Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
This action is in response to the correspondence filed 03/28/2019.
Claims 1-14 are presented for examination.

Claim Objections
Claims 1 and 14 are objected to because of the following informalities:  the claim recites the limitation "if there is a match" in limitation “f.” The Examiner submits that if the conditional limitation step is not reached, then the remaining limitation steps do not have to be performed and will render the remaining limitations not valid. Therefore, it will not be required to show anticipation or obviousness for all paths of the conditional limitation which in this instance includes “authentication is successful for this connection session and the client is allowed to store on the server a new hashed word corresponding to a different random variable and a possibly different password for the next connection session; otherwise, authentication fails”. The Examiner suggests replacing “if” with “when”. Appropriate correction is required.
Claim 10 is objected to because of the following informalities:  the claim recites the limitation "if there is a match" and “if the server’s authentication is successful”. The Examiner submits that if the conditional limitation step is not reached, then the remaining limitation steps do not have to be performed and will render the remaining limitations not valid. Therefore, it will not be required to show .  Appropriate correction is required.
Claim 12 is objected to because of the following informalities: the claim recites the limitation "if authentication is allowed for this connection session". The Examiner submits that if the conditional limitation step is not reached, then the remaining limitation steps do not have to be performed and will render the remaining limitations not valid. Therefore, it will not be required to show anticipation or obviousness for all paths of the conditional limitation. The Examiner suggests replacing “if” with “when”. Appropriate correction is required.
Claim 13 is objected to because of the following informalities: the claim recites the limitation "if the right identifier is transmitted". The Examiner submits that if the conditional limitation step is not reached, then the remaining limitation steps do not have to be performed and will render the remaining limitations not valid. Therefore, it will not be required to show anticipation or obviousness for all paths of the conditional limitation. The Examiner suggests replacing “if” with “when”. Appropriate correction is required.
Claim 13 is objected to because of the following informalities: the claim recites the limitation "if comparison matches". The Examiner submits that if the conditional limitation step is not reached, then the remaining limitation steps do not have to be performed and will render the remaining limitations not valid. Therefore, it will not be required to show anticipation or obviousness for all paths of the conditional limitation. The Examiner suggests replacing “if” with “when”. Appropriate correction is required.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-14 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
As to claim 1, the limitations including “possessed/known” “his/her/its” and “possesses/knows” render the claim indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention. It is unknown whether the limitations are claiming the terms in the alternative, in combination or similar variations therefore the scope of the claim cannot be determined rendering the claim indefinite.
As to claim 1, the claim recites the limitation "the bits" in limitation “c.” There is insufficient antecedent basis for this limitation in the claim.
As to claim 1, the claim recites the limitation "the last internal state" in limitation “c.” There is insufficient antecedent basis for this limitation in the claim.
As to claim 1, the claim recites the limitation "the input data" in limitation “c.” There is insufficient antecedent basis for this limitation in the claim.
As to claim 1, the claim recites the limitation "the random variable" in limitation “e.” It is not clear as to whether this refers to the disposable random variable introduced previously or a second random variable. The Examiner suggests “the disposable random variable”.
As to claim 1
As to claims 2-11, claims 2-11 do not cure the deficiency of claim 1 and are rejected under 35 USC § 112 for their dependency upon claim 1.
As to claim 12, the limitation including “possessed/known” render the claim indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention. It is unknown whether the limitations are claiming the terms in the alternative, in combination or similar variations therefore the scope of the claim cannot be determined rendering the claim indefinite.
As to claim 12, the claim recites the limitation "the bits" in the second “-” limitation. There is insufficient antecedent basis for this limitation in the claim.
As to claim 12, the claim recites the limitation "the last internal state" in the second “-” limitation. There is insufficient antecedent basis for this limitation in the claim.
As to claim 12, the claim recites the limitation "the input data" in the second “-” limitation. There is insufficient antecedent basis for this limitation in the claim.
As to claim 12, the claim recites the limitation "the possibility to store on the server a new hashed word". The scope of the claim cannot be clearly determined as “having the possibility to store” does not indicate that a new hashed word is actually stored, therefore this limitation is not necessarily performed. The Examiner suggests amending the limitation to include language that performs the function of storing the new hashed word (e.g. “storing a new hashed word on the server”). Appropriate correction is required.
As to claim 12, the claim recites the limitation "the next connection session" in the third “-” limitation. There is insufficient antecedent basis for this limitation in the claim.
As to claim 13, the limitations including “possessed/known” and “his/her/its” render the claim indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the 
As to claim 13, the claim recites the limitation "the right identifier" in the first “-” limitation. There is insufficient antecedent basis for this limitation in the claim.
As to claim 13, the claim recites the limitation "the bits" in the second “-” limitation. There is insufficient antecedent basis for this limitation in the claim.
As to claim 13, the claim recites the limitation "the last internal state" in the second “-” limitation. There is insufficient antecedent basis for this limitation in the claim.
As to claim 13, the claim recites the limitation "the input data" in the second “-” limitation. There is insufficient antecedent basis for this limitation in the claim.
As to claim 13, the claim recites the limitation "the random variable" in the fourth “-” limitation. It is not clear as to whether this refers to the disposable random variable introduced previously or a second random variable. The Examiner suggests “the disposable random variable”.
As to claim 14, the limitations including “possessed/known” “his/her/its” and “possesses/knows” render the claim indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention. It is unknown whether the limitations are claiming the terms in the alternative, in combination or similar variations therefore the scope of the claim cannot be determined rendering the claim indefinite.
As to claim 14, the claim recites the limitation "the bits" in limitation “c.” There is insufficient antecedent basis for this limitation in the claim.
As to claim 14
As to claim 14, the claim recites the limitation "the input data" in limitation “c.” There is insufficient antecedent basis for this limitation in the claim.
As to claim 14, the claim recites the limitation "the random variable" in limitation “e.” It is not clear as to whether this refers to the disposable random variable introduced previously or a second random variable. The Examiner suggests “the disposable random variable”.
As to claim 14, the claim recites the limitation "the next connection session" in limitation “f.” There is insufficient antecedent basis for this limitation in the claim.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 12-14 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.
As to claims 12-14, the claims do not fall within at least one of the four categories of patent eligible subject matter because the claims recite a “computer program product comprising instructions” that are not stored on a non-transitory storage. Therefore the claims are directed to only instructions, only software per se, which is not included as one of the four categories of patent eligible subject matter. Further, review of the specification does not appear to include the instructions being stored on media.

Relevant Prior Art
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
US 2018/0254904 to Hwang teaches an integrated authentication system using single-use random numbers including generating the first single-use random number by extracting the random numbers of locations corresponding to the seed value and the user password from the random numbers constituting the first random number set and then encrypting the extracted random numbers with a first hash function; and the authentication server may generate the second single-use random number by extracting the random numbers of locations corresponding to the seed value and the user password stored in the password DB from the random numbers constituting the second random number set and encrypting the extracted random numbers with a second hash function, wherein the user is authenticated based on whether the second single-use random number matches the first single-use random number received from the user terminal.
US 2015/0134947 to Varcoe et al. teaches a secure communication method including generating, by party P, a first combined value by combining the value a.sub.i/b.sub.i of the sequence A/B corresponding to party P with a random value using a self -inverse operation; transmitting, by party P, the first combined value to party Q; generating, by party Q, a second combined value by combining the first combined value with the value b.sub.i/a.sub.i, of the sequence B/A corresponding to party Q using the self -inverse operation; generating, by party Q, a first hash value of the second combined value; transmitting, by party Q the first hash value to party P; generating, by party P, a second hash value of the random value; comparing, by party P, the first hash value and the second hash value; transmitting, by party P, a match signal according to the result of the comparison; retaining, by party P and party Q, only those values in sequences A and B that match as indicated by the match signal.
US 2017/0155634 to Camenisch et al. teaches a password-based management method of encrypted filed including computing a hash of a password for comparing for determining whether a key can be reconstructed for the encrypted files. 

Allowable Subject Matter
Claims 1 and 12-14 would be allowable if rewritten or amended to overcome the rejections under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), 2nd paragraph, and 35 USC 101 set forth in this Office action.
The following is a statement of reasons for the indication of allowable subject matter: Independent claims 1 and 12-14, and their respective dependent claims, are allowable over the prior art of record, including Hwang, Varcoe, Camenisch and the remaining references cited by the Examiner and the Applicant’s IDS, since the prior art, taken individually or in combination, fails to particularly disclose, fairly suggest or render obvious:
a hashed word generated by applying a hash function to a disposable random variable possessed/known by both the client and the server and concatenated with a sequence resulting from hashing the concatenation of a password known from the client, said disposable random variable and an initialization sequence possessed by the client, the client transmitting a backhash obtained by a modified hash function configured to conserve all bits of a last terminal state computed from the input data of said hash function and the server applying to the concatenation of the hashed word and the backhash an inverse hash function obtained by algebraically solving said hash function, in view of the other limitations of the claim, as specified in claims 1 and 14;
a hashed word generated by applying a hash function to a disposable random variable possessed/known by both the client and the server and concatenated with a sequence resulting 
a hashed word generated by applying a hash function to a disposable random variable possessed/known by both the client and the server and concatenated with a sequence resulting from hashing the concatenation of a password known from the client, said disposable random variable and an initialization sequence possessed by the client, waiting to receive from the client a backhash obtained by a modified hash function configured to conserve all bits of a last terminal state computed from the input data of said hash function and applying the concatenation of the hashed word and the backhash to an inverse hash function obtained by algebraically solving said hash function, in view of the other limitations of the claim, as specified in claim 13.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MALCOLM CRIBBS whose telephone number is (571)270-1566.  The examiner can normally be reached on Monday-Friday 930a-330p; 430p-630p.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Hadi Armouche can be reached on (571)270-3618.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


MALCOLM . CRIBBS
Examiner
Art Unit 2497



/MALCOLM CRIBBS/Primary Examiner, Art Unit 2497