Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 3, 4, 5 is/are rejected under 35 U.S.C. 103 as being unpatentable over Simon US 6,871,276 in view of Kimmel US 2006/0053285.

As per claim 1. Simon teaches a method for securing a first encryption key for comprising: generating, by a first device, a blinded representation of a first secret; transmitting, from the first device, the blinded representation of the first secret to a first server; receiving, at the first device, a first proof from the first server in response to the transmitted blinded representation of the first secret; verifying, by the first device, the first proof received from the first server; unblinding, by the first device, the blinded representation of the first secret; (Column 7 lines 39-55; Column 9 lines 1-55)  (teaches generating a blinded first secret, which is sent to a server, which is then signed and returned to the client, at which point the client unblinds the blinded first secret)


It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use the encryption of Kimmel with Furukawa because it increases security.As per claim 3.  Simon teaches The method of claim 1, wherein generating the blinded representation of the first secret comprises: generating, by the first device, a first secret; generating, by the first device, a first blind; generating, by the first device, a first hashed representation of the first secret by applying a first hashing algorithm to the first secret; generating, by the first device, the blinded representation of the first secret by combining the first blind and the first hashed representation of the first secret. (Column 9 lines 1-55)  As per claim 4. Simon teaches The method of claim 1, comprising: obtaining, by the first device, a first public key associated with the first server.  (Column 9 lines 1-55)  As per claim 5. Simon teaches The method of claim 4, wherein verifying the first proof further comprises: verifying, by the first device, a first signature included in the first proof using the first public key associated with the server. (Column 9 lines 1-55)  Claims 7, 8 is/are rejected under 35 U.S.C. 103 as being unpatentable over Simon US 6,871,276 in view of Kimmel US 2006/0053285 in view of Hook US 2015/0082411.
As per claim 7. Simon teaches A method for decrypting application data, the method comprising: receiving, on a first device, login credentials; transmitting, from the first device, the login credentials to a first server; generating, by a first device, a blinded representation of a first secret; transmitting, from the first device, the blinded representation of the first secret to a first server; receiving, at the first device, a first token and a first proof from the first server; verifying, by the first device, the first proof received from the first server; unblinding, by the first device, the blinded representation of the first secret; (Column 7 lines 39-55; Column 9 lines 1-55)  (teaches generating a blinded first secret, which is sent to a server, which is then signed and returned to the client, at which point the client unblinds the blinded first secret)

Kimmel teaches generating, by the first device, a first key-encrypting key from the first secret; decrypting, by the first device, a first encryption key using the first key-encrypting key; decrypting, by the first device, application data using the first encryption key; accessing, by the first device, one or more applications on a second server using the first token and the decrypted application data. [0036][ 0124]  (Kimmel teaches generating a KEK from a shared secret, encrypting a data key with the KEK and encrypting data with the data encryption key).


Hook explicitly teaches login credentials [0059].
It would have been obvious to one of ordinary skill in the art to include certificate credentials at the time the invention was filed with the previous combination because they are excellent login credentials.
As per claim 8. Simon teaches The method of claim 7, wherein accessing one or more applications on a second server comprises: transmitting, from the first device, the first token to the second server.( Column 7 line 59 to Column 8 line 41)  (teaches using the returned certificate to verify with a second server)
Claims 2, is/are rejected under 35 U.S.C. 103 as being unpatentable over Simon US 6,871,276 in view of Kimmel US 2006/0053285 in view of McCallum US 9,985,782.


As per claim 2. McCallum teaches the method of claim 1, comprising: deleting, by the first device, the first key-encrypting key after the first encryption key is encrypted.  (erasing the KEK) (Column 7 lines 35-40)

It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use McCallum with the prior combination  because key erasure increases security.


Claims 6,  is/are rejected under 35 U.S.C. 103 as being unpatentable over Simon US 6,871,276 in view of Kimmel US 2006/0053285 in view of Alten US 8,813,247.

As per claim 6.  Alten teaches the method of claim 1, wherein generating the first key-encrypting key comprises hashing the first secret with a second hashing algorithm.  (Column 5 lines 25-35) (generating a KEK using a hashing algorithm)
It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use the key generation of Alten with the previous combination because it increases security.
Claims 9 is/are rejected under 35 U.S.C. 103 as being unpatentable over Simon US 6,871,276 in view of Kimmel US 2006/0053285 in view of Hook US 2015/0082411 in view of McCallum US 9,985,782.



As per claim 9. McCallum teache the method of claim 7, further comprising: encrypting, by the first device, the first encryption key when the first device ceases accessing the second server; and deleting, by the first device, the first key-encrypting key after the first encryption key is encrypted. (erasing the KEK) (Column 7 lines 35-40)

It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use McCallum with the prior combination  because key erasure increases security.


Claims 10 is/are rejected under 35 U.S.C. 103 as being unpatentable over Simon US 6,871,276 in view of Kimmel US 2006/0053285 in view of Hook US 2015/0082411 in view of Alten US 8,813,247.

As per claim 10. Alten teaches the method of claim 7, wherein generating the first key-encrypting key comprises hashing the first secret with a second hashing algorithm. (Column 5 lines 25-35) (generating a KEK using a hashing algorithm)
It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use the key generation of Alten with the previous combination because it increases security



Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim(s) 11, 16-18 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Simon US 6,871,276.
As per claim 11. Simon teaches A non-transitory computer-readable medium comprising instructions that when, executed by at least one processor, perform the steps of: receiving, at a first server, a blinded representation of a first secret from a first device; generate, by the first server, a first proof using the blinded representation of the first secret; transmit, from the first server, the first proof to the first device. (Column 7 lines 39-55; Column 9 lines 1-55)  (teaches generating a blinded first secret, which is sent to a server, which is then signed and returned to the client, at which point the client unblinds the blinded first secret)

As per claim 16. The non-transitory computer-readable medium of claim 11, comprising instructions for: generating, by the first server, a first signature of the first proof. (Column 7 lines 39-55; Column 9 lines 1-55)  (teaches generating a blinded first secret, which is sent to a server, which is then signed and returned to the client, at which point the client unblinds the blinded first secret)
As per claim 17. Simon teaches The non-transitory computer-readable medium of claim 16, wherein the first signature is generated using a first private key. (Column 8 lines 15-21)As per claim 18. Simon teaches The non-transitory computer-readable medium of claim 16, comprising instruction for: transmitting, from the first server, the first signature to the first device with the first proof. (Column 7 lines 39-55; Column 9 lines 1-55)  (teaches generating a blinded first secret, which is sent to a server, which is then signed and returned to the client, at which point the client unblinds the blinded first secret)


Claims 12 is/are rejected under 35 U.S.C. 103 as being unpatentable over Simon US 6,871,276 in view of Bowe US 2005/0114670
As per claim 12. Bowe teaches the non-transitory computer readable medium of claim 11, wherein the first proof is a non-interactive zero knowledge proof. [0056][0057]
It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use the proof of Bowe with Simon because it increases security.


Claims 13 is/are rejected under 35 U.S.C. 103 as being unpatentable over Simon US 6,871,276 in view of Hook US 2015/0082411
As per claim 13. Hook teachesThe non-transitory computer-readable medium of claim 11, comprising instructions for: receiving, at the first server, login credentials from a first device.  [0059].
It would have been obvious to one of ordinary skill in the art to include certificate credentials at the time the invention was filed with the previous combination because they are excellent login credentials.
Claims 14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Simon US 6,871,276 in view of Hsu US 2019/0327222
As per claim 14. Hsu teaches The non-transitory computer-readable medium of claim 13, comprising instructions for: transmitting, from the first server, the login credentials received from the first device to a second server; receiving, at the first server, an indication that the login credentials are valid from the second server; and transmitting, from the first server, a first token to the first device in response to receiving the indication that the login credentials are valid. [0067]  (Hsu teaches that authentication/verification is done by a third party server and the results are returned to the first server.  Examiner asserts in general that third party authentication servers and or verification of credentials and tokens is well known in the art)

As per claim 15. Hsu teaches the non-transitory computer-readable medium of claim 14, comprising instructions for: receiving, at the first server, a request to validate the first token from a third server; determining, by the first server, whether the first token received from the third server is valid; and providing, by the first server, an indication to the third server that the first token is valid in response to the determination that the first token is authentic. [0067] (Hsu teaches that authentication/verification is done by a third party server and the results are returned to the first server.  Examiner asserts in general that third party authentication servers and or verification of credentials and tokens is well known in the art)

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHRISTOPHER BROWN whose telephone number is (571)272-3833.  The examiner can normally be reached on M-F 8-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on (571) 270-5002.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/CHRISTOPHER J BROWN/Primary Examiner, Art Unit 2439