DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Status of Claims
This is the first office action on the merits in response to the application filed on 08/29/2025.
Claims 1-20 are currently pending and have been examined.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13.
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer.
Claims 1-20 are provisionally rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 1-4,6-14,16-19 and 23 of copending Application No. 17/761,226. Although the claims are not identical, the claims of the instant application are not patentably distinct from each other.
The claims of Application No. 17/761,226, recite to “receiving, by a remote data storage service, a request for data,” “ transmitting, to a first multi-party computation (MPC) server controlled by the first entity, an MPC request,” “receiving an MPC response…including a cryptographic response generated by a secure cryptoprocessor,” “decrypting… the stored encrypted data based at least partially on the MPC response from the first entity,” “ computing a derived key upon request as part of an MPC process,” obtaining a master key by decrypting a data encryption key in the remote data storage service with the derived key,” “decrypting, by the remote data storage service with the master key,” and “preventing decryption by denying the MPC response, blocking cryptographic functions, or restricting access to a key management system based on an action initiated by the first entity”.
The claims of Application No. 29/314,109, recite to “a multi-party computation (MPC) server comprising at least one secure cryptographic processor… receive, from a remote requestor system, a request to perform a cryptographic operation associated with a key using an MPC protocol; verify that a predefined number of MPC servers are participating in an MPC process; retrieve, from a secure storage location, a locally stored secret value associated with the key for use in the MPC protocol; compute a partial cryptographic result in accordance with the MPC protocol using the locally stored secret value and at least one operation defined by a cryptographic algorithm; apply an encryption layer to the partial cryptographic result using an encryption key to wrap the partial cryptographic result, wherein the encryption key is generated or accessed during the computation of the partial cryptographic result and is not retained after the MPC process completes; and transmit the wrapped partial cryptographic result to a response destination associated with the request without transmitting the locally stored secret value or any unwrapped cryptographic result”.
Both claim sets require performing an MPC process in which cryptographic information is generated from secret values, as recited in the parent claim, “receiving a MPC response…including a cryptographic response generated by a secure cryptoprocessor” and “computing a derived key…as part of an MPC process” and the current claim set reciting to “compute a partial cryptographic result…using the locally stored secret value in accordance with the MPC protocol.”
The current claim set differs in reciting “compute a partial cryptographic result; apply an encryption layer…to wrap the partial cryptographic result; the encryption key…is not retained after the MPC process completes; and transmitting the locally stored secret value or ant unwrapped cryptographic result.” However, the parent claim limitation of “computing a derived key upon request as part of an MPC process” uses a cryptographic response generated by a secure cryptoprocesor in computing the derived key as part of an MPC process, as similarly recited in the current claim set “partial cryptographic result… using a locally stored secret value.” It would have been obvious to a person of ordinary skill in the art to apply an encryption layer to the partial cryptographic result using an encryption key to wrap the partial cryptographic result to ensure the encryption key is not retained after the MPC process completes and to transmit the wrapped partial cryptographic result…without transmitting the locally stored secret value or any unwrapped cryptographic result. These are well-understood techniques for protecting cryptographic information and preventing secret values from getting exposed in MPC systems. Accordingly, the differences constitute obvious variations, and the claims are not patentably distinct.
Allowable Subject Matter
The following is a statement of reasons for the indication of allowable subject matter: The independent claim 1 contains allowable subject matter. As per claim 1, the closest prior art of record, United States Patent Application No. 20200034550 to Kim teaches a system for improving data privacy in Internet of Things (IoT) devices. The system includes an IoT device having data stored thereon, one or more blockchain nodes in communication with the IoT device, and one or more multi-party computation (MPC) nodes in communication with the IoT device and the one or more blockchain nodes. The data is encrypted using a blockchain process, and a symmetric key for the encrypted data is securely distributed via a MPC process to a data recipient. In addition, United States Patent Application No. 9680805 to Rodgers teaches a method and system for key management. The method includes receiving, by a control domain on a server, a request for a tenant key, and obtaining an authorization secret from a management service, where the management service is external to the server. The method further includes, in response to the request, decrypting, after obtaining the authorization secret, an encrypted platform master key to obtain a platform master key, decrypting an encrypted tenant key to obtain the tenant key using the platform master key, and providing the tenant key to an entity that issued the request. In addition, International Patent Application No. 2013131631 to Meister teaches a method for creating an authentication instance 300 derived from an original data storage medium 100. The original data storage medium has a key pair dedicated to the original data storage medium, comprising a public key PKO and a secret key SKO of the original data storage medium 100, and a certificate CPKO about the public key PKO of the original data storage medium 100. For the derivative authentication instance 300, a secret key SKA is derived from the secret key SKO of the original data storage medium 100 by way of the original data storage medium 100. Derivative data g1, C.sub.g1 are generated for the derivative authentication instance 300. Subsequently, authentication data 310 are transferred to the derivative authentication instance 300, wherein the authentication data include derivative data g1, C.sub.g1, the certificate CPKO of the public key PKO of the original data storage medium 100, and a derivative key pair, comprising the derivative secret key SKA and the public key PKO of the original data storage medium 100. In addition, the NPL Reference Multiparty Secure Computing Method, Device, and Electronic Device teaches a secure multi-party computation method applicable to any one computing node of a plurality of computing nodes deployed in a distributed network are provided. The plurality of computing nodes jointly participate in a secure multi-party computation based on private data held by each computing node. The computing node is connected to a trusted key source, and the method includes: obtaining a trusted key from the trusted key source; encrypting the private data held by the computing node based on the obtained trusted key to obtain ciphertext data; transmitting a computing parameter comprising at least the ciphertext data to other computing nodes participating in the secure multi-party computation, so that the other computing nodes perform the secure multi-party computation based on collected computing parameters transmitted by the computing nodes participating in the secure multi-party computation.
The closest prior art of record fails to teach or suggest, in the context of the ordered combination of the claim, retrieve, from a secure storage location, a locally stored secret value associated with the key for use in the MPC protocol; compute a partial cryptographic result in accordance with the MPC protocol using the locally stored secret value and at least one operation defined by a cryptographic algorithm; apply an encryption layer to the partial cryptographic result using an encryption key to wrap the partial cryptographic result, wherein the encryption key is generated or accessed during the computation of the partial cryptographic result and is not retained after the MPC process completes; and transmit the wrapped partial cryptographic result to a response destination associated with the request without transmitting the locally stored secret value or any unwrapped cryptographic result. Accordingly, the cited prior art, whether considered individually or in combination, fails to teach or suggest the claimed sequence of operations and associated security constraints.
Claims 2-8 are dependent on claim 1 and contain allowable subject matter for the same reasons stated above. In addition, claim 9 is analogous to claim 1, and thus contains allowable subject matter for the same reasons stated above. Claims 10-16 are dependent on claim 9 and contain allowable subject matter for the same reasons stated above. In addition, claim 17 is analogous to claim 1, and thus contains allowable subject matter for the same reasons stated above. Claims 18-20 are dependent on claim 17 and contain allowable subject matter for the same reasons stated above.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Davida L. King whose telephone number is (571) 272-4724. The examiner can normally be reached M-F 8am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached on (571) 270-1492. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/D.L.K./Examiner, Art Unit 3699
Prosecution Insights