Prosecution Insights
Last updated: July 17, 2026
Application No. 19/111,778

SYSTEM AND METHODS FOR PORTABILITY AND TRANSPARENTLY INTEGRATING POST-QUANTUM CRYPTOGRAPHY IN COMMUNICATIONS

Non-Final OA §103
Filed
Mar 13, 2025
Priority
Dec 29, 2022 — nonprovisional of PCTUS2022082536
Examiner
LANIER, BENJAMIN E
Art Unit
Tech Center
Assignee
QuSecure, Inc.
OA Round
1 (Non-Final)
69%
Grant Probability
Favorable
1-2
OA Rounds
2y 4m
Est. Remaining
86%
With Interview

Examiner Intelligence

Grants 69% — above average
69%
Career Allowance Rate
637 granted / 920 resolved
+9.2% vs TC avg
Strong +17% interview lift
Without
With
+17.3%
Interview Lift
resolved cases with interview
Typical timeline
3y 8m
Avg Prosecution
30 currently pending
Career history
954
Total Applications
across all art units

Statute-Specific Performance

§101
1.5%
-38.5% vs TC avg
§103
83.1%
+43.1% vs TC avg
§102
7.7%
-32.3% vs TC avg
§112
3.4%
-36.6% vs TC avg
Black line = Tech Center average estimate • Based on career data from 920 resolved cases

Office Action

§103
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Claim Objections The numbering of claims is not in accordance with 37 CFR 1.126 which requires the original numbering of the claims to be preserved throughout the prosecution. When claims are canceled, the remaining claims must not be renumbered. When new claims are presented, they must be numbered consecutively beginning with the number next following the highest numbered claims previously presented (whether entered or not). Amended claim set dated 13 March 2025, which adds claims 21-23, does not include claim 7. For the purpose of examination, Examiner has used the limitations of originally filed claim 7 for the rejection below. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claims 1, 5-10, 13, 16 are rejected under 35 U.S.C. 103 as being unpatentable over Davis, U.S. Publication No. 2018/0176192, in view of Sun, CN 109951452. Referring to claim 1, Davis discloses the establishment of a communication session between customers 302 and secure proxies such that the customers communication sensitive data to the secure proxies ([0035]-[0036]), which meets the limitation of responsive to a session of a proxy service being initiated, [obtaining, by the proxy service and from a reverse proxy, portable binary instructions]. A secure proxy 506 executing in a virtual computing system instance that further executes applications/processes to perform decryption of received sensitive data ([0054]: secure proxy 506 reads on the claimed proxy service; sensitive data reads on the claimed user request/request response to the extent that the data is decrypted. The encrypted data is never functionally utilized in the claims outside of being decrypted. Therefore, the name “user request” or “request response” would be considered to be non-functional descriptive material that is not given patentable weight. See MPEP 2111.04-2111.05; McEliece cryptosystem can be utilized [0120] which represents a post-quantum cryptosystem), which meets the limitation of executing, by the proxy service, the obtained portable binary instructions within a secure virtualized environment of a user agent to perform decryption of a user request or a request response. Davis does not specify that the applications/processes are received from a reverse proxy. Sun discloses a cryptographic service implementation wherein commands are transmitted by a reverse proxy to a machine implementing cryptographic functionality (Page 12, last full paragraph: commands read on the claimed portable binary instructions), which meets the limitation of obtaining, by the proxy service, from a reverse proxy, portable binary instructions. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the secure proxy of Davis to have received commands specific to the cryptographic functionality, from a reverse proxy, because Sun discloses that implementation of cryptographic tasks using an encryption machine and other devices such as the reverse proxy represents one of a finite number of possible embodiments that could be implemented with a reasonable expectation of success (Page 6, second paragraph). Referring to claim 5, Davis discloses that the secure proxy 506 executes a virtual computing system instance that further executes applications/processes to perform decryption of received sensitive data ([0054]) such that the virtual computing system can include an isolated execution environment ([0068]-[0069]), which meets the limitation of wherein the secure virtualized environment comprises an independent context of execution within the user agent, the independent context of execution having an independent memory space. Referring to claim 6, Davis discloses that the virtual computing system can include a virtual machine ([0057]), which meets the limitation of wherein the independent context of execution comprises a virtual machine (VM). Referring to claim 7, Davis discloses that the secure proxy 506 executing in a virtual computing system instance that further executes applications/processes to perform decryption of received sensitive data ([0054]) wherein the virtual computing system is implementing using a programming module executed on a computing system ([0109]: programming module reads on the claimed another client application), which meets the limitation of wherein the user agent comprises another client application. Referring to claim 8, Davis does not specify that the applications/processes are received from a reverse proxy. Sun discloses a cryptographic service implementation wherein commands are transmitted by a reverse proxy to a machine implementing cryptographic functionality (Page 12, last full paragraph: commands read on the claimed portable binary instructions). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the secure proxy of Davis to have received commands specific to the cryptographic functionality, from a reverse proxy, because Sun discloses that implementation of cryptographic tasks using an encryption machine and other devices such as the reverse proxy represents one of a finite number of possible embodiments that could be implemented with a reasonable expectation of success (Page 6, second paragraph). Sun does not specify that this transmission would be performed by encapsulating the commands. Davis does specify that the secure proxy establishes TLS channels for communication ([0038]), which meets the limitation of wherein the portable binary instructions executed to perform the post-quantum custom decryption are encapsulated within the first custom cryptography binary instruction module implementing a first custom cryptographic method or protocol. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the for the secure proxy of Davis to have received commands specific to the cryptographic functionality, from a reverse proxy, using TLS channels in order to provide secure communications as suggested by Davis ([0018] & [0038]). Referring to claim 9, Davis suggests that TLS or other secure connections ([0038]) could be utilized and that the other secure connections include SSL and HTTPS ([0018]: the recitation of TLS or other secure connections shows a decision step implemented to determine which connection protocol should be used and this decision logic would read on the claimed policy), which meets the limitation of exchanging, based on a policy, the first custom cryptographic binary instruction module with a second custom cryptographic binary instruction module implementing a second custom cryptographic method or protocol different from the first custom cryptographic method or protocol. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the for the secure proxy of Davis to have received commands specific to the cryptographic functionality, from a reverse proxy, using one of the secure channels discussed in Davis, in order to provide secure communications as suggested by Davis ([0018] & [0038]). Referring to claim 10, Davis discloses the establishment of a communication session between customers 302 and secure proxies such that the customers communication sensitive data to the secure proxies ([0035]-[0036]) wherein the proxies can be implemented on devices having memory and processors ([0116]), which meets the limitation of a computing system configured to perform custom cryptography, the computing system comprising a memory, and at least one processor coupled to the memory and configured to responsive to a session of a proxy service being initialized, [obtain, via the proxy service and from a reverse proxy, portable binary instructions]. A secure proxy 506 executing in a virtual computing system instance that further executes applications/processes to perform decryption of received sensitive data ([0054]: secure proxy 506 reads on the claimed proxy service; sensitive data reads on the claimed user request/request response to the extent that the data is decrypted. The encrypted data is never functionally utilized in the claims outside of being decrypted. Therefore, the name “user request” or “request response” would be considered to be non-functional descriptive material that is not given patentable weight. See MPEP 2111.04-2111.05; McEliece cryptosystem can be utilized [0120] which represents a post-quantum cryptosystem), which meets the limitation of execute, via the proxy service, the obtained portable binary instructions within a secure virtualized environment of a user agent to perform decryption of a user request or a request response. Davis does not specify that the applications/processes are received from a reverse proxy. Sun discloses a cryptographic service implementation wherein commands are transmitted by a reverse proxy to a machine implementing cryptographic functionality (Page 12, last full paragraph: commands read on the claimed portable binary instructions), which meets the limitation of obtaining, by the proxy service, from a reverse proxy, portable binary instructions. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the secure proxy of Davis to have received commands specific to the cryptographic functionality, from a reverse proxy, because Sun discloses that implementation of cryptographic tasks using an encryption machine and other devices such as the reverse proxy represents one of a finite number of possible embodiments that could be implemented with a reasonable expectation of success (Page 6, second paragraph). Referring to claim 13, Davis discloses that the secure proxy 506 executes a virtual computing system instance that further executes applications/processes to perform decryption of received sensitive data ([0054]) such that the virtual computing system can include an isolated execution environment ([0068]-[0069]), which meets the limitation of wherein the secure virtualized environment comprises an independent context of execution within the user agent, the independent context of execution having an independent memory space. Referring to claim 16, Davis discloses the establishment of a communication session between customers 302 and secure proxies such that the customers communication sensitive data to the secure proxies ([0035]-[0036]), which meets the limitation of responsive to a session of a proxy service being initiated, [obtain, via the proxy service and from a reverse proxy, portable binary instructions]. A secure proxy 506 executing in a virtual computing system instance that further executes applications/processes to perform decryption of received sensitive data ([0054]: secure proxy 506 reads on the claimed proxy service; sensitive data reads on the claimed user request/request response to the extent that the data is decrypted. The encrypted data is never functionally utilized in the claims outside of being decrypted. Therefore, the name “user request” or “request response” would be considered to be non-functional descriptive material that is not given patentable weight. See MPEP 2111.04-2111.05; McEliece cryptosystem can be utilized [0120] which represents a post-quantum cryptosystem), which meets the limitation of execute, via the proxy service, the obtained portable binary instructions within a secure virtualized environment of a user agent to perform decryption of a user request or a request response. Davis does not specify that the applications/processes are received from a reverse proxy. Sun discloses a cryptographic service implementation wherein commands are transmitted by a reverse proxy to a machine implementing cryptographic functionality (Page 12, last full paragraph: commands read on the claimed portable binary instructions), which meets the limitation of obtain, via the proxy service, from a reverse proxy, portable binary instructions. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the secure proxy of Davis to have received commands specific to the cryptographic functionality, from a reverse proxy, because Sun discloses that implementation of cryptographic tasks using an encryption machine and other devices such as the reverse proxy represents one of a finite number of possible embodiments that could be implemented with a reasonable expectation of success (Page 6, second paragraph). Referring to claim 19, Davis discloses that the secure proxy 506 executes a virtual computing system instance that further executes applications/processes to perform decryption of received sensitive data ([0054]) such that the virtual computing system can include an isolated execution environment ([0068]-[0069]), which meets the limitation of wherein the secure virtualized environment comprises an independent context of execution within the user agent, the independent context of execution having an independent memory space. Referring to claim 20, Davis does not specify that the applications/processes are received from a reverse proxy. Sun discloses a cryptographic service implementation wherein commands are transmitted by a reverse proxy to a machine implementing cryptographic functionality (Page 12, last full paragraph: commands read on the claimed portable binary instructions). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the secure proxy of Davis to have received commands specific to the cryptographic functionality, from a reverse proxy, because Sun discloses that implementation of cryptographic tasks using an encryption machine and other devices such as the reverse proxy represents one of a finite number of possible embodiments that could be implemented with a reasonable expectation of success (Page 6, second paragraph). Sun does not specify that this transmission would be performed by encapsulating the commands. Davis does specify that the secure proxy establishes TLS channels for communication ([0038]), which meets the limitation of wherein the portable binary instructions executed to perform the post-quantum custom decryption are encapsulated within the first custom cryptography binary instruction module implementing a first custom cryptographic method or protocol. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the for the secure proxy of Davis to have received commands specific to the cryptographic functionality, from a reverse proxy, using TLS channels in order to provide secure communications as suggested by Davis ([0018] & [0038]). Davis suggests that TLS or other secure connections ([0038]) could be utilized and that the other secure connections include SSL and HTTPS ([0018]: the recitation of TLS or other secure connections shows a decision step implemented to determine which connection protocol should be used and this decision logic would read on the claimed policy), which meets the limitation of the first custom cryptographic binary instruction module is configured to be exchangeable, based on a policy, with a second custom cryptographic binary instruction module implementing a second custom cryptographic method or protocol different from the first custom cryptographic method or protocol. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the for the secure proxy of Davis to have received commands specific to the cryptographic functionality, from a reverse proxy, using one of the secure channels discussed in Davis, in order to provide secure communications as suggested by Davis ([0018] & [0038]). Claims 2 are rejected under 35 U.S.C. 103 as being unpatentable over Davis, U.S. Publication No. 2018/0176192, in view of Sun, CN 109951452, and further in view of Van Hooser, U.S. Publication No. 2025/0141923. Referring to claim 2, Davis does not specify the utilization of the QSL or the PQTLS protocols. Van Hooser discloses the utilization of the QSL or the PQTLS protocols ([0002]), which meets the limitation of wherein the post-quantum custom encryption or decryption comprises a Quantum Secure Layer (QSL) protocol or a Post-Quantum Transport Layer Security (PQTLS) protocol. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have utilized the QSL or PQTLS protocols in Davis in order to provide security systems that are more resilient to non-classical computers as suggested by Van Hooser ([0001]). Claims 3, 11, 17 are rejected under 35 U.S.C. 103 as being unpatentable over Davis, U.S. Publication No. 2018/0176192, in view of Sun, CN 109951452, and further in view of Del Pino, U.S. Publication No. 2023/0396432. Referring to claims 3, 11, 17, Davis discloses that the cryptosystem can be implemented using classic McEliece ([0120]). Davis does not specify that the cryptosystem can be implemented using the Kyber/SABER/NIST algorithms. Del Pino discloses the utilization of encryption schemes that include classic McEliece, Kyber, SABER, and other encryption schemes that can be found in the NIST Post-Quantum cryptography project files ([0028]), which meets the limitation of wherein the post-quantum custom encryption or decryption comprises a Kyber algorithm, a SABER algorithm, a National Institute of Standards and Technology (NIST) candidate post-quantum algorithm. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have alternatively utilized Kyber, SABER, or an NIST algorithm instead of classic McEliece because Del Pino suggests that Kyber/SABER/NIST algorithms represent one of a finite number of possible encryption systems that could be utilized by one of ordinary skill in the art with a reasonable expectation of success (Del Pino: [0028]). Claims 4, 12, 18 are rejected under 35 U.S.C. 103 as being unpatentable over Davis, U.S. Publication No. 2018/0176192, in view of Sun, CN 109951452, and further in view of Helms, U.S. Publication No. 2022/0075825. Referring to claims 4, 12, 18, Davis does not specify the utilization of bytecode to implement the applications. Helms implementing applications as bytecode ([0144]), which meets the limitation of wherein the portable binary instructions comprise a bytecode. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the applications of Davis to have been implemented using bytecode in order to provide predictable performance and reduced processing time as suggested by Helms ([0145]). Claim 21 is rejected under 35 U.S.C. 103 as being unpatentable over Davis, U.S. Publication No. 2018/0176192, in view of Sun, CN 109951452, and further in view of Brown, U.S. Publication No. 2023/0179425. Referring to claim 21, Davis discloses that the secure proxy 506 executes a virtual computing system instance that further executes applications/processes to perform decryption of received sensitive data ([0054]), which meets the limitation of wherein executing the portable binary instructions to perform the post-quantum decryption further comprises calling, by the portable binary instructions a custom cryptography library [via a POSIX socket]. Davis does not specify that the cryptographic functionality is performed using a POSIX socket. Brown discloses operating system functionality calls via a POSIX ([0068]), which meets the limitation of calling, by the portable binary instructions a custom cryptography library via a POSIX socket. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the cryptographic functionality is performed using a POSIX socket because Brown suggests that POSIX represents one of a finite number of possible elements that could be implemented to perform function calls by one having ordinary skill in the art with a reasonable expectation of success. Allowable Subject Matter Claims 14, 15, 22, 23 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Benson, U.S. Publication No. 2022/0182413, discloses a cryptographic platform that establishes encrypted communications between two devices using cryptographic keys obtained by the two devices. Melchor, U.S. Patent No. 12,549,601, discloses secure cryptographic communications between a user device and an external service using a server acting as a proxy between the user device and external service for legacy applications. Rudzitis, U.S. Publication No. 2019/0342079, discloses key management service for network connected devices. Any inquiry concerning this communication or earlier communications from the examiner should be directed to BENJAMIN E LANIER whose telephone number is (571)272-3805. The examiner can normally be reached M-Th: 5:30-4:00. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Alexander Lagor can be reached at 5712705143. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /BENJAMIN E LANIER/ Primary Examiner, Art Unit 2437
Read full office action

Prosecution Timeline

Mar 13, 2025
Application Filed
Jul 01, 2026
Non-Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12675562
BIOMETRIC AUTHENTICATION USING A SMART RING
2y 0m to grant Granted Jul 07, 2026
Patent 12671590
AUTHENTICATION BASED ON MAKEUP APPLICATION TECHNIQUE
2y 5m to grant Granted Jun 30, 2026
Patent 12665892
SYSTEMS AND METHODS OF SHARING INFORMATION THROUGH A TAG-BASED CONSORTIUM
1y 9m to grant Granted Jun 23, 2026
Patent 12652167
STORING CRYPTOGRAPHIC KEYS SECURELY
2y 3m to grant Granted Jun 09, 2026
Patent 12641426
RADIO LINK RECOVERY FOR USER EQUIPMENT
1y 9m to grant Granted May 26, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
69%
Grant Probability
86%
With Interview (+17.3%)
3y 8m (~2y 4m remaining)
Median Time to Grant
Low
PTA Risk
Based on 920 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month