DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is the responsive to the communication filed 01/22/2021.



	 	 Examiner’s statement of reason of allowance

The following is an examiner's statement of reasons for allowance: In interpreting the claims, in light of the Specification and the applicant's amendments filed on 01/22/2021, the Examiner finds the claimed invention to be patentably distinct from the prior art of record.
 	The present relates to a method of providing protection against replay attacks on memory, by refreshing or updating encryption keys. The replay protected computing system may employ encryption refresh of memory so that5 unauthorized copies of data are usable for a limited amount of time. The replay protected computing system initially encrypts protected data prior to storage in memory. After a predetermined time or after a number of memory accesses have occurred, the replay protected computing system decrypts the data with the existing key and re-encrypts data with a new key. Unauthorized copies of data (such as those made by an adversary 10 system/program) are not refreshed with subsequent new keys. When an adversary program attempts to use the unauthorized copies of data, the unauthorized copies of data are decrypted with the incorrect keys, which renders the decrypted data unintelligible.

 	Independent claims 1, 8 and 12, recite the uniquely distinct features of  encrypt the data based on a first domain that includes one or more of individual computer programs, computer program characteristics, memory address groups, or levels of privilege, wherein the second domain includes time, memory accesses of the memory circuitry, or a combination of the time and the memory accesses of the memory circuitry; refresh the second key based on an expiration of a predetermined duration of the time or based on a predetermined number of the memory accesses of the memory circuitry; wherein to refresh the second key, the second encryption circuitry is configured to decrypt the second encryption data to the first encryption data with the second key, the second encryption circuitry is configured to encrypt the first encryption data with a third encryption key, and the second encryption circuitry is configured to redefine the third encryption key as the second key.


The closest prior art, (Shimizu US 6085323 ), discloses processing apparatus arranged separate from the first information processing apparatus and capable of exchanging a signal with the first information processing apparatus. The first information processing apparatus includes a first key generator for generating a first key, and a first encrypting unit for encrypting data using the first key generated by the first key generator to generate first encrypted information. The second information processing apparatus includes a second key storage unit for storing a second key, and a second encrypting unit for encrypting the first key using the second key stored in the second storage unit to generate second encrypted information. The first information processing apparatus further includes a correlation storage unit for storing the first encrypted information generated by the first encrypting unit and the second encrypted information generated by the second encrypting unit, the first encrypted information being correlated with the second encrypted information.

The closest prior art, ( Anzai US 2015/0082040) discloses a portal server, a request for information from a terminal of a second user that is an agent for a first user is received, and an encrypted data directed to a terminal of the first user, stored in an encrypted-data memory unit, is re-encrypted using a re-encryption key for the second user, stored in a first encryption-key memory unit, arid is transmitted to the terminal of the second user, with the terminal of the second user, the re-encrypted data received is decrypted using an encryption key for the second user, stored in a second encryption-key memory unit, and time keys specified by the terminal of the first user, related to a time-period during which browsing of the information is permitted.

The closest prior art (Gandhasri US 9,774445) discloses re-keying ciphertext on a storage system is resident on a host/client communicating with a storage system. The generation of encryption keys and tracking which storage system blocks are encrypted with what keys remain with the security appliance or storage system, but the policy governing re-keying and initiating actions in accordance with that policy reside with the client/host.
The closest prior art ( Gray US 2016/0344629 ) discloses A configurable directional 2D router for Networks on Chips (NOCs) is disclosed. The router, which may be bufferless, is designed for implementation in programmable logic in FPGAs, and achieves theoretical lower bounds on FPGA resource consumption for various applications. The router employs an FPGA router switch design that consumes only one 6-LUT or 8-input ALM logic cell per router per bit of router link width. A NOC comprising a plurality of routers may be configured as a directional 2D torus, or in diverse ways, network sizes and topologies, data widths, routing functions, performance-energy tradeoffs, and other options. System on chip designs may employ a plurality of NOCs with different configuration parameters to customize the system to the application or workload characteristics. A great diversity of NOC client cores, for communication amongst various external interfaces and devices, and on-chip interfaces and resources, may be coupled to a router in order to efficiently communicate with other NOC client cores. The router and NOC enable feasible FPGA implementation of large integrated systems on chips, interconnecting hundreds of client cores over high bandwidth links, including compute and accelerator cores.

The closest prior art ( Bugbee US 2008/0304669) discloses generating and signing, by a potential recipient, a digital encryption certificate are described herein. In some embodiments, the digital encryption certificate may include a encryption key of an encryption key pair, and may be signed by the potential recipient with a signing key of a signing key pair. The signing key pair may have a second, publicly-accessible signing key associated with a digital signing certificate issued by a party trusted by the potential recipient and one or more potential senders. In various embodiments, potential senders may verify the digital encryption certificate and use the encryption key to encrypt and send digital messages to the potential recipient.

However, the prior art of record, either individually or in a reasonable combination, fails to disclose or suggest the underline limitations when in combination with the remaining limitations currently recited in the independent claims 1,8 and 12. In addition, updated search also did not yield any new applicable prior art with respect to the underlined limitations.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for Allowance." 






Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to ABU S SHOLEMAN whose telephone number is (571)270-7314.  The examiner can normally be reached on EST: 9am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/ABU S SHOLEMAN/Primary Examiner, Art Unit 2495