Prosecution Insights
Last updated: July 17, 2026
Application No. 19/025,821

CRYPTOGRAPHIC KEY MANAGEMENT

Non-Final OA §103
Filed
Jan 16, 2025
Priority
Jul 15, 2019 — provisional 62/874,437 +3 more
Examiner
PARK, SANGSEOK
Art Unit
Tech Center
Assignee
Micron Technology Inc.
OA Round
1 (Non-Final)
84%
Grant Probability
Favorable
1-2
OA Rounds
10m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 84% — above average
84%
Career Allowance Rate
210 granted / 250 resolved
+24.0% vs TC avg
Strong +16% interview lift
Without
With
+16.0%
Interview Lift
resolved cases with interview
Typical timeline
2y 3m
Avg Prosecution
15 currently pending
Career history
264
Total Applications
across all art units

Statute-Specific Performance

§101
1.6%
-38.4% vs TC avg
§103
92.1%
+52.1% vs TC avg
§102
2.8%
-37.2% vs TC avg
§112
1.4%
-38.6% vs TC avg
Black line = Tech Center average estimate • Based on career data from 250 resolved cases

Office Action

§103
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Information Disclosure Statement The information disclosure statements (IDS) submitted on 04/07/2025 and 03/10/2026 are in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 2-3, 6-10, 13-16 and 19-21 is/are rejected under 35 U.S.C. 103 as being unpatentable over Melvin, US-8429420-B1 (hereinafter “Melvin ‘420”) in view of Bernat et al., US-11128448-B1 (hereinafter “Bernat ‘448”). Per claim 2 (independent): Melvin ‘420 discloses: A method at a memory sub-system (FIG. 1, [Col. 2], ll. 53-65, a virtual self-destruct mechanism 19 (a memory sub-system) interposed between host device 10 and storage device 12), comprising: generating, by a hardware component of the memory sub-system, a first cryptographic key associated with encrypting data at the memory sub-system; storing the first cryptographic key in a volatile memory based at least in part on generating the first cryptographic key; generating, by the hardware component, a second cryptographic key associated with decrypting the data at the memory sub-system; and storing the second cryptographic key in a volatile memory based at least in part on generating the second cryptographic key (FIG. 1, [Col. 3], ll.9-54, When peripheral interface 13 receives a write command ... encrypted by block 14 ... The key or keys (a first cryptographic key associated with encrypting data) used to encrypt the sector or sectors are supplied by key storage 11 (a volatile memory) – storing the first cryptographic key in a volatile memory based at least in part on generating the first cryptographic key ... In the case of a read command received by peripheral interface 13 ... decrypted by block 15 ... Key storage 11 (the volatile memory) will supply the key or keys (a second cryptographic key associated with decrypting the data) to decrypt the data – storing the second cryptographic key in a volatile memory based at least in part on generating the second cryptographic key ... The encryption mechanism employed by encryption block 14, decryption block 15 and key storage 11 can be a symmetric or non-symmetric system ... In the case of a non-symmetric system different keys are utilized for encryption and decryption; [Col. 3], ll.65 – [Col. 4], ll.16, virtual self-destruct apparatus includes hardware based on the Trusted Platform Module (TPM) (an example of a hardware component included in the virtual self-destruct mechanism 19), which can be used to securely store keys and can be used to generate keys and key pairs using a built in random number generator ... key storage 11 comprises volatile memory (the volatile memory) ... Examples of volatile storage devices are semiconductor RAM cells and semiconductor registers; for example, in an embodiment employing a non-symmetric encryption mechanism, the virtual self-destruct apparatus may include a TPM configured to generate encryption and decryption keys, that is, the first cryptographic key and the second cryptographic key, as a matched key pair using a built-in random number generator, wherein the generated cryptographic keys may be stored in the key storage 11 and supplied for encryption and decryption of stored information). Melvin ‘420 does not disclose but Bernat ‘448 discloses: storing the first cryptographic key in a first volatile memory based at least in part on generating the first cryptographic key; storing the second cryptographic key in a second volatile memory based at least in part on generating the second cryptographic key (FIG. 4, [Col 44], ll.37-45, a storage system 400 is shown. The storage system 400 may include storage controller 410 and storage devices 450A-N (a first volatile memory and a second volatile memory) which are included within shelves 440 and 445; [Col. 46], ll.12-22, Each storage device 450A -N may generate and utilize a key for encrypting the data that is stored on the device (meaning generating the first cryptographic key and the second cryptographic key for each storage device, e.g., 450A and 450B). Each storage device 450A -N may include a hardware encryption mechanism that utilizes the key for encrypting the data stored on the device; [Col. 47], ll.40-57, Although not shown in FIG. 4, storage device 450N may also include volatile memory (volatile memory) for storing a decrypted key with which reads and writes may be executed. Generally speaking, storage device 450N (the first/second volatile memory) may use the decrypted key (the first/second cryptographic key stored in the first/second volatile memory) during the reading and writing of data to storage device 450N ... On power up, storage device 450N may retain encrypted key 455N, which is non-useable until it is decrypted to recreate the original key which was used to encrypt the data (encrypted data 470N) stored on device 450N – different storge devices 450A-N store difference cryptographic keys, that is, the first and second cryptographic keys, in their respective volatile memories). It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Melvin ‘420 with the use of cryptographic keys stored in each respective volatile memory of different storage devices for encrypting/decrypting data as taught by Bernat ‘448 because it would improve security by reducing the risk that a compromise of a single memory device exposes all of the cryptographic keys. Additionally, Bernat ‘448 is analogous to the claimed invention because it teaches each storage device 450A -N may generate and utilize a key for encrypting the data that is stored on the device [Col. 46], ll.12-22. Per claim 3 (dependent on claim 2): Melvin ‘420 in view of Bernat ‘448 discloses the elements detailed in the rejection of claim 2 above, incorporated herein by reference. Melvin ‘420 discloses: The method of claim 2, further comprising: receiving, by the hardware component and from a firmware component of the memory sub-system, a command to generate the first cryptographic key and the second cryptographic key, wherein generating the first cryptographic key and generating the second cryptographic key are based at least in part on receiving the command (FIG. 1, [Col. 3], ll.9-54, When peripheral interface 13 (a firmware component of the memory sub-system) receives a write command (receiving a command to generate the first cryptographic key and the second cryptographic key) ... encrypted by block 14 ... The key or keys used to encrypt the sector or sectors are supplied by key storage 11 ... In the case of a read command received by peripheral interface 13 ... decrypted by block 15 ... Key storage 11 will supply the key or keys to decrypt the data ... The encryption mechanism employed by encryption block 14, decryption block 15 and key storage 11 can be a symmetric or non-symmetric system ... In the case of a non-symmetric system different keys are utilized for encryption and decryption; [Col. 3], ll.65 – [Col. 4], ll.16, virtual self-destruct apparatus includes hardware based on the Trusted Platform Module (TPM) (the hardware component), which can be used to securely store keys and can be used to generate keys and key pairs using a built in random number generator ... key storage 11 comprises volatile memory ... Examples of volatile storage devices are semiconductor RAM cells and semiconductor registers; for example, in an embodiment employing a non-symmetric encryption mechanism, the virtual self-destruct apparatus may include a TPM configured to generate encryption and decryption keys, that is, the first cryptographic key and the second cryptographic key, as a matched key pair using a built-in random number generator by receiving the command initiated form the peripheral interface 13). Per claim 6 (dependent on claim 2): Melvin ‘420 in view of Bernat ‘448 discloses the elements detailed in the rejection of claim 2 above, incorporated herein by reference. Melvin ‘420 discloses: The method of claim 2, wherein: generating the first cryptographic key comprises generating, by a random data generator of the hardware component, a first random number for the first cryptographic key; and generating the second cryptographic key comprises generating, by the random data generator, a second random number for the second cryptographic key (FIG. 1, [Col. 3], ll.9-54, When peripheral interface 13 receives a write command ... encrypted by block 14 ... The key or keys (generating the first cryptographic key) used to encrypt the sector or sectors are supplied by key storage 11 ... In the case of a read command received by peripheral interface 13 ... decrypted by block 15 ... Key storage 11 will supply the key or keys (generating the second cryptographic key) to decrypt the data ... The encryption mechanism employed by encryption block 14, decryption block 15 and key storage 11 can be a symmetric or non-symmetric system ... In the case of a non-symmetric system different keys are utilized for encryption and decryption; [Col. 3], ll.65 – [Col. 4], ll.16, virtual self-destruct apparatus includes hardware based on the Trusted Platform Module (TPM) (the hardware component included in the virtual self-destruct mechanism 19), which can be used to securely store keys and can be used to generate keys and key pairs using a built in random number generator (a random number generator of the hardware component) ... key storage 11 comprises volatile memory ... Examples of volatile storage devices are semiconductor RAM cells and semiconductor registers; for example, in an embodiment employing a non-symmetric encryption mechanism, the virtual self-destruct apparatus may include a TPM configured to generate encryption and decryption keys, that is, the first cryptographic key and the second cryptographic key, as a matched key pair using a built-in random number generator, whereby the random number generator is configured to produce different random numbers, i.e., a first random number and a second random number, for different invocations). Per claim 7 (dependent on claim 2): Melvin ‘420 in view of Bernat ‘448 discloses the elements detailed in the rejection of claim 2 above, incorporated herein by reference. Melvin ‘420 discloses: The method of claim 2, wherein the volatile memory is configured to store cryptographic keys (FIG. 1, [Col. 3], ll.9-54, When peripheral interface 13 receives a write command ... encrypted by block 14 ... The key or keys (cryptographic keys) used to encrypt the sector or sectors are supplied by key storage 11 (the volatile memory) – storing cryptographic keys in the volatile memory ... In the case of a read command received by peripheral interface 13 ... decrypted by block 15 ... Key storage 11 (the volatile memory) will supply the key or keys (cryptographic keys) to decrypt the data – storing cryptographic keys in the volatile memory ... The encryption mechanism employed by encryption block 14, decryption block 15 and key storage 11 can be a symmetric or non-symmetric system ... In the case of a non-symmetric system different keys are utilized for encryption and decryption). Melvin ‘420 does not disclose but Bernat ‘448 discloses: the first volatile memory is configured to store a cryptographic key that encrypts data and the second volatile memory is configured to store a cryptographic key that decrypts data (FIG. 4, [Col 44], ll.37-45, a storage system 400 is shown. The storage system 400 may include storage controller 410 and storage devices 450A-N (the first volatile memory and the second volatile memory) which are included within shelves 440 and 445; [Col. 46], ll.12-22, Each storage device 450A -N may generate and utilize a key for encrypting the data that is stored on the device (meaning generating the first cryptographic key and the second cryptographic key for each storage device, e.g., 450A and 450B). Each storage device 450A -N may include a hardware encryption mechanism that utilizes the key for encrypting the data stored on the device; [Col. 47], ll.40-57, Although not shown in FIG. 4, storage device 450N may also include volatile memory for storing a decrypted key with which reads and writes may be executed. Generally speaking, storage device 450N may use the decrypted key during the reading and writing of data to storage device 450N (this recites that each of the storage device performs read and write operations on data. Such read and write operations involve data decryption and data encryption, respectively. Therefore, one storage device may store a cryptographic key used for encryption, while another device may store a cryptographic key used for decryption) ... On power up, storage device 450N may retain encrypted key 455N, which is non-useable until it is decrypted to recreate the original key which was used to encrypt the data (encrypted data 470N) stored on device 450N – different storge devices 450A-N store different cryptographic keys in their respective volatile memories). It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Melvin ‘420 with the use of cryptographic keys stored in each respective volatile memory of different storage devices for encrypting/decryption data as taught by Bernat ‘448 because it would improve security by reducing the risk that a compromise of a single memory device exposes all of the cryptographic keys. Per claim 8 (dependent on claim 2): Melvin ‘420 in view of Bernat ‘448 discloses the elements detailed in the rejection of claim 2 above, incorporated herein by reference. Melvin ‘420 does not disclose but Bernat ‘448 discloses: The method of claim 2, wherein the hardware component comprises the first volatile memory and the second volatile memory (FIG. 4, [Col 44], ll.37-45, a storage system 400 is shown. The storage system 400 may include storage controller 410 and storage devices 450A-N which are included within shelves 440 and 445 (the hardware component comprises the first volatile memory and the second volatile memory); [Col. 46], ll.12-22, Each storage device 450A -N may generate and utilize a key for encrypting the data that is stored on the device. Each storage device 450A-N may include a hardware encryption mechanism that utilizes the key for encrypting the data stored on the device). It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Melvin ‘420 with the use of cryptographic keys stored in each respective volatile memory of different storage devices for encrypting/decryption data as taught by Bernat ‘448 because it would improve security by reducing the risk that a compromise of a single memory device exposes all of the cryptographic keys. Per claim 9 (independent): Melvin ‘420 discloses: A memory sub-system, comprising: a hardware component; a firmware component coupled with the hardware component; and a controller coupled with the hardware component and the firmware component and configured to cause the memory sub-system to: (FIG. 1, [Col. 2], ll. 53-65, FIG. 1 illustrates an embodiment of a virtual self-destruct mechanism 19 (a memory subsystem) interposed between host device 10 and storage device 12. Storage device 12 can be a conventional hard disk drive, a solid state drive or another form of digital storage. Peripheral interface 13 (a firmware component) interfaces with host device 10 and peripheral interface 16 (a firmware component) interfaces with storage device 12; [Col. 3], ll.65 – [Col. 4], ll.16, virtual self-destruct apparatus includes hardware based on the Trusted Platform Module (TPM) (an example of a hardware component included in the virtual self-destruct mechanism 19), which can be used to securely store keys and can be used to generate keys and key pairs using a built in random number generator (through a controller) ... key storage 11 comprises volatile memory). The remaining limitations of the claim(s) correspond(s) to features of claim 2 and the claim(s) is/are rejected for the reasons detailed with respect to claim 2. Per claim 10 (dependent on claim 9): Melvin ‘420 in view of Bernat ‘448 discloses the elements detailed in the rejection of claim 9 above, incorporated herein by reference. The limitations of the claim(s) correspond(s) to features of claim 3 and the claim(s) is/are rejected for the reasons detailed with respect to claim 3. Per claim 13 (dependent on claim 9): Melvin ‘420 in view of Bernat ‘448 discloses the elements detailed in the rejection of claim 9 above, incorporated herein by reference. The limitations of the claim(s) correspond(s) to features of claim 6 and the claim(s) is/are rejected for the reasons detailed with respect to claim 6. Per claim 14 (dependent on claim 9): Melvin ‘420 in view of Bernat ‘448 discloses the elements detailed in the rejection of claim 9 above, incorporated herein by reference. The limitations of the claim(s) correspond(s) to features of claim 7 and the claim(s) is/are rejected for the reasons detailed with respect to claim 7. Per claim 15 (dependent on claim 9): Melvin ‘420 in view of Bernat ‘448 discloses the elements detailed in the rejection of claim 9 above, incorporated herein by reference. The limitations of the claim(s) correspond(s) to features of claim 8 and the claim(s) is/are rejected for the reasons detailed with respect to claim 8. Per claim 16 (independent): Melvin ‘420 discloses: A system, comprising: one or more memory devices; a memory sub-system comprising: a hardware component; and a firmware component coupled with the hardware component; and a controller coupled with the memory sub-system and the one or more memory devices, the controller configured to cause the system to: (FIG. 1, [Col. 2], ll. 53-65, FIG. 1 illustrates an embodiment of a virtual self-destruct mechanism 19 (a memory sub-system) interposed between host device 10 and storage device 12 (one or more memory devices). Storage device 12 can be a conventional hard disk drive, a solid state drive or another form of digital storage. Peripheral interface 13 (a firmware component) interfaces with host device 10 and peripheral interface 16 (a firmware component) interfaces with storage device 12; [Col. 3], ll.65 – [Col. 4], ll.16, virtual self-destruct apparatus includes hardware based on the Trusted Platform Module (TPM) (an example of a hardware component included in the virtual self-destruct mechanism 19), which can be used to securely store keys and can be used to generate keys and key pairs using a built in random number generator (through a controller) ... key storage 11 comprises volatile memory) The remaining limitations of the claim(s) correspond(s) to features of claim 2 and the claim(s) is/are rejected for the reasons detailed with respect to claim 2. Per claim 19 (dependent on claim 16): Melvin ‘420 in view of Bernat ‘448 discloses the elements detailed in the rejection of claim 16 above, incorporated herein by reference. The limitations of the claim(s) correspond(s) to features of claim 3 and the claim(s) is/are rejected for the reasons detailed with respect to claim 3. Per claim 20 (dependent on claim 16): Melvin ‘420 in view of Bernat ‘448 discloses the elements detailed in the rejection of claim 16 above, incorporated herein by reference. The limitations of the claim(s) correspond(s) to features of claim 7 and the claim(s) is/are rejected for the reasons detailed with respect to claim 7. Per claim 21 (dependent on claim 16): Melvin ‘420 in view of Bernat ‘448 discloses the elements detailed in the rejection of claim 16 above, incorporated herein by reference. The limitations of the claim(s) correspond(s) to features of claim 8 and the claim(s) is/are rejected for the reasons detailed with respect to claim 8. Claim(s) 4-5 and 11-12 is/are rejected under 35 U.S.C. 103 as being unpatentable over Melvin ‘420 in view of Bernat ‘448 and LASKO et al., US-20190215160-A1 (hereinafter “LASKO ‘160”). Per claim 4 (dependent on claim 2): Melvin ‘420 in view of Bernat ‘448 discloses the elements detailed in the rejection of claim 2 above, incorporated herein by reference. Melvin ‘420 discloses: The method of claim 2, further comprising: receiving, by the hardware component and from a firmware component of the memory sub-system, a command to generate the first cryptographic key; generating, by the hardware component, a third cryptographic key associated with encrypting the data based at least in part on receiving the command (FIG. 1, [Col. 3], ll.9-54, When peripheral interface 13 (a firmware component of the memory sub-system) receives a write command (receiving a command to generate the first cryptographic key) ... encrypted by block 14 ... The key or keys used to encrypt the sector or sectors are supplied by key storage 11 (associated with encrypting the data based at least in part on receiving the command) ... In the case of a read command received by peripheral interface 13 ... decrypted by block 15 ... Key storage 11 will supply the key or keys to decrypt the data ... The encryption mechanism employed by encryption block 14, decryption block 15 and key storage 11 can be a symmetric or non-symmetric system ... In the case of a non-symmetric system different keys are utilized for encryption and decryption; [Col. 3], ll.65 – [Col. 4], ll.16, virtual self-destruct apparatus includes hardware based on the Trusted Platform Module (TPM) (the hardware component), which can be used to securely store keys and can be used to generate keys and key pairs (generate the first cryptographic key; generating, by the hardware component, a third cryptographic key associated with encrypting the data) using a built in random number generator ... key storage 11 comprises volatile memory ... Examples of volatile storage devices are semiconductor RAM cells and semiconductor registers; for example, in an embodiment employing a non-symmetric encryption mechanism, the virtual self-destruct apparatus may include a TPM configured to generate encryption and decryption keys as a matched key pair using a built-in random number generator by receiving the command initiated from the peripheral interface 13; furthermore, the peripheral interface 13 may receive multiple requests for generation of encryption keys (e.g., the first cryptographic key and/or the third cryptographic key) over time). Melvin ‘420 in view of Bernat ‘448 does not disclose but LASKO ‘160 discloses: receiving a command to update the first cryptographic key; generating a third cryptographic key associated with encrypting the data based at least in part on receiving the command; and storing the third cryptographic key in the first volatile memory based at least in part on generating the third cryptographic key (FIG. 3, [0030], the memory cryptography circuit 209 of FIG. 2. MC circuit 209 comprises an encryption engine 301, a decryption engine 302, a keystore 303 ... encrypt the plaintext with the cryptographic key (associated with encrypting the data based at least in part on receiving the command) ... decrypt the ciphertext with the cryptographic key ... The keystore 303 (the first volatile memory) may be a SRAM, register file, or similarly fast-access RAM configured to addressably store and update a plurality of cryptographic keys; FIG. 7, [0044], (after receiving a command to update the first cryptographic key) The KMU 207 provides to the keystore 303 (1) via the arbiter 304, the KID of the evicted key (the first cryptographic key) and (2) the cryptographic key (a third cryptographic key) of the activation PSE (step 707) and the keystore 303 stores the cryptographic key of the activation PSE in the memory address indicated by the KID of the evicted key (step 708), thereby replacing the key of the eviction PSE with the key of the activation PSE in the keystore 303 – storing the third cryptographic key in the first volatile memory based at least in part on generating the third cryptographic key). It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Melvin ‘420 in view of Bernat ‘448 with the storing of a cryptographic key associated with an activating protected software environment (PSE) in a key store, e.g., a SRAM, by replacing a cryptographic key associated with an evicted PSE as taught by LASKO ‘160 because the key replacement mechanism allows a large number of protected software environments to be supported while maintaining only active cryptographic keys in a small, high-speed keystore, thereby reducing hardware cost and memory requirements [0022-0023][0035]. Additionally, LASKO ‘160 is analogous to the claimed invention because it teaches MC circuit 209 comprises an encryption engine 301, a decryption engine 302, a keystore 303 [0030]. Per claim 5 (dependent on claim 4): Melvin ‘420 in view of Bernat ‘448 and LASKO ‘160 discloses the elements detailed in the rejection of claim 4 above, incorporated herein by reference. Melvin ‘420 in view of Bernat ‘448 does not disclose but LASKO ‘160 discloses: The method of claim 4, wherein the third cryptographic key replaces the first cryptographic key in the first volatile memory (FIG. 7, [0044], The KMU 207 provides to the keystore 303 (the first volatile memory) (1) via the arbiter 304, the KID of the evicted key (the first cryptographic key) and (2) the cryptographic key (the third cryptographic key) of the activation PSE (step 707) and the keystore 303 stores the cryptographic key of the activation PSE in the memory address indicated by the KID of the evicted key (step 708), thereby replacing the key of the eviction PSE with the key of the activation PSE in the keystore 303 – the third cryptographic key replaces the first cryptographic key in the first volatile memory). It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Melvin ‘420 in view of Bernat ‘448 with the storing of a cryptographic key associated with an activating protected software environment (PSE) in a key store, e.g., a SRAM, by replacing a cryptographic key associated with an evicted PSE as taught by LASKO ‘160 because the key replacement mechanism allows a large number of protected software environments to be supported while maintaining only active cryptographic keys in a small, high-speed keystore, thereby reducing hardware cost and memory requirements [0022-0023][0035]. Per claim 11 (dependent on claim 9): Melvin ‘420 in view of Bernat ‘448 discloses the elements detailed in the rejection of claim 9 above, incorporated herein by reference. The limitations of the claim(s) correspond(s) to features of claim 4 and the claim(s) is/are rejected for the reasons detailed with respect to claim 4. Per claim 12 (dependent on claim 11): Melvin ‘420 in view of Bernat ‘448 and LASKO ‘160 discloses the elements detailed in the rejection of claim 11 above, incorporated herein by reference. The limitations of the claim(s) correspond(s) to features of claim 5 and the claim(s) is/are rejected for the reasons detailed with respect to claim 5. Allowable Subject Matter Claim(s) 17-18 is/are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. The following is a statement of reasons for the indication of allowable subject matter: Regarding claim 17, the prior art of record (Melvin ‘420 in view of Bernat ‘448) does not disclose: “encrypt, by the hardware component, the first cryptographic key and the second cryptographic key based at least in part on storage of the first cryptographic key in the first volatile memory and storage of the second cryptographic key in the second volatile memory; and store, by the firmware component, the encrypted first cryptographic key and the encrypted second cryptographic key to a non-volatile memory included in the one or more memory devices” in the recited context. With respect to the allowable subject matter, Melvin ‘420 discloses storing cryptographic keys in a “volatile memory.” However, the reference fails to teach or suggest encrypting cryptographic keys and storing the encrypted cryptographic keys in a memory device comprising a “non-volatile memory,” as recited in the claim. Furthermore, Bernat ‘448 discloses storing encrypted cryptographic keys in each different “non-volatile memories.” However, it fails to teach or suggest encrypting the cryptographic keys and storing the encrypted cryptographic keys in a “non-volatile memory included in the one or more memory devices.” Accordingly, Melvin ‘420 in view of Bernat ‘448 fails to disclose or render obvious the claimed subject matter. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. NOGUCHI et al., US-20180262331-A1 – in generating a concealed cryptographic key, the concealment processing unit performs a second error correction encoding on the cryptographic key to produce the third data. The third data is then masked with a random number and subsequently subjected to a first error correction encoding to generate encoded data for concealment. Any inquiry concerning this communication or earlier communications from the examiner should be directed to SANGSEOK PARK whose telephone number is (571)272-4332. The examiner can normally be reached Monday-Friday 7:30-5:30 and Alternate Fridays 9:00 am-5:00 pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, PHILIP CHEA can be reached at (571)272-3951. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /SANGSEOK PARK/Primary Examiner, Art Unit 2499
Read full office action

Prosecution Timeline

Jan 16, 2025
Application Filed
Jun 22, 2026
Non-Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12675602
BIOMETRIC DATA ACCESS
1y 8m to grant Granted Jul 07, 2026
Patent 12664321
ELECTRONIC SYSTEM OF PUF-BASED ROOT KEY ENTANGLEMENT WITH MULTIPLE DIGITAL INPUT SEQUENCES AND ROOT KEY EXTRACTOR
2y 0m to grant Granted Jun 23, 2026
Patent 12640920
CRYPTOGRAPHIC KEY CONFIGURATION USING PHYSICAL UNCLONABLE FUNCTION
2y 2m to grant Granted May 26, 2026
Patent 12639453
MEMORY SYSTEM AND METHOD OF OPERATING THE SAME
1y 12m to grant Granted May 26, 2026
Patent 12634111
VERIFYING REMOTE EXECUTION OF MACHINE LEARNING INFERENCE UNDER HOMOMORPHIC ENCRYPTION USING PERMUTATIONS
3y 4m to grant Granted May 19, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
84%
Grant Probability
99%
With Interview (+16.0%)
2y 3m (~10m remaining)
Median Time to Grant
Low
PTA Risk
Based on 250 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month