DETAILED ACTION
The instant application having Application No. 16/367530 filed on March 28, 2019 is presented for examination by the examiner.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Oath/Declaration
The applicant’s oath/declaration has been reviewed by the examiner and is found to conform to the requirements prescribed in 37 C.F.R. 1.63.

Information Disclosure Statement
As required by M.P.E.P. 609(C), the applicant’s submission of the Information Disclosure Statement is acknowledged by the examiner and the cited references have been considered in the examination of the claims now pending. As required by M.P.E.P. 609(C), a copy of the PTOL-1449 initialed and dated by the examiner is attached to the instant office action.

Drawings
The applicant’s drawings submitted are acceptable for examination purposes.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains.  Patentability shall not be negatived by the manner in which the invention was made.

Claims 1, 3-5, 7, 12-13, 15-17, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over NPL “CCFI: Cryptographically Enforced Control Flow Integrity” hereinafter referred to as Ali in view of Milliken (US Pre-Grant Publication 2003/0065929) and further in view of Safa (US Pre-Grant Publication 2010/0275034).

As per claims 1 and 13, Ali discloses A method of preventing kernel control flow integrity exploits, the method comprising: 
configuring a compiler to reserve a register in a processor (Ali, abstract and section 1, teaches using control flow integrity to protect elements such as return addresses. Ali, section 3, teaches “… special registers our compiler reserves”. Ali, section 4, teaches that the “MAC key is randomly generated at program start, and stored in registers the CCFI compiler reserves”.); 
(Ali, abstract and sections 1 and 5, further teaches compiling the code using the CCFI compiler to prevent attacks.); and 
… prevent exploits using the reserved register (Ali, sections 1 and 4, teaches using the CCFI compiler to perform control flow integrity to protect control flow elements such as return addresses to prevent attacks.), 
wherein the reserved register stores a first encryption key for encrypting … return addresses (Ali, section 4, teaches that the “MAC key is randomly generated at program start, and stored in registers the CCFI compiler reserves”. Ali, section 4.1, teaches encrypting the return addresses/pointers using the MAC key and verifies before returning.)
However, Ali does not specifically teach “modifying the binary to prevent exploits using the reserved register, wherein the reserved register stores a first encryption key for encrypting and decrypting return addresses”.
Milliken discloses compiling source code into a binary … modifying the [source code] to prevent exploits using the … register, wherein the … register stores a first encryption key for encrypting and decrypting return addresses. (Milliken, paragraphs 2, 39, 50-51, 71-72, 112, 119 and claims 5, 22, 43, teaches the compiler modifying the source code to encrypt return addresses using a key that is stored in a register. Milliken, paragraph 59, teaches that one key or separate keys can be used for the encryption and decryption steps.)
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Milliken with the teachings of Ali. Ali 
However, Ali in view of Milliken does not specifically teach “modifying the binary to prevent exploits …”.
Safa discloses modifying the binary to prevent exploits (Safa, abstract, Figure 1, and paragraphs 2, 5, 43-44, teaches inserting protection code into an executable program.)
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Safa with the teachings of Ali in view of Milliken. Ali in view of Milliken teaches storing a key in a reserved register and modifying source code to prevent exploits by encrypting return addresses. Safa also teaches preventing exploits, but does so by modifying the executable instead of modifying the source code. Therefore, it would have been obvious to modify the executable instead of modifying the source code to prevent exploits as this would have been a simple substitution of one known form of application modification for another to yield the predictable results of preventing exploits by encrypting return addresses.
(Ali, section 1, teaches a processor with registers and a memory. Milliken, paragraph 41 and Figure 1 and 3, also teaches a processor and memory.)

As per claims 3 and 15, Ali in view of Milliken and Safa discloses wherein the modifying of the binary to prevent exploits comprises: identifying a branch instruction in the binary; inserting instructions into the binary to encrypt a return address of the identified branch instruction based on the first encryption key; and inserting instructions into the binary to decrypt the return address of the identified branch instruction based on the first encryption key (Ali, section 4.1, teaches encrypting the return addresses/pointers using the MAC key and verifies before returning. Milliken, paragraphs 2, 39, 50-51, 71-72, 112, 119 and claims 5, 22, 43, teaches the compiler modifying the source code to encrypt return addresses using a key that is stored in a register. Milliken, paragraph 59, teaches that one key or separate keys can be used for the encryption and decryption steps. It is noted that return addresses are pushed onto the stack (and encrypted as shown in Ali and Milliken) when a function call is made as shown in Milliken paragraph 72. This is considered as a branch instruction.)

As per claims 4 and 16, Ali in view of Milliken and Safa discloses wherein the modifying of the binary to prevent exploits further comprises: identifying a transition point in the binary; and inserting instructions into the binary to: identify memory (Ali, section 4.1, teaches encrypting the return addresses/pointers using the MAC key and verifies before returning. Milliken, paragraphs 2, 39, 50-51, 71-72, 112, 119 and claims 5, 22, 43, teaches the compiler modifying the source code to encrypt return addresses using a key that is stored in a register. Milliken, paragraph 59, teaches that one key or separate keys can be used for the encryption and decryption steps. It is noted that return addresses are pushed onto the stack (and encrypted as shown in Ali and Milliken) when a function call is made as shown in Milliken paragraph 72. This is considered as a transition point.) 

As per claims 5 and 17, Ali in view of Milliken and Safa discloses wherein the transition point comprises a kernel thread entry or a user thread entry (Ali, section 3, teaches protecting user programs.)

As per claims 7 and 19, Ali in view of Milliken and Safa discloses wherein the modifying of the binary to prevent exploits comprises identifying an indirect branch instruction to a first address; and inserting instructions into the binary to selectively execute a function associated with the first address (Ali, section 4.1, teaches encrypting the return addresses/pointers using the MAC key and verifies before returning. Milliken, paragraphs 2, 39, 50-51, 71-72, 112, 119 and claims 5, 22, 43, teaches the compiler modifying the source code to encrypt return addresses using a key that is stored in a register. Milliken, paragraph 59, teaches that one key or separate keys can be used for the encryption and decryption steps. It is noted that return addresses are pushed onto the stack (and encrypted as shown in Ali and Milliken) when a function call is made as shown in Milliken paragraph 72. This is considered as a branch instruction.)  

As per claim 12, Ali in view of Milliken and Safa discloses wherein the modifying of the binary to prevent exploits comprises: identifying instructions that store and load a return address in a register within a binary; inserting instructions into the binary to encrypt the register before the return address is stored to memory based on the first encryption key; and inserting instructions into the binary to decrypt the register after the return address is loaded from memory based on the first encryption key (Ali, section 4.1, teaches encrypting the return addresses/pointers using the MAC key and verifies before returning. Milliken, paragraphs 2, 39, 50-51, 71-72, 112, 119 and claims 5, 22, 43, teaches the compiler modifying the source code to encrypt return addresses using a key that is stored in a register. It is noted that return addresses are pushed onto the stack (and encrypted as shown in Ali and Milliken) when a function call is made as shown in Milliken paragraph 72. In order to push the return addresses onto the stack they must first be loaded into a register.)

Claims 6 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Ali in view of Milliken, Safa, and further in view of Narayanan (US Pre-Grant Publication 2003/0217277).

As per claims 6 and 18, Ali in view of Milliken and Safa does not specifically teach wherein the modifying of the binary to prevent exploits further comprises generating the second encryption key based on a cycle counter of the processor.
Narayanan teaches wherein the modifying of the binary to prevent exploits further comprises generating the second encryption key based on a cycle counter of the processor (Narayanan, abstract and paragraph 24, teaches generating a random key based on a CPU’s clock cycle counter and using the generated key to encrypt return addresses.)
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Narayanan with the teachings of Ali in view of Milliken and Safa. Ali in view of Milliken and Safa teaches using a single key or multiple keys to prevent exploits by encrypting return addresses. Narayanan teaches that the keys can be generated using a cycle counter of the processor. Therefore, it would have been obvious to generate the encryption keys using the cycle counter of the processor in order to add randomization to the key generation process and help prevent an attacker from obtaining the encryption keys.

Allowable Subject Matter
Claims 2 and 14 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. The following is an examiner’s statement of reasons for allowance: The primary reason for the allowance of the claims 

Claims 8 and 20 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. The following is an examiner’s statement of reasons for allowance: The primary reason for the allowance of the claims is the inclusion of the limitation, inter alia, “wherein the modifying of the binary to prevent exploits further comprises: inserting an authentication sequence into the binary; inserting an authentication function to authenticate the function based on the first address and the authentication sequence; and replacing the identified indirect branch instruction with a direct branch instruction to the authentication function". The closest prior art of record includes Hundt (US 2002/0188935) and Hundt (US 2003/0079218) that teach replacing an indirect branch instruction with a direct branch instruction. However, none of the cited prior art of record can be found that teaches the limitations of “inserting an authentication sequence into the binary; inserting an authentication 
Claims 9 and 21 are objected to for the same reasons as cited above and for being dependent on a previously objected to base claim.

Claims 10 and 22 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. The following is an examiner’s statement of reasons for allowance: The primary reason for the allowance of the claims is the inclusion of the limitation, inter alia, “wherein the modifying of the binary to prevent exploits comprises: identifying a function in the source code; identifying a register to zero based on a number of arguments associated with the identified function; and inserting instructions into the binary to zero the identified register in the identified function”. The closest prior art of record includes Ali, section 5.1 and 5.3, that teaches zeroing memory, but does not identify a register to zero based on the number of arguments of a function. However, none of the cited prior art of record can be found that teaches the limitations of “identifying a register to zero based on a number of arguments associated with the identified function; and inserting instructions into the binary to zero the identified register in the identified function” as currently claimed.
Claims 11 and 23 are objected to for the same reasons as cited above and for being dependent on a previously objected to base claim.

Related Prior Art
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure includes:
Shukla (US 2019/0243964) – teaches compiling “without the overhead of reserving a register”.
Sierra (US 10409600) – teaches a compiler reserving a register to store an encryption key.
Schmidt (US 8832672) – teaches a compiler reserving a register and compiling code.
Rubin (US 5530752) – teaches removing software instructions to prevent copying of software.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOHN B KING whose telephone number is (571)270-7310.  The examiner can normally be reached on Monday-Friday 10AM-6PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 5712728878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.






/John B King/
Primary Examiner, Art Unit 2498