DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 17 January 2021 has been entered.
Claims 1-3, 6, 8-15, 18, and 20-25 are pending.
This Action is Non-Final.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-3, 6, 8, 9, 12-15, and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over Ueda (US 20070189528) in view of Hansmann et al. (US 20020018570).

obtaining, by first and second devices, at least a first value; randomly selecting at least a second value, by one of the first device and the second device, and providing the second value to the other device (see paragraph [0025] the ANonce and SNonce); 
independently, by the first and second devices, applying a function to the at least first and at least second values (see paragraph [0025] the transformation of the ANonce and SNonce which are in-turn used to generate the pairwise transient key); and 
using, by the first and second devices, a result of the function to secure and authenticate a communication channel between the first and second devices (see paragraph [0025] MSG3 and MSG4 where the verification is performed to authenticate that both entities have the same PTK which is subsequently used to encrypt/decrypt traffic between said entities).
Ueda teaches the use of a single in-band channel for exchanging the information used as part of the authentication process, but fails to explicitly disclose the use of an out-of-band channel and an in-band channel for exchanging the values used for authentication.
However, Hansmann et al. teaches obtaining, by first and second devices, at least a first value, wherein the at least first value is obtained at least at the first device over an at least one out-of-band channel (see paragraphs [0049], [0053], and [0056] where the PIN/password is transmitted over a secure trusted path; see also, for example, FIG. 3); randomly selecting at least a second value, by one of the first device and the second device, and providing the at least second value to the other device over an at least one in-band channel (see paragraph [0056] where the client generates a random number and sends it to the server); independently, by the first and second devices, applying a function to the at least first and at least second values; and using, by the first and second devices, a result of the function for 
At a time before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to use different channels to send the different values of the Ueda system.
Motivation, as recognized by one of ordinary skill in the art, to do so would have been to ensure the secret information isn’t shared over and in-secure communication channel while still providing authentication over said in-secure channel.
As per claims 2, 12, and 14, the modified Ueda and Hansmann et al. system discloses independently generating a third value based on the first and second values by the first and second devices; using the third value to define an encryption key; and using the encryption key to encrypt data communicated over the communication channel (see Ueda paragraph [0025] where each device independently generates the PTK which is used to encrypt traffic between the devices).
As per claims 3 and 15, the modified Ueda and Hansmann et al. system discloses authenticating the second device, by the first device based on determination that the second device possesses the first and second values (see Ueda paragraph [0025] MSG3 and MSG4 where there is a verification that each device possesses the same PTK generated based on the ANonce and SNonce).
As per claims 6 and 18, the modified Ueda and Hansmann et al. system discloses obtaining the first value by the first and second devices includes selecting the first value, by the second device, and providing the first value to the first device (see Ueda paragraph [0025] the generation and transmission of the nonces).
As per claims 8 and 20, the modified Ueda and Hansmann et al. system discloses encrypting the first and second values (see Ueda paragraphs [0025] where the nonces are transformed and see paragraphs [0034] and [0047] where the transformation is an XOR with a key, i.e. encryption).
.
Claims 10, 11, 22, and 23 are rejected under 35 U.S.C. 103 as being unpatentable over the modified Ueda and Hansmann et al. system as applied to claims 1 and 13 above, in view of Dolev et al. (US 20180241548).
As per claims 10, 11, 22, and 23, Ueda fails to disclose the use of polynomials and secret sharing for the values of the system.
However Dolev et al. teaches the first value includes a first pair of input and output values of a polynomial and the second value includes a second pair of input and output values of the polynomial and wherein the method includes: using the first and second pairs to identify the polynomial; and generating the third value based on a function applied to at least one coefficient of the polynomial; randomly selecting a degree K of the polynomial; randomly generating a set of at least K+1 pairs of input and output values of the polynomial; wherein the at least first value includes at least a portion of the pairs and the at least second value includes remaining pairs, such that no single entity on a network obtains more than K+1 pairs included in the set of at least K+1 pairs; using the at least K+1 pairs to reconstruct the polynomial and after constructing the polynomial from the at least K+1 pairs, applying a function to one of: the first and last coefficients of the polynomial and using a result of the function to secure and authenticate the communication channel between the first and second devices (see paragraphs [0129]-[0137]).

Motivation, as recognized by one of ordinary skill in the art, to do so would have been to require multiple sources to provide the shares for reconstruction thereby increasing the security of the system.
Claims 24 and 25 are rejected under 35 U.S.C. 103 as being unpatentable over the modified Ueda and Hansmann et al. system as applied to claims 1 and 13 above, and further in view of Savolainen et al. (US 20170277882).
As per claims 24 and 25, the modified Ueda and Hansmann et al. system discloses the use of an out-of-band channel, but fails to explicitly disclose the out-of-band channel comprises a line of sight between the first and second devices.
However, Savolainen et al. teaches obtaining, by first and second devices, at least a first value, wherein the at least first value is obtained at least at the first device over an at least one out-of-band channel (see paragraphs [0045]-[0047] where a secret value is obtained over a local link 112); randomly selecting at least a second value, by one of the first device and the second device, and providing the at least second value to the other device over an at least one in- band channel (see paragraphs [0048]-[0052]); independently, by the first and second devices, applying a function to the at least first and at least second values; and using, by the first and second devices, a result of the function to authenticate a communication channel between the first and second devices (see paragraphs [0053]-[0054]), wherein the at least one out-of-band channel comprises a line of sight between the first and second devices (see paragraph [0045] where the local link can be infrared or a camera which would require line of sight between the devices).
At a time before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to use the out-of-band channel of Savolainen et al. in the modified Ueda and Hansmann et al. system.
Motivation, as recognized by one of ordinary skill in the art, to do so would have been to ensure only locally available devices are able to gain access.

Response to Arguments
Applicant's arguments filed 17 January 2021 have been fully considered but they are not persuasive. Applicant argues that the combination put forth would render Ueda unsatisfactory and improper for its intended purpose.  However, the intended purpose of the Ueda system is for authenticated key exchange using exchanged values and modifying this system (as put forth above) by allowing one of the exchanged values to be received out-of-band would still result in the intended purpose.  Furthermore, Ueda does not perfectly conform to the 802.11 standard as modification have been made as part of the invention which results in only "substantially conforming to the IEEE 802.11il standard".  As such, additional modification would be obvious to make.  Therefore, the rejection put forth in the previous action is proper and the claims are obvious over the prior art.  Furthermore, Savolainen et al. as put forth above again shows that it is obvious to use an out-of-band channel for secret information and an in-band channel for the random portions both of which are used as part of authentication.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: the remaining references put forth on the PTO-892 form are directed to authentication using different channels.
 Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL J PYZOCHA whose telephone number is (571)272-3875.  The examiner can normally be reached on Monday-Thursday 7:30am-5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/Michael Pyzocha/               Primary Examiner, Art Unit 2419