DETAILED ACTION
	This action is responsive to application filed on 09/24/2019. Claims 1-20 are pending and being considered. Claims 1 and 20 are independent. Claims 3-6 and 18 are objected. Thus, the claims 1-2, 7-17 and 19-20 are rejected.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Priority
The present disclosure, filed on 09/24/2019, claims the foreign priority benefit of GB Application Number 1815520.0 filed 09/24/2018.

Information Disclosure Statement


The information disclosure statement (IDS) submitted on 09/24/2019 and 03/31/2020 were filed on or after the mailing date of the application no.16/580,786 on 09/24/2019. The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner and an initialed and dated copy of Applicant’s IDS forms 1449 filed on 09/24/2019 and 03/31/2020 are attached to the instant office action.

Drawings
The drawings (Figs. 1-7) filed on 09/24/2019, and the drawings replacement sheet (Fig. 3) filed on 12/09/2019 has been reviewed and accepted.

Specification
The disclosure, filed on 09/24/2019, has been reviewed and accepted.

Abstract
The abstract of the disclosure, filed on 09/24/2019, has been reviewed and accepted.

Claim Objections
Claims 1-20 are objected to because of the following informalities:
Claim 1, line 4: claim recite “a plurality of peers” which should have been “the plurality of peers”.
Claim 1, line 5-6: claim recites “at least one security credential being generated in dependence on one or more feature of the respective peer device”. It appears that it should have been “wherein at least one security credential being generated in dependence on one or more feature of the respective peer device”.
Claim 1, line 10: recites “and respective security credentials” should have been “and the respective security credentials”.
Claim 2, line 2: the claim recites “each peer of a plurality of peers”, which should have been “each peer of the plurality of peers”.
Claim 5, line 3: the claim recites “measuring a value of one or more feature”, which should read as “measuring a value of the
Claim 8, line 2: the claim recites “where the security credentials of the peers”, which should have been “where the respective security credentials for each peer of the plurality of peers”.
Claim 9, line 9: the claim recites “security credentials in dependence on one or more feature of a respective peer device”. It appears that it should have been “security credentials in dependence on the one or more feature of the respective peer device”.
Claims 2-19, line 1: claims recites “a method…” It appears that it should have been “the method…”
Claim 20, lines 4-5: claim recite “a plurality of peers” which should have been “the plurality of peers”.
Claim 20, line 5-6: claim recites “at least one security credential being generated in dependence on one or more feature of the respective peer device”. It appears that it should have been “wherein at least one security credential being generated in dependence on one or more feature of the respective peer device”.
Claim 20, line 9: recites “and respective security credentials” should have been “and the respective security credentials”.
Correction is required.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:

The claimed invention is not directed to patent eligible subject matter. Based upon consideration of all of the relevant factors with respect to the claim as a whole, claims 1-20 are determined to be directed to an abstract idea.
Claims 1-20 are rejected under 35 USC 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more.
Under the 2019 Revised Patent Subject Matter Eligibility Guidance (“2019 PEG”), effective January 7, 2019, independent claims 1 and 20 are directed to an abstract idea without being significantly more nor being integrated into a practical application. The claims are directed towards a method and system for generating an authentication key at a device for authenticating an output from a ring comprising a plurality of peers.
	For instance, the independent claim 20 recites the steps of “a system for generating an authentication key at a device for authenticating an output from a ring comprising a plurality of peers, the system comprising a processor configured to: generate respective security credentials for each peer of a plurality of peers constituting a ring of peers, at least one security credential being generated in dependence on one or more feature of the respective peer device; generate a ring key in respect of the ring; and generate an authentication key in dependence on the ring key, a security credential of a first peer and respective security credentials of at least one of the other peers.”, as drafted, is a process that, under its broadest reasonable interpretation, covers For example, one ordinary skilled in the art, in the context of the claims, can manually (i.e., by using pen and paper and/or in human mind) generate respective security credentials for each peer of a plurality of peers constituting a ring of peers, and can also manually (i.e., by using pen and paper and/or in human mind) generate at least one security credential based on one or more feature of the respective peer device. Wherein, the generated respective security credentials for each peer can be utilized to manually (i.e., by using pen and paper and/or human mind) generate a ring key. Wherein the generated ring key, a security credential of a first peer and the respective security credentials of at least one of the other peers can further be utilized to manually (i.e., by using pen and paper and/or human mind) generate an authentication key. Therefore, the claim limitations, as drafted, is a process that, under its broadest reasonable interpretation, covers performance of the limitations in the mind and/or includes some additional physical steps such as to encompass performance by a human using pen and paper but for the recitations of generic computer components such as a processor, etc. If a claim limitation, under its broadest reasonable interpretation, covers performance of the limitation in the mind and/or includes some additional physical steps such as to encompass performance by a human using pen and paper but for the recitation of generic computer components e.g., a processor, then it falls within the “Mental Processes” grouping of abstract ideas. Accordingly, the claim recites an abstract idea.
This judicial exception is not integrated into a practical application because the claim recites additional element, such as a processor. These elements in the claim are 
The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional element of a computer to perform “generate respective security credentials for each peer of a plurality of peers constituting a ring of peers, at least one security credential being generated in dependence on one or more feature of the respective peer device; generate a ring key in respect of the ring; and generate an authentication key in dependence on the ring key, a security credential of a first peer and respective security credentials of at least one of the other peers” steps amounts to no more than mere instructions to apply the exception using a generic computer which may include component e.g., a processor. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. Thus, the claim is not patent eligible.
Therefore, the independent claim 1 is also rejected under 35 U.S.C 101 as being directed to non-statutory subject matter for the same reasons addressed above for the independent claim 20.
Thus, the claims 1-20 are rejected under 35 U.S.C 101 as being directed to non-statutory subject matter as the claims do not contain any element or combination of 

Claim Rejections - 35 U.S.C. 101
Reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

       Claim 20 is rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. 
As per claim 20, the claim call for ‘A system for generating an authentication key at a device for authenticating an output from a ring comprising a plurality of peers, the system comprising a processor configured to:’, however, there is no hardware element found within the claimed system. As the body of the claim and the immediate disclosure (in Para. [0018-0019]) only disclose ‘a processor’, and does not positively recite any hardware embodiment, the claim is directed to non-statutory subject matter.  The nominal recitation of ‘the processor’ with an absence of a hardware element in the body of the claim fails to make the claim statutory under 35 USC 101.  See Am. Med. Sys., Inc v. Biolitec, Inc., 618 F.3d 1354, 1358 (Fed. Cir. 2010).  See also Ex parte Cohen et al., (Appeal No. 2009-011366) for details.  
The Examiner respectfully suggests that the claim be further amended to positively recite at least a hardware processor or computer processor and/ or a memory 

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Regarding claim 1, claim recite limitations "generating an authentication key” in line 9 of the claim 1. The limitation is indefinite because it is not clear whether the recited claim limitation “generating an authentication key” in line 9 of the claim 1, is same as recited in claim limitation “generating an authentication key” in line 1 of the claim 1 and/or different from each other. Therefore, the claim 1 is indefinite and are rejected under 35 U.S.C. 112(b) or pre-AIA  35 U.S.C. 112, second paragraph. Clarification is required.
1, claim recites "the respective peer device” in line 6 of claim 1, which has not been previously defined. Therefore, there is insufficient antecedent basis for this limitation. 
Regarding claim 8, claim recites “storing the set of tags, and storing the at least one integer value” in lines 4-5 of the claim 8, which has not been previously defined. Therefore, there is insufficient antecedent basis for this limitation. 
Regarding claim 11, examiner notes that the claim refers to “a method for processing an authentication key at a device comprising: receive an authentication key generated according to claim 1”. Therefore, it is not clear whether “an authentication key generated at a device” in claim 1 is the same “an authentication key” being processed “at a device” in claim 11 and/or different from each other. Clarification is required.
Regarding claim 20, claim recite limitations "generating an authentication key” in line 8 of the claim 20. The limitation is indefinite because it is not clear whether the recited claim limitation “generating an authentication key” in line 8 is same as recited in claim limitation “generating an authentication key” in line 1 of the claim 20 and/or different from each other. Therefore, the claim 20 is indefinite and are rejected under 35 U.S.C. 112(b) or pre-AIA  35 U.S.C. 112, second paragraph. Clarification is required.
Regarding claim 20, claim recites "the respective peer device” in line 6 of claim 20, which has not been previously defined. Therefore, there is insufficient antecedent basis for this limitation. 

Claim Rejections - 35 U.S.C. 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any 
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or non-obviousness.

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 7 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Roth; Gregory B. et al. (US 2018/0270051 A1), hereinafter (Roth) in view of Lundblade; Laurence et al. (US 2006/0095957 A1), hereinafter (Lundblade).

Regarding claim 1, Roth teaches a method for generating an authentication key for providing a digital signature at a device for authenticating an output from a ring comprising a plurality of peers, the method comprising (Roth, Fig. 15 and Para. [0117-0119], discloses to compute a signing key and once the signing key (i.e., hereinafter authentication key) is computed 1506, in an embodiment, a message is ): 
generating a ring key in respect of the ring in dependence on the respective security credential of each peer constituting the ring (Roth, Fig. 15 and Para. [0112], discloses that the process 1500 includes computation 1502 of information referred to herein as a key-seed. The key-seed, in an embodiment, is a vector that encodes a key path for each of multiple authorities […]. In one specific example, the key-seed may take the form of: [0113] (spec.sub.1,. . . , spec.sub.N) where spec.sub.i may be an encoding of a key path. The key path may include information for each node in the key path, the information for each node being separated from the information for another node by a delimiter. The information may be ordered, such as according to the order of the nodes in a corresponding key hierarchy. Wherein Key-seed represents a ring key); and 
generating an authentication key in dependence on the ring key, a security credential of a first peer and respective security credentials of at least one of the other peers (Roth, Fig. 15 and Para. [0117], discloses that a signing key is computed based at least in part on the obtained partial keys for each key holder and the computed key-seed. For example, as illustrated to the right of the flowchart in FIG. 15, the signing key may be [0118] SK=HMAC(PK.sub.1+ . . . +PK.sub.n, Key-Seed). Wherein the “PK.sub.1+ . . . +PK.sub.n” represents a security credential of a first peer and respective security credentials of at least one of the other peers, respectively. Or see also Para. [0043]).  
However Roth fails to explicitly disclose but Lundblade from the same field of technology teaches generating respective security credentials for each peer of a plurality of peers constituting a ring of peers, at least one security credential being generated in dependence on one or more feature of the respective peer device (Lundblade, Para. [0076], discloses to generate a plurality of credentials for remote devices, and at least one of the plurality of credentials based on both the received characteristics 310 of the client computing device 300 and a unique client key 409, and/or at least one of the plurality of credentials based on both the received characteristics 310 of the client computing device 300 and a generic key 410); 
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Lundblade’ into the teachings of ‘Roth’, with a motivation to generate respective security credentials for each peer of a plurality of peers constituting a ring of peers, at least one security credential being generated in dependence on one or more feature of the respective peer device, as taught by Lundblade, in order to have secure communication and strong authentication between remote computing devices and servers; Lundblade, Para. [0002].

Regarding claim 7, Roth as modified by Lundblade teaches a method according to claim 1, wherein Roth further teaches comprising, after generating the authentication key (Roth, Para. [0119], discloses that once the signing key is ), but fails to explicitly disclose wherein Lundblade further teaches discarding the ring key and/or the security credential of the first peer (Lundblade, Para. [0041], discloses to append, replace and/or delete credentials on a client computing device during system operations).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Lundblade’ into the teachings of ‘Roth’, with a motivation to discarding the ring key and/or the security credential of the first peer, as taught by Lundblade, in order to have secure communication and strong authentication between remote computing devices and servers; Lundblade, Para. [0002].

Regarding claim 20, claim recites similar subject matter as claim 1. Therefore, the response set forth above with respect to the claim 1 is equally applicable to the claim 20 of “a system for generating an authentication key at a computing device”.

Claims 2, 8, 11-17 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Roth; Gregory B. et al. (US 2018/0270051 A1), hereinafter (Roth) in view of Lundblade; Laurence et al. (US 2006/0095957 A1), hereinafter (Lundblade), and further in view of Brown; Aaron et al. (US 2020/0082126 A1), hereinafter (Brown).

Regarding claim 2, Roth as modified by Lundblade teaches a method according to claim 1, wherein Roth as modified by Lundable fails to explicitly disclose but Brown from the same field of technology teaches in which the respective security credential for each peer of a plurality of peers comprises at least a portion of a public/private key pair, and the authentication key is generated in dependence on a private key of the first peer and respective public keys of at least one of the other peers (Brown, Para. [0074], discloses that in order to generate a valid linkable ring signature, the processor 62 requires a set of n public keys L=[y.sub.1, . . . , y.sub.n] and a private key x.sub..pi. corresponding to a public key y.sub..pi., such that y.sub..pi.=g.sup.x.sup..pi., which is in the set of public keys L=[y.sub.1, . . . , y.sub.n], where 1.ltoreq..pi..ltoreq.n. The set of n public keys L=[y.sub.1, . . . , y.sub.n] defines the group of identities, referred to as the query string ring, which can sign a valid linkable ring signature. The set of n public keys L=[y.sub.1, . . . , y.sub.n] includes the subset of n-1 cryptographic identities y.sub.i included in the list of pre-registered identities 216 and a query string ring key).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Brown’ into the teachings of ‘Roth’ as modified by ‘Lundblade’, with a motivation to generate the linkable ring signature, using the set of n public keys L=[y.sub.1, . . . , y.sub.n] and private key x.sub..pi., as taught by Brown, in order to construct a secure and privacy preserving system; Brown, Para. [0075 and Abstract].

Regarding claim 8, Roth as modified by Lundblade teaches a method according to claim 1, wherein Roth further teaches comprising one or more of: storing the set of tags (Roth, Para. [0080], discloses a data store that associates keys with key identifiers (i.e., tags)), and 
However Roth as modified by Lundblade fails to explicitly disclose but Brown from the same field of technology teaches where the security credentials of the peers comprise public keys, storing the public keys of the peers (Brown, Para. ), 
storing the at least one integer value (Brown, Para. [0039], discloses the values s= [s.sub.1, s.sub.2, . . . , s.sub.n] correspond to identifiers for the watchtowers 50, where the values of s can be interpreted as an integer).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Brown’ into the teachings of ‘Roth’ as modified by ‘Lundblade’, with a motivation to the security credentials of the peers comprise public keys, storing the public keys of the peers, and storing the at least one integer value, as taught by Brown, in order to construct a secure and privacy preserving system; Brown, Para. [Abstract].

Regarding claim 11, Roth as modified by Lundblade teaches a method for processing an authentication key at a device comprising: receiving an authentication key generated according to claim 1 (Roth, Fig. 16 and Para. [0122], discloses that the process 1600 includes receiving 1602 a message and a signature (S) for the message. The signature and message may be, for example, received from a device that performs a process for signature generation, such as the process 1500 described above in connection with FIG. 15 or variations thereof); 
Roth, Para. [0046], discloses a HMAC(X, credential), where X may be an identifier of a service with which the artifact is usable. As yet another example, X may, but does not necessarily, encode multiple semantic meanings ), a security credential of which first peer is used in the generation of the received authentication key (Roth, Para. [0081], discloses that the recipient may have access to a key derivation path which is information that encodes information necessary to derive the key from the information the recipient already has (e.g. a key derived from a shared secret credential). This information may be provided to the recipient form a submitter of a message with a signature or otherwise may be made available to the recipient);  57Attorney Docket No. 2214-0005 
regenerating the security credential of the first peer Roth, Para. [0081], discloses that a recipient of a key identifier (e.g. a message verifier) may reference a data store to determine whether a key corresponding to the key identifier is in the data store and, if not, may then generate the key itself, such as by using the techniques described herein to derive the key directly or indirectly from a shared secret credential. To enable this, the recipient may have access to a key derivation path which, in an embodiment, is information that encodes information necessary to derive the key from the information the recipient already has (e.g. a key derived from a shared secret credential). This information may be provided to the recipient form a submitter of a message with a signature or otherwise may be made available to the recipient. For instance, the recipient may be programmed to automatically generate keys using its assigned region and a code for the current date. ); and 
verifying the received authentication key against the further authentication key (Roth, Fig. 16 and Para. [0126], discloses that, at block 1616, a determination is then made whether the generated signature (S=S’) matches the signature that was received).  
However Roth fails to explicitly disclose but Lundblade further teaches regenerating the security credential of the first peer in dependence on one or more feature of the first peer device (Lundblade, Para. [0076], discloses to generate at least one of the plurality of credentials based on both the received characteristics 310 of the client computing device 300 and a unique client key 409, and/or at least one of the plurality of credentials based on both the received characteristics 310 of the client computing device 300 and a generic key 410 and replace the old credentials with the newly generated credentials); 
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Lundblade’ into the teachings of ‘Roth’, with a motivation to generate each of those security credentials in dependence on one or more feature of a respective peer device of the plurality of peers, as taught by Lundblade, in order to have secure communication and strong authentication between remote computing devices and servers; Lundblade, Para. [0002].
accessing a stored set of public keys for peers in a ring of peers, generating a further authentication key in dependence on the regenerated security credential of the first peer and the set of public keys (Brown, Para. [0074], discloses that in order to generate a valid linkable ring signature, the processor 62 requires a set of n public keys L=[y.sub.1, . . . , y.sub.n] and a private key x.sub..pi. corresponding to a public key y.sub..pi., such that y.sub..pi.=g.sup.x.sup..pi., which is in the set of public keys L=[y.sub.1, . . . , y.sub.n], where 1.ltoreq..pi..ltoreq.n.); and
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Brown’ into the teachings of ‘Roth’ as modified by ‘Lundblade’, with a motivation to generate the linkable ring signature, using the set of n public keys L=[y.sub.1, . . . , y.sub.n] and private key x.sub..pi., as taught by Brown, in order to construct a secure and privacy preserving system; Brown, Para. [0075 and Abstract].

Regarding claim 12, Roth as modified by Lundblade in view of Brown teaches a method according to claim 11, wherein Roth as modified by Lundblade fails to explicitly disclose but Brown further teaches in which respective security credentials for the peers comprise respective public keys which are stored as the set of public keys (Brown, Para. [0074], discloses that the set of n public keys L=[y.sub.1, . . . , y.sub.n] defines the group of identities, and see also Para. [0057], discloses that a list of allowed participant identities 212 is stored on the blockchain BC.sub.1 and comprises an unsorted linked list of cryptographic identities y.sub.i (i.e., a subset of public keys ).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Brown’ into the teachings of ‘Roth’ as modified by ‘Lundblade’, with a motivation to provide respective security credentials for the peers comprise respective public keys which are stored as the set of public keys, as taught by Lundblade, in order to construct a secure and privacy preserving system; Brown, Para. [0075 and Abstract].

Regarding claim 13, Roth as modified by Lundblade in view of Brown teaches a method according to claim 11, wherein Roth as modified by Lundblade fails to explicitly disclose but Brown further teaches in which the security credential of the first peer comprises a private key and the received authentication key is generated in dependence on that private key (Brown, Para. [0074], discloses that in order to generate a valid linkable ring signature, the processor 62 requires a set of n public keys L=[y.sub.1, . . . , y.sub.n] and a private key x.sub..pi. corresponding to a public key y.sub..pi., such that y.sub..pi.=g.sup.x.sup..pi., which is in the set of public keys L=[y.sub.1, . . . , y.sub.n], where 1.ltoreq..pi..ltoreq.n.).
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Brown’ into the teachings of ‘Roth’ as modified by ‘Lundblade’, with a motivation to generate the linkable ring signature, using the set of n public keys L=[y.sub.1, . . . , y.sub.n] and 
  
Regarding claim 14, Roth as modified by Lundblade in view of Brown teaches a method according to claim 13, wherein Roth as modified by Lundblade fails to explicitly disclose but Brown further teaches in which regenerating the security credential of the first peer comprises regenerating the private key of the first peer and the further authentication key is generated in dependence on the regenerated private key (Brown, Para. [0041], discloses that each data storing device 60 has a unique cryptographic identity. For example, in the embodiments described herein, the unique cryptographic identity for data storing device 60, having the index i, comprises is a public-private key pair (y.sub.i, x.sub.i), such that y.sub.i=g.sup.x.sup.i, in an asymmetric cryptographic system in which the private key x.sub.i is capable of generating secure digital signatures).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Brown’ into the teachings of ‘Roth’ as modified by ‘Lundblade’, with a motivation to regenerate the private key of the first peer and the further authentication key is generated in dependence on the regenerated private key, as taught by Brown, in order to construct a secure and privacy preserving system; Brown, Para. [0075 and Abstract].

Regarding claim 15, Roth as modified by Lundblade in view of Brown teaches a method according to claim 11, Wherein Roth further teaches in which the received authentication key is associated with a message (Roth, Fig. 16, depicts, at block ), and the method comprises authenticating the message in dependence on verifying that the received authentication key verifies against the further authentication key (Roth, Fig. 16 and Para. [0126], discloses that, at block 1616, a determination is then made whether the generated signature (S=S’) matches the signature that was received).  

Regarding claim 16, Roth as modified by Lundblade in view of Brown teaches a method according to claim 15, Wherein Roth further teaches comprising determining that the received authentication key verifies against the further authentication key where the received authentication key matches the further authentication key (Roth, Fig. 16 and Para. [0126], discloses that, at block 1616, a determination is then made whether the generated signature (S=S’) matches the signature that was received […]. At block 1616, if it is determined that the generated message signature matches the received message signature, then action appropriate to the signature being verified may be taken at block 1618).  

Regarding claim 17, Roth as modified by Lundblade in view of Brown teaches a method according to claim 11, Wherein Roth further teaches comprising generating a ring key in respect of the ring (Roth, Fig. 16, at block 1604 depicts to compute a Key-seed) and generating the further authentication key in dependence on the ring key (Roth, Fig. 16, at block 1608, depicts to compute a further signing key using acquired PK and computed Key-seed).  

Regarding claim 19, Roth as modified by Lundblade in view of Brown teaches a method according to claim 11, Wherein Roth further teaches comprising generating the further authentication key in dependence on a stored set of tags and/or at least one stored integer value (Roth, Para. [0093], discloses that key K-service is used with a request identifier to derive a signing key, that is, a key used to sign requests to a service).  

Claims 9-10 are rejected under 35 U.S.C. 103 as being unpatentable over Roth; Gregory B. et al. (US 2018/0270051 A1), hereinafter (Roth) in view of Lundblade; Laurence et al. (US 2006/0095957 A1), hereinafter (Lundblade), and further in view of Fenster, Yaacov (WO 2016/128969 A1, Provided by IDS), hereinafter (Fenster).

Regarding claim 9, Roth as modified by Lundblade teaches a method according to claim 1, wherein Roth further teaches in which generating the ring key comprises: generating the ring key further comprises (Roth, Fig. 15, discloses to compute the Key-seed): 
However Roth fails to explicitly disclose but Lundblade further teaches determining each of those security credentials in dependence on one or more feature of a respective peer device of the plurality of peers (Lundblade, Para. [0017], discloses to generate credentials based on the received characteristics of the client computing device of the plurality of devices), and 
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Lundblade’ into the teachings of ‘Roth’, with a motivation to determining each of those security credentials in dependence on one or more feature of a respective peer device of the plurality of peers, as taught by Lundblade, in order to have secure communication and 
However Roth as modified by Lundblade fails to explicitly disclose but Fenster from the same field of technology teaches determining a tolerance value indicating the number of peers required to process the ring key (Fenster, Fig. 4, at block 405, depicts to receive an identifier from each entity in a pool of N entities), 
determining coefficients of a polynomial of an order that is one less than the tolerance value, the ring key being a function of the polynomial (Fenster, Fig. 4, at block 410, depicts to generate K-1 random numbers where K≤N, and as further depicted, at block 415, generating a polynomial of a degree K-1 with the K-1 random numbers as coefficients Ai (0<i<K) for the ith degree), 
generating the respective security credentials comprises (Fenster, pdf page 25, discloses to generate a unique identifier for respective entities, and as further disclosed in pdf pages 18 (last paragraph)-19 (first paragraph) wherein the unique identifier can be for example a password or a biometric identifier such as fingerprint, etc.), for a number of security 56Attorney Docket No. 2214-0005 credentials equal to or greater than the tolerance value (Fenster, Fig. 4, at block 405, depicts to receive an identifier from each entity in a pool of N entities), using each security credential as a first parameter of the polynomial to generate a set of corresponding second parameter values (Fenster, Fig. 4, at block 420, depicts to apply the polynomial to the identifiers to obtain respective derived values), and 
storing the set of second parameter values and a value indicating the order of the polynomial (Fenster, Fig. 4, at block 425, depicts to store the derived values in a data storage device).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Fenster’ into the teachings of ‘Roth’ as modified by ‘Lundblade’, with a motivation to provide a process in which each entity E, submits a respective unique identifier X, from which a respective Y value is generated using the polynomial with the coefficients A, (0<i<K). The generated Y values are stored in a data-storage accessible by the central authority, as taught by Fenster, in order to allow secure communication and data sharing between two or more entities; Fenster, pdf page 4 (third paragraph) and pdf page 3 (second paragraph).

Regarding claim 10, Roth as modified by Lundblade in view of Fenster teaches a method according to claim 9, wherein Roth as modified by Lundblade fails to explicitly disclose but Fenster further teaches in which one or more of: the tolerance value is less than the number of peers in the plurality of peers constituting the ring of peers (Fenster, Fig. 4, at block 410, depicts to generate K-1 random numbers where K≤N); 
each of the number of security credentials is used as an x-value of the polynomial and the second parameter values comprise y-values (Fenster, Fig. 4 and pdf page 20 (second paragraph), discloses that, at block 420, the polynomial is applied to each one of the X identifiers received from entities to provide a respective f(Xj) values (i.e. derived value Yj)); and 
the number of security credentials and the polynomial are discarded in dependence on storing the set of second parameter values and the value indicating the order of the polynomial (Fenster, Fig. 4 and pdf page 20 (third paragraph), discloses that, at block 430, the received identifiers, the polynomial and secret S are discarded, and as further disclosed in Fenster, Fig. 4 and pdf page 20 (second paragraph), discloses that, at block 420, the derived values are stored in data storage 230 (block 425) According to some examples, each derived value is stored together with information identifying the entity which provided the respective X, value (e.g. unique entity name)).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Fenster’ into the teachings of ‘Roth’ as modified by ‘Lundblade’, with a motivation to provide a process in which each entity E, submits a respective unique identifier X, from which a respective Y value is generated using the polynomial with the coefficients A, (0<i<K). The generated Y values are stored in a data-storage accessible by the central authority, as taught by Fenster, in order to allow secure communication and data sharing between two or more entities; Fenster, pdf page 4 (third paragraph) and pdf page 3 (second paragraph).

Allow-ability Subject Matter
Claims 3-6 and 18 are objected to as being dependent upon a rejected claim, but would be allowable if rewritten in independent form for including all of the limitations of the base claim and any intervening claims.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
1.	Adler et al., (US 20160349999 A1), the present disclosure generally relates to synchronization and verification groups among related devices.
2.	Hong et al., (US 20120166808 A1), this disclosure relates generally to a lattice-based ring signature method. 
3.	Chen; Liqun, (US 20120278628 A1), this invention relates a digital signature method, a method for initializing a digital signature scheme, a system for digitally signing a message and a computer program product are described.
4.	Anastasakos; Tasos et al., (US 20150286747 A1), the disclosure is related to introduce a selection of concepts in a simplified form that are further described below in the detailed description. This summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter.
5.	HERNANDEZ ENCINAS LUIS, (ES 2 400 895 B1), is directed towards a method for making a digital group signature.
6.	WANG SHANGPING, (CN 102006166 B), is directed towards ring signature method for anonymizing information based on multivariate polynomial.


 If attempts to reach the examiner by telephone are unsuccessful, the examiner’s
supervisor, Jeffrey Pwu can be reached on 571-272-6798. The fax phone number for
the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent
Application Information Retrieval (PAIR) system. Status information for published
applications may be obtained from either Private PAIR or Public PAIR. Status
information for unpublished applications is available through Private PAIR only. For
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you
have questions on access to the Private PAIR system, contact the Electronic Business
Center (EBC) at 866-217-9197 (toll-free).If you would like assistance from a USPTO
Customer Service Representative or access to the automated information system, call
800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/ALI CHEEMA/
Examiner, Art Unit 2433


/SAMSON B LEMMA/Primary Examiner, Art Unit 2498