DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Amendment
This Office Action is in response to the amendment filed 07/30/2020.
Claims 1-3, 6, 8-9, 12, 14, 17-19, 22, 24-25 are currently amended claims. Claims 4, 10, 15, 20 and 26 are currently cancelled claims. Claims 5, 11, 16, 21 and 27 are previously cancelled claims. Claims 1-3, 6-9, 12-14, 17-19, 22-25 are pending and considered.
The objections to claims 1-4, 6, 8-10, 12, 14-15, 17-20, 22, 24-26 have been withdrawn in light of applicant’s amendment to the claims and cancellation of claims 4, 10, 15, 20 and 26.
Response to Argument
Applicant’s argument, see pages 12-16 of the Remark filed 7/30/2020, with respect to claims over prior arts have been fully considered and are persuasive, further in view of the examiner’s amendments below. Upon examiner’s updated search on the features recited in the claims, examiner believes the case is in condition for allowance. Therefore the rejection under 35 U.S.C. 103 of claims 1-4, 6-10, 12-15, 17-20, 22-26 has been withdrawn.
Allowable Subject Matter
Claims 1-3, 6-9, 12-14, 17-19, 22-25 are allowed.
The following is an examiner’s statement of reasons for allowance: 
The present invention is directed to using asymmetric key cryptography to share a private key plaintext between server and a terminal for encryption and decryption and further 
Claim 1 (similarly claims 17) identifies the uniquely distinct features “stores the website private key plaintext in the first terminal, wherein the sending the website private key ciphertext to the first terminal comprises: in response to a received instruction to delete the website private key plaintext, sending to the first terminal the website private key identifier corresponding to the website private key ciphertext obtained through encryption of the website private key plaintext to be deleted, so that the first terminal searches for the website private key plaintext corresponding to the website private key identifier; and deletes the stored website private key plaintext and the correspondence relationship between the website private key plaintext and the website private key identifier”; and “receiving a website ciphertext and the website private key identifier sent from a second terminal, wherein the second terminal is a user terminal, and said website private key identifier is obtained by performing calculation on the website private key ciphertext by using Message-Digest Algorithm 5; sending said website ciphertext and said website private key identifier sent from a second terminal to the first terminal, so that the first terminal finds the stored website private key plaintext corresponding to the website private key identifier and generates a website plaintext by decrypting the website ciphertext with the found website private key plaintext, a corresponding 2Atty. Dkt. No. 592123 relationship between the website private key identifier and the website private key plaintext being prestored in the first terminal”. 
. 

The prior art, Ferguson (US20100306525A1) discloses server and methods of using a secret shared between a server and client by encrypting a secret with client’s public key that the server received from the client and send the secret to the client where the secret is used for further communication messages between the server and client for efficient distribution of 
The prior art, Nix (US20150095648A1) discloses methods and systems to utilize public key infrastructure to encrypt messages between server and module for efficient and secure M2M communication. In particular, Nix teaches generating key pairs by using a random number generator in cryptographic algorithm. Further Nix teaches a pre-shared secret key with string of characters or numbers and encryption of data with asymmetric keys and verify data plaintext being consistent with the data.
The prior art, Pahl et al (US20160013935A1) discloses apparatus and method of establishing a secure session using public key cryptography where server does not have access to the private key used during the secure session handshake. In particular, Pahl teaches using session identifier to identify cipher suite stored in different server to establish secure session. Pahl also teaches the key server may generate identifier of the private key and associate it with the private key part and further removal of the private key.
The prior art, Lund et al (US20080077796A1) discloses system and method for mutually authenticating a client with a server by transmitting a token from server to client to establish a secure data transfer link. In particular Lund teaches an authentication identifier may be correlated to the private client key by using a hash function such as Message Digest Algorithm-5 before transmitting the response packet to server for mutual authentication between the client and the server. 
 Le Saint et al (US20160241389A1) discloses systems and methods for confidential communication between client computer and server computer. In particular Le Saint teaches a protected server key identifier that identifies a server private key used to encrypt response message. Le Saint further teaches determining client private key using protected client key identifier and store the protected server key identifier. 
The prior art, Zheng (US 8,379,857 B1) discloses method and system for secure distribution of encryption keys to facilitate private communication in an unsecured communication network by providing a way to detect unauthorized access of an encryption key to mitigate any loss of confidential information. In particular Zheng teaches encryption key manager may delete the stored encryption key, share value and key identifier from memory to minimize the probability of unauthorized access of the encryption key. 
The prior arts, either singularly or in combination fails to anticipate or render obvious the claimed limitations of claim 1 (similarly claim 17) of “stores the website private key plaintext in the first terminal, wherein the sending the website private key ciphertext to the first terminal comprises: in response to a received instruction to delete the website private key plaintext, sending to the first terminal the website private key identifier corresponding to the website private key ciphertext obtained through encryption of the website private key plaintext to be deleted, so that the first terminal searches for the website private key plaintext corresponding to the website private key identifier; and deletes the stored website private key plaintext and the correspondence relationship between the website private key plaintext and the website private key identifier”; and “receiving a website ciphertext and the website private key identifier sent from a second terminal, wherein the second terminal is a user terminal, and 
The prior arts, either singularly or in combination fails to anticipate or render obvious the claimed limitations of claim 6 (similarly claims 12, 22) of “the website private key plaintext is pre-acquired, wherein the receiving a website private key ciphertext sent from the server comprises: receiving, from the server, the website private key identifier corresponding to the website private key ciphertext obtained through encryption of the website private key plaintext to be deleted, wherein the website private key identifier is sent from the server after the server receives an instruction for deleting the website private key plaintext; searching for the website private key plaintext corresponding to the website private key identifier; and deleting the website private key plaintext and the correspondence relationship between the website private key plaintext and the website private key identifier; decrypting the website private key ciphertext by using the first private key, to generate the website private key plaintext; storing the website private key plaintext; receiving a website ciphertext and a website private key identifier sent from the server, wherein the website ciphertext and the website private key identifier are received by the server and sent from a user terminal; searching for the website private key plaintext corresponding to the website private key identifier, a corresponding 
Regarding the dependent claims: dependent claims 2-3, 8-9, 13-14, 18-19, 23-25 are also allowed for incorporating the allowable feature recited in the independent claims.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
Examiner’s Amendment
The application has been amended as follows: 
An Examiner's amendment to the record appears below. Should the changes and/or additions be unacceptable to applicants, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in an interview with Douglas Link (720-931-3000) on 10/29/2020 and further communication on 11/5/2020.

PLEASE AMEND THE CLAIMS AS FOLLOWS:
1. (Currently Amended) A method for storing a website private key plaintext, applied on a server, comprising: 

encrypting the website private key plaintext of a website by using the first public key to generate a website private key ciphertext, wherein the website private key plaintext is pre-acquired; 
sending the website private key ciphertext to the first terminal, wherein the first terminal decrypts said website private key ciphertext by using the first private key to generate the website private key plaintext and stores the website private key plaintext in the first terminal, wherein the sending the website private key ciphertext to the first terminal comprises:
in response to a received instruction to delete the website private key plaintext, sending to the first terminal [[the ]]a website private key identifier corresponding to the website private key ciphertext obtained through encryption of the website private key plaintext to be deleted,wherein the first terminal searches for the website private key plaintext corresponding to the website private key identifier; and deletes the stored website private key plaintext and a corresponding relationship between the website private key plaintext and the website private key identifier; 
receiving a website ciphertext and the website private key identifier sent from a second terminal, wherein the second terminal is a user terminal, and said website private key identifier 
sending said website ciphertext and said website private key identifier sent from [[a]]the second terminal to the first terminal, wherein the first terminal finds the stored website private key plaintext corresponding to the website private key identifier and generates a website plaintext by decrypting the website ciphertext with the found website private key plaintext, [[a]]the corresponding relationship between the website private key plaintextidentifier
receiving said website plaintext sent from the first terminal.
2. (Previously Presented)  The method according to claim 1, wherein after the receiving the first public key sent from the first terminal the method further comprises:
checking the first public key by: 
acquiring data with a preset length; 
encrypting the data by using the first public key, to generate a data ciphertext; 
sending the data ciphertext to the first terminal; 
receiving a data plaintext sent from the first terminal, wherein the data plaintext is generated by the first terminal by decrypting the data ciphertext with the first private key; and
checking whether the data plaintext is consistent with the data; 
if the data plaintext is consistent with the data, encrypting the website private key plaintext by using the first public key; and

3. (Previously Presented)  The method according to claim 1, wherein the sending the website private key ciphertext to the first terminal comprises:
in response to a received instruction for adding the website private key plaintext, sending to the first terminal the website private key identifier corresponding to the website private key ciphertext obtained through encryption of the website private key plaintext to be added, wherein the website private key identifier and the website private key ciphertext are pre-stored, and have a one-to-one correspondence. 
4. (Canceled)  
5. (Canceled)
6. (Currently Amended)  A method for storing a website private key plaintext, applied to a terminal configured to perform encryption and decryption, comprising:
generating a first key pair randomly, wherein the first key pair comprises a first public key and a first private key;
sending the first public key to a server;
receiving a website private key ciphertext sent from the server, wherein the website private key ciphertext is generated by the server by encrypting the website private key plaintext the website private key ciphertext sent from the server comprises:
receiving, from the server, a website private key identifier corresponding to the website private key ciphertext obtained through encryption of the website private key plaintext to be deleted, wherein the website private key identifier is sent from the server after the server receives an instruction for deleting the website private key plaintext; searching for the website private key plaintext corresponding to the website private key identifier; and deleting the website private key plaintext and a corresponding 
decrypting the website private key ciphertext by using the first private key, to generate the website private key plaintext;
storing the website private key plaintext;
receiving a website ciphertext and [[a]]the website private key identifier sent from the server, wherein the website ciphertext and the website private key identifier are received by the server and sent from a user terminal;
searching for the website private key plaintext corresponding to the website private key identifier, [[a]]the corresponding relationship between the website private key plaintext identifier
decrypting the website ciphertext by using the website private key plaintext, to generate a website plaintext; and

7. (Previously Presented)  The method according to claim 6, further comprising:
receiving a data ciphertext sent from the server, wherein the data ciphertext is generated by the server by encrypting data with the first public key;
decrypting the data ciphertext by using the first private key, to generate a data plaintext; and
sending the data plaintext to the server.
8. (Previously Presented)  The method according to claim 7, further comprising:
regenerating a second key pair randomly in response to a received instruction for regenerating a second key pair sent from the server, and sending the regenerated second public key to the server.
9. (Currently Amended) The method according to claim 6, wherein 
the receiving a website private key ciphertext sent from the server comprises:
receiving, from the server, the website private key identifier corresponding to the website private key ciphertext obtained through encryption of the website private key plaintext to be added, wherein the website private key identifier and the website private key ciphertext are pre-stored and correspond one-to-one to each other, and the website private key identifier is sent from the server after the server receives an instruction for adding the website private key plaintext; and
the storing the website private key plaintext comprises:
the corresponding 
10. (Canceled) 
11. (Canceled)
12. (Currently Amended)  A system for storing a website private key plaintext, comprising:
a server, configured to receive a first public key sent from a first terminal, the first terminal being configured to perform encryption and decryption, a first key pair being randomly generated by the first terminal, the first key pair comprising the first public key and a first private key, encrypt a website private key plaintext of a website by using the first public key to generate a website private key ciphertext, and send the website private key ciphertext to the first terminal, wherein the website private key plaintext is pre-acquired; 
the first terminal, configured to generate the first key pair randomly, send the first public key to the server, receive the website private key ciphertext sent from the server, decrypt the website private key ciphertext by using the first private key to generate the website private key plaintext, and store the website private key plaintext, wherein the first key pair comprises the first public key and the first private key;
the server is further configured to receive a website ciphertext and a website private key identifier sent from a user terminal, a corresponding relationship between the website private key identifier and the website private key plaintext being stored in the first terminal, 
the first terminal is further configured to receive the website ciphertext and the website private key identifier sent from the server, search for the website private key plaintext corresponding to the website private key identifier, decrypt the website ciphertext by using the website private key plaintext to generate the website plaintext, and then send the website plaintext to the server;
the server is further configured to send to the first terminal the website private key identifier corresponding to the website private key ciphertext obtained through encryption of the website private key plaintext to be deleted in response to a received instruction to delete the website private key plaintext; and
the first terminal is further configured to receive, from the server, [[a]]the website private key identifier corresponding to the website private key ciphertext obtained through encryption of the website private key plaintext to be deleted, search for the website private key plaintext corresponding to the website private key identifier, and delete the website private key plaintext and correspondence relationship between the website private key plaintext and the website private key identifier.
13. (Previously Presented)  The system according to claim 12, wherein
the server is further configured to check the public key by: acquiring data with a preset length; encrypting the data by using the first public key to generate a data ciphertext, sending the data ciphertext to the first terminal, receiving a data plaintext sent from the first terminal, checking whether the data plaintext is consistent with the data; encrypting the website private 
the first terminal is further configured to: receive a data ciphertext sent from the server, decrypt the data ciphertext by using the first private key to generate a data plaintext, and then send the data plaintext to the server; and regenerate the second key pair randomly in response to a received instruction for regenerating the second key pair sent from the server, and send a regenerated second public key to the server.
14. (Previously Presented) The system according to claim 12, wherein
the server is further configured to send to the first terminal the website private key identifier corresponding to the website private key ciphertext obtained through encryption of the website private key plaintext to be added in response to a received instruction for adding the website private key plaintext, wherein the website private key identifier and the website private key ciphertext are pre-stored, and correspond one-to-one to each other; and
the first terminal is further configured to receive, from the server, the website private key identifier corresponding to the website private key ciphertext obtained through encryption of the website private key plaintext to be added, and store correspondence relationship between the website private key plaintext and the website private key identifier.
15. (Canceled) 
16. (Canceled). 
Currently Amended)  An apparatus for storing a website private key plaintext, comprising:
at least one processor; and 
a memory storing non-transitory computer readable instructions, which when executed by the at least one processor, cause the at least one processor to perform operations, the operations comprising:
receiving a first public key sent from a first terminal, the first terminal being configured to perform encryption and decryption, a first key pair being randomly generated by the first terminal, the first key pair comprising the first public key and a first private key;
encrypting the website private key plaintext of a website by using the first public key to generate a website private key ciphertext, wherein the website private key plaintext is pre-acquired; and
sending the website private key ciphertext to the first terminal, wherein the first terminal decrypts the website private key ciphertext by using the first private key to generate the website private key plaintext and store the website private key plaintext in the first terminal, wherein the sending the website private key ciphertext to the first terminal comprises:
in response to a received instruction to delete the website private key plaintext, sending to the first terminal a website private key identifier corresponding to the website private key ciphertext obtained through encryption of the website private key plaintext to be deleted, wherein a corresponding 
receiving a website ciphertext and the website private key identifier sent from a second terminal, wherein the second terminal is a user terminal, and said website private key identifier is obtained by performing calculation on the website private key ciphertext by using Message-Digest Algorithm 5;
sending the website ciphertext and the website private key identifier sent from [[a]] the second terminal to the first terminal configured to perform encryption and decryption, wherein the first terminal finds the stored website private key plaintext corresponding to the website private key identifier and generates a website plaintext by decrypting the website ciphertext with the found website private key plaintext, [[a]]the  corresponding relationship between the website private key plaintextidentifier
receiving [[a]] the website plaintext sent from the first terminal.
18. (Previously Presented) The apparatus according to claim 17, wherein after the receiving the first public key sent from the first terminal, the operations further comprises:
checking the first public key by: 
acquiring data with a preset length; 
encrypting the data by using the first public key, to generate a data ciphertext; 

receiving a data plaintext sent from the first terminal, wherein the data plaintext is generated by the first terminal by decrypting the data ciphertext with the first private key; and
checking whether the data plaintext is consistent with the data; 
if the data plaintext is consistent with the data, encrypting the website private key plaintext by using the first public key; and
if the data plaintext is not consistent with the data, sending an instruction for regenerating a second key pair to the first terminal, then receiving a second public key sent from the first terminal and repeating the checking the second public key.
19. (Previously Presented) A The apparatus according to claim 17, wherein the sending the website private key ciphertext to the first terminal comprises:
in response to a received instruction for adding the website private key plaintext, sending to the first terminal the website private key identifier corresponding to the website private key ciphertext obtained through encryption of the website private key plaintext to be added, wherein the website private key identifier and the website private key ciphertext are pre-stored, and correspond one-to-one to each other.
20. (Canceled)
21. (Canceled)
Currently Amended) An apparatus for storing a website private key plaintext, comprising:
at least one processor; and 
a memory storing non-transitory computer readable instructions, which when executed by the at least one processor, cause the at least one processor to perform operations, the operations comprising:
generating a first key pair randomly, wherein the first key pair comprises a first public key and a first private key;
sending the first public key to a server;
receiving a website private key ciphertext sent from the server, wherein the website private key ciphertext is generated by the server by encrypting the website private key plaintext with the first public key, and the website private key plaintext is pre-acquired, wherein the receiving the website private key ciphertext sent from the server comprises: 
receiving, from the server, [[the]]a website private key identifier corresponding to the website private key ciphertext obtained through encryption of the website private key plaintext to be deleted, wherein the website private key identifier is sent from the server after the server receives an instruction for deleting the website private key plaintext; searching for the website private key plaintext corresponding to the website private key identifier; and deleting the website private key plaintext and [[the]]a corresponding 
decrypting the website private key ciphertext by using the first private key, to generate the website private key plaintext; 
storing the website private key plaintext;
receiving a website ciphertext and a website private key identifier sent from the server, wherein the website ciphertext and the website private key identifier are received by the server and sent from a user terminal;
searching for [[a]]the website private key plaintext corresponding to the website private key identifier, [[a]]the corresponding relationship between the website private key plaintext identifier
decrypting the website ciphertext by using the website private key plaintext, to generate a website plaintext; and
sending the website plaintext to the server.
23. (Previously Presented) The apparatus according to claim 22, wherein the operations further comprises:
receiving a data ciphertext sent from the server, wherein the data ciphertext is generated by the server by encrypting data with the first public key;
decrypting the data ciphertext by using the first private key, to generate a data plaintext; and
sending the data plaintext to the server.
Previously Presented) The apparatus according to claim 23, wherein the operations further comprises:
regenerating a second key pair randomly in response to a received instruction for regenerating a second key pair sent from the server, and sending the regenerated second public key to the server.
25. (Currently Amended) The apparatus according to claim 22, wherein 
the receiving a website private key ciphertext sent from the server comprises:
receiving, from the server, the website private key identifier corresponding to the website private key ciphertext obtained through encryption of the website private key plaintext to be added, wherein the website private key identifier and the website private key ciphertext are pre-stored and correspond one-to-one to each other, and the website private key identifier is sent from the server after the server receives an instruction for adding the website private key plaintext; and
the storing the website private key plaintext comprises:
storing [[a]]the corresponding relationship between the website private key plaintext and the website private key identifier.
26. (Canceled) 
27. (Canceled) 
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. The following references are cited but not been replied upon for this office action:
Le Saint et al (US20160241389A1). Confidential communication management for server computer and client computer with protected server key identifier that identifies a server private key used to encrypt response message.
Zheng (US 8,379,857 B1). Secure distribution of encryption keys so as to facilitate private communication between users in an unsecured communication network.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL M LEE whose telephone number is (571)272-1975.  The examiner can normally be reached on M-F: 8:30AM - 5:30PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on (571) 272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you 

/MICHAEL M LEE/Examiner, Art Unit 2436                   
/KENDALL DOLLY/Primary Examiner, Art Unit 2436