processing circuit configured to receive an accessed content corresponding to the access block address from the flash memory to perform a security processing on the accessed content according to the mode information and the access block address (¶[0065] –“3. Generate the decryption and authentication keys. Use the memory address, the write counter, the security mode and the random number for the key generation, causing each resulting key to be unique to each memory location and write counter value, with very high probability.”; ¶[0066] – “4. Use the keys generated in step 3 together with the authentication fields of the data to decrypt the ciphertext and to authenticate it. If the authentication fails, activate anti-tamper mechanisms, otherwise continue on to step 5.”); and perform a data recovery according to a data access order of the access command to generate and store access data to be accessed by the processor (¶[0067] – “5. If the current cycle is a read request then send the decrypted plaintext to the requestor”; ¶[0037] – “A first-in first-out (FIFO) memory 108 on the PowerPC interface 12 buffers transactions to the arbiter 110”).
HARS may not explicitly disclose (1) wherein the memory is a flash memory; and (2) wherein the address generation circuit is configured to generate the address block address according to the access address information and the mode information.
However, BRANDT discloses (1) wherein the memory is a flash memory (¶0237] – “Information storage device 2150 may include any type of persistent or non-volatile memory or storage, such as a flash memory and/or a solid state, magnetic, or optical disk drive”); and (2) wherein the address generation circuit is configured to generate the address block address according to the access address information and the mode information (¶[0091] – “The embodiments herein may be used as a restriction to limit a handle to a guest. For example, if a “virtual machine extensions (VMX) guest” bit in handle is set, then that handle is only usable inside a VMX guest whose (e.g., 32 bit) VM ID is equal to handle bits (e.g., bits [127:96]). Certain embodiments herein allow the linking of a handle to a specific VMX guest. In one embodiment, VM ID is a field in a virtual machine control structure, e.g., different from a virtual machine control structure pointer and an extended-page-table pointer field which identify guests but change on migration and are physical addresses.”).
HARS and BRANDT are analogous art because they are from the same field of endeavor of accessing secured (via encryption) data from memory . Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of HARS and BRANDT before him or her, to modify the memory such as EDRAM 66 and the SMTU 10 of HARS to include (1) flash memory, and (2) address generation according to mode information as taught by BRANDT. A motivation for doing so would have been to (1) utilize a particular storage memory with known particular storage benefits such as non-volatility of data (2) prevent exposure of certain addresses to certain guests (¶[0091]). Therefore, it would have been obvious to combine HARS and BRANDT to obtain the invention as specified in the instant claims.
With respect to Claim 11, HARS discloses a memory access method having a secure access mechanism used in a memory access circuit configured to access a memory, wherein the memory comprises a plurality of memory blocks categorized into a plurality of memory areas each configured to have a security mode (¶[0036] – “a single SMTU accessing multiple memory blocks will have a different security mode value for each memory block, thereby assuring different encryption even if the same memory address is accessed in a different memory block”), the memory access method comprising:
receiving and translating an access command from a processor by a command translation circuit (Figure 1 – Transaction Arbiter 110 is illustrated as a component of the SMTU that is directly coupled to PPC Interface 12) to generate access address information matching an encryption and decryption addressing of the memory blocks (¶[0028] – “One of the data interfaces PPC 12 is coupled to microprocessor core 30 via PLB bus 35 to receive control information e.g. requests to read data from, and write data to, the memory”; ¶[0029] – “All three interfaces 12, 15, and 18 conform to a bus specification, consisting of Header (TH), Address, (TA), and Data (TD) buses, and the two Request-Response (TX-TR) control pins”; ¶[0030] – “The format of the SMTU command control interface signal is also essentially arbitrary, but it receives input signals identifying the CPU making the request, bits to designate a flush of key material, indications that a command is being received together with the op code information, read address and data”; ¶[0033] – “The SMTU acts as a slave unit serving read and write requests initiated by the PowerPC 30 or by units coupled to the Transaction Bus 60. Devices requesting data are collectively referred to as the "Requestor" herein. The SMTU then initiates the read or write as requested from the memory address”; ¶[0027] – “The SMTU 10 encrypts and decrypts data transfers between the microprocessor core 30 and memory coupled to interface 68 to provide a high level of security for these transactions”);
according to the access address information, determining the security mode corresponding thereto by an address block check circuit to generate mode information (¶[0035] – “The use of the SMTU can be further controlled by mode of operation. In the preferred embodiment there are two registers that control the SMTU mode of operation. These are the global mode register and the window mode register”; ¶[0056] – “Each of the three key generators 420, 430, and 440 also receives the random numbers 450 earlier stored or generated in the key material store memories, together with the security mode information 460”);
generating an actual access command for accessing the flash memory according to the access block address by a command generation circuit (¶[0062] – “In summary, a read data operation is performed as follows:”; ¶[0063] – “1. Translate the logical address {analogous to ‘access address information’} into the memory physical address {analogous to ‘access block address’}”; ¶[0064] – “2. Read 32 bytes of the encrypted data from the memory at the specified address”; ¶[0003] – “During read transactions, previously encrypted data are retrieved from the memory by the SMTU, decrypted, and authenticated against signs of tampering”); and
receiving an accessed content corresponding to the access block address from the flash memory by an access processing circuit to perform a security processing on the accessed content according to the mode information and the access block address (¶[0065] –“3. Generate the decryption and authentication keys. Use the memory address, the write counter, the security mode and the random number for the key generation, causing each resulting key to be unique to each memory location and write counter value, with very high probability.”; ¶[0066] – “4. Use the keys generated in step 3 together with the authentication fields of the data to decrypt the ciphertext and to authenticate it. If the authentication fails, activate anti-tamper mechanisms, otherwise continue on to step 5.”) and perform a data recovery according to a data access order of the access command to generate and store access data to be accessed by the processor (¶[0067] – “5. If the current cycle is a read request then send the decrypted plaintext to the requestor”; ¶[0037] – “A first-in first-out (FIFO) memory 108 on the PowerPC interface 12 buffers transactions to the arbiter 110”).
HARS may not explicitly disclose (1) wherein the memory is a flash memory; and (2) generating an access block address according to the access address information and the mode information by an address generation circuit.
However, BRANDT discloses (1) wherein the memory is a flash memory (¶0237] – “Information storage device 2150 may include any type of persistent or non-volatile memory or storage, such as a flash memory and/or a solid state, magnetic, or optical disk drive”); and (2) generating an access block address according to the access address information and the mode information by an address generation circuit (¶[0091] – “The embodiments herein may be used as a restriction to limit a handle to a guest. For example, if a “virtual machine extensions (VMX) guest” bit in handle is set, then that handle is only usable inside a VMX guest whose (e.g., 32 bit) VM ID is equal to handle bits (e.g., bits [127:96]). Certain embodiments herein allow the linking of a handle to a specific VMX guest. In one embodiment, VM ID is a field in a virtual machine control structure, e.g., different from a virtual machine control structure pointer and an extended-page-table pointer field which identify guests but change on migration and are physical addresses.”).
HARS and BRANDT are analogous art because they are from the same field of endeavor of accessing secured (via encryption) data from memory . Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of HARS and BRANDT before him or her, to modify the memory such as EDRAM 66 and the SMTU 10 of HARS to include (1) flash memory, and (2) address generation according to mode information as taught by BRANDT. A motivation for doing so would have been to (1) utilize a particular storage memory with known particular storage benefits such as non-volatility of data (2) prevent exposure of certain addresses to certain guests (¶[0091]). Therefore, it would have been obvious to combine HARS and BRANDT to obtain the invention as specified in the instant claims.
With respect to Claims 3 and 13, the combination of HARS and BRANDT disclose the memory access circuit/method of each respective parent claim.
HARS further discloses performing the security processing that comprises a decryption process on the accessed content by the access processing circuit, and the decryption process decrypts the accessed content according to encryption and decryption information related to the access block address (¶[0003] – “During read transactions, previously encrypted data are retrieved from the memory by the SMTU, decrypted, and authenticated against signs of tampering”).
With respect to Claims 4 and 14, the combination of HARS and BRANDT disclose the memory access circuit/method of each respective parent claim.
HARS further discloses wherein the encryption and decryption information comprises an initial vector that comprises a nonce section, a block address section, a reserved section, a block offset section or a combination thereof (¶[0041-0042] – “FIG. 3 illustrates the data structure for encrypted data stored in memory. Encrypted data preferably are stored using 32-byte blocks. Each 32-byte block consists of 16 bytes of encrypted payload (ciphertext) and 16 bytes of security data. The security data includes 6 bytes of version information (write counter value) and 10 bytes of authentication tag. The 6-byte write counter is a field that is incremented every time external memory is written, regardless of the address. As a result, the incremented value is unique to each address. The encryption operation and the authentication key are derived from target address, the write counter value, and from a random number. Of course, more or fewer fields may be used in the encryption.”)
With respect to Claims 5 and 15, the combination of HARS and BRANDT disclose the memory access circuit/method of each respective parent claim.
HARS further discloses when the mode information indicates that the security mode is a verification mode: generating the access block address that comprises at least one data block address and at least one verification information block address by the address generation circuit; and performing the security processing that comprises a verification process on the accessed content by the access processing circuit, the accessed content comprising a data content and a verification information content and the verification process being configured to perform verification on the data content according to the verification information content; and when the mode information indicates the security mode is an encrypted and verification mode: generating the access block address that comprises the at least one data block address and the at least one verification information block address by the access processing circuit; and performing the security processing that comprises a decryption process and the verification process on the accessed content by the access processing circuit, the accessed content comprising the data content and the verification information content, wherein: the decryption process is configured to perform decryption on the accessed content according to encryption and decryption information related to the access block address; and the verification process is configured to perform verification on the data content according to the verification information content (¶[0062] – “In summary, a read data operation is performed as follows:”; ¶[0063] – “1. Translate the logical address {analogous to ‘access address information’} into the memory physical address {analogous to ‘access block address’}”; ¶[0064] – “2. Read 32 bytes of the encrypted data from the memory at the specified address”; ¶[0003] – “During read transactions, previously encrypted data are retrieved from the memory by the SMTU, decrypted, and authenticated against signs of tampering”).
With respect to Claims 6 and 16, the combination of HARS and BRANDT disclose the memory access circuit/method of each respective parent claim.
HARS further discloses wherein the plurality of memory blocks comprise a plurality of data blocks and a plurality of verification information blocks, wherein the verification information content stored in each of the verification information blocks is generated correspondingly by performing calculation on an encryption and decryption block that comprises 2N of the data blocks, N being an integer larger than or equaling to 0 (¶[0042] – “The encryption operation and the authentication key are derived from target address, the write counter value, and from a random number. Of course, more or fewer fields may be used in the encryption. Because every 16 bytes of encrypted data require an additional 16 bytes for authentication tag and write counter value, the effective data storage capacity of each window is one-half its physical size. Of course larger or smaller memories and different data and tag sizes could be implemented”).
With respect to Claims 7 and 17, the combination of HARS and BRANDT disclose the memory access circuit/method of each respective parent claim.
HARS further discloses wherein the plurality of data blocks and the plurality of verification information blocks are disposed independently, the memory access method further comprising: generating the data block address according to the access address information and calculating the verification information block address according to the data block address by the address generation circuit (¶[0042] – “The encryption operation and the authentication key are derived from target address, the write counter value, and from a random number. Of course, more or fewer fields may be used in the encryption. Because every 16 bytes of encrypted data require an additional 16 bytes for authentication tag and write counter value, the effective data storage capacity of each window is one-half its physical size. Of course larger or smaller memories and different data and tag sizes could be implemented”).
With respect to Claims 8 and 18, the combination of HARS and BRANDT disclose the memory access circuit/method of each respective parent claim.
HARS further discloses wherein each of the plurality of verification information blocks is disposed subsequently to the corresponding encryption and decryption block such that an address offset exists between each of two neighboring encryption and decryption blocks, the memory access method further comprising: calculating and generating the data block address and the verification information block address according to the access address information, the mode information and the address offset by the address generation circuit (¶[0042] – “The encryption operation and the authentication key are derived from target address, the write counter value, and from a random number. Of course, more or fewer fields may be used in the encryption. Because every 16 bytes of encrypted data require an additional 16 bytes for authentication tag and write counter value, the effective data storage capacity of each window is one-half its physical size. Of course larger or smaller memories and different data and tag sizes could be implemented”).
With respect to Claims 9 and 19, the combination of HARS and BRANDT disclose the memory access circuit/method of each respective parent claim.
HARS further discloses storing the access data, a verification state of the access data and a data address of the access data for the processor to access the access data by a storage circuit when the verification state indicates to be a verified state (¶[0068-0073] – “Also, in summary, a write data command is performed (optionally preceded by a read operation from the same memory location as described immediately above), as follows: 1. Merge the data to be written with the data read from the memory. The data read from memory was previously decrypted and authenticated during the read operation as per the preceding paragraph. 2. Increment the write counter 3. Encrypt the merged write data using a new encryption key, which is different from the key that was used in reading the data for the decryption, because the updated write counter is included in its generation. 4. Generate the data authentication tag using the newly encrypted write data and a new authentication key (based on the memory address, together with the updated write counter value. The security mode and the random number are used to diversify the keys. 5. Write the data back to memory”); and when the access address information generated according to a subsequent access command that the command translation circuit receives and translates from the processor corresponds to the data address and the verification state indicates to be a verified state, directly accessing the access data by the processor from the storage circuit (¶[0065] –“3. Generate the decryption and authentication keys. Use the memory address, the write counter, the security mode and the random number for the key generation, causing each resulting key to be unique to each memory location and write counter value, with very high probability.”; ¶[0066] – “4. Use the keys generated in step 3 together with the authentication fields of the data to decrypt the ciphertext and to authenticate it. If the authentication fails, activate anti-tamper mechanisms, otherwise continue on to step 5.”).
With respect to Claims 10 and 20, the combination of HARS and BRANDT disclose the memory access circuit/method of each respective parent claim.
HARS further discloses transmitting the actual access command to the flash memory by the command generation circuit to perform accessing through an interface control circuit configured to perform a format conversion; and receiving the accessed content from the flash memory by the access processing circuit through the interface control circuit configured to perform the format conversion (¶[0062] – “In summary, a read data operation is performed as follows:”; ¶[0063] – “1. Translate the logical address {analogous to ‘access address information’} into the memory physical address {analogous to ‘access block address’}”; ¶[0064] – “2. Read 32 bytes of the encrypted data from the memory at the specified address”; ¶[0003] – “During read transactions, previously encrypted data are retrieved from the memory by the SMTU, decrypted, and authenticated against signs of tampering”; ¶[0029] – “All three interfaces 12, 15, and 18 conform to a bus specification, consisting of Header (TH), Address, (TA), and Data (TD) buses, and the two Request-Response (TX-TR) control pins. Typical signals on these buses are described below. The Power PC interface and the memory interface each have 48-bit headers, allow 64-bit addresses and 128 bits of data”).
Claim(s) 2 and 12 is/are rejected under 35 U.S.C. 103 as being unpatentable over HARS in further view of BRANDT and KAPLAN et al (US PGPub 2018/0107608).
With respect to Claims 2 and 12, the combination of HARS and BRANDT disclose the memory access circuit/method of each respective parent claim.
HARS and BRANDT may not explicitly disclose wherein when the mode information indicates that the security mode is a non-encrypted and non-verification mode, the memory access method further comprises: performing the security processing that comprises a bypass process by the access processing circuit.
However, KAPLAN discloses wherein when the mode information indicates that the security mode is a non-encrypted and non-verification mode, the memory access method further comprises: performing the security processing that comprises a bypass process by the access processing circuit (¶[0017-0018] – “The memory controller 116 is configured to identify each memory access request as one of two types: a secure memory access request, indicating that the information corresponding to the memory access request is designated for cryptographic protection, or a non-secure memory access request, indicating that the information corresponding to the memory access request is not designated for cryptographic protection. In response to receiving a write request, the memory controller 116 identifies whether the request is a secure memory access request or a non-secure memory access request. If the write request is a non-secure memory access request, the memory controller 116 bypasses the encryption module 122 and provides the write request to the memory 104 without encrypting the information to be written. If the write request is a secure memory access request, the memory controller 116 identifies one of the keys 124 that is assigned to the I/O device 106 that generated the memory access request. … In response to receiving a read request, the memory controller 116 provides the request to the memory 104 and subsequently receives the information responsive to the request. If the memory controller 116 identifies the read request as a non-secure memory access request, it bypasses the encryption module 122 and provides the read information to the I/O device 106 without encryption. If the memory controller 116 identifies the read request as a secure memory access request, it identifies one of the keys 124 that is assigned to the I/O device 106 that generated the read access request and the encryption module 122 decrypts the read information. The memory controller 116 then provides the decrypted read information to the I/O device 106”).
HARS, BRANDT, and KAPLAN are analogous art because they are from the same field of endeavor of accessing secured (via encryption) data from memory . Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of HARS, BRANDT, and KAPLAN before him or her, to modify the SMTU of the combination of HARS and BRANDT to include a bypass mechanism where data is not accessed via encryption as taught by KAPLAN. A motivation for doing so would have been to improve access performance to non-sensitive data. Therefore, it would have been obvious to combine HARS, BRANDT, and KAPLAN to obtain the invention as specified in the instant claims.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure teach related processes for the secure storage of data via encryption.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ERIC T LOONAN whose telephone number is (571)272-6994. The examiner can normally be reached M-F 8am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Arpan Savla can be reached at 571-272-1077. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ERIC T LOONAN/Examiner, Art Unit 2137