DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is the responsive to the communication filed on 10/18/2019.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 28, 35 and 43 are rejected under 35 U.S.C. 103 as being unpatentable over Miura US 2007/0083750 in view of Vogler US 2006/0288209.

 	As per claim 28, Miura discloses a method, comprising: 
 	obtaining, by a second terminal, a first interface address of a first terminal at a first time point, wherein the first interface address of the first terminal at the first time point is a first media access control address (MAC1), and a second interface address of the second terminal at the first time point is a second media access control address 
 	 receiving, by the second terminal at a second time point following the first time point, a first message sent by the first terminal, wherein a transmitter address in the first message is a third media access control address (MAC3) obtained after a change, wherein the first message comprises first identification information obtained through first calculation after the first terminal inputs the MACi, the 1VAC2,  ( [0200] The CE device 3 checks to see if the last block of the encrypted information matches the MAC received from the device authentication server 5 (using checking means) for MAC verification (in step 135). [0201] A match between the last block and MAC allows the CE device 3 to ascertain that the encrypted information C has not been altered during communication. 
[0202] A mismatch between the last block of the encrypted information and MAC enables the CE device 3 to determine that the encrypted information C has been corrupted during communication.
 )and 
 	secret information into a first preset irreversible algorithm ( [0368] The CE device A then generates MAC1 defined by the expression (22) below (in step 510): MAC1=HMAC-MD5(PP,EncMess1) (22) where, HMAC-MD5 is one variety of MAC and constitutes a hash function and  par 0315 secret information for enabling the CE device involved to authenticate one another); 

); and 
 	sending, by the second terminal, a first response message for the first message to the first terminal, wherein the first response message carries a fourth media access control address (MAC4), and the MAC4 is a changed interface address of the second terminal ( fig.7, at step 375, transmit token5 that includes token 5=CBC-MAC(K2,IV,token 4) to the CE device).  

 	Miura does not disclose the secret information is information shared by the first terminal and the second terminal; comparing, by the second terminal, the first identification information with second identification information.

 	However, Vogler disclose the secret information is information shared by the first terminal and the second terminal (0020 A session key is generated at step 343 by the first processor 320, i.e. the first terminal. The session key, the first processor unique identifier, and optionally the counter value incremented by one, is encrypted using the shared secret , i.e. secret, 344 and sent as an encrypted session key data set to the second processor, i.e. the second terminal); comparing, by the second terminal, the first identification information with second identification information ( par 0020, The second processor 330, at step 349, then compares the first processor device identifier obtained from the decryption, against the expected first processor device identifier (stored by the second processor during provisioning) to verify authenticity of the first processor.  Abstract, decrypted by a second processor (130) and compared against a known device identifier to verify authenticity).

Therefore, it would have been obvious before the effective filing date of the claimed invention to implement the claimed invention by modifying a method of exchanging the MAC between devices of Miura, based on the teaching of authenticity of device identifier of Vogler , because doing so would provide  authenticity of the device.

 	




 	 	As per claim 35, Miura discloses a second terminal, comprising: 
 	a processor (par 0224  A CPU (central processing unit));
 a wireless transceiver ( par 0240 the device authentication server 5 is typically subject to the concentrated arrival of device authentication requests from a plurality CE devices 3); 
a memory; and a bus, wherein the processor, the wireless transceiver, and the memory are connected to each other by using the bus, wherein the processor is configured to ( par 0224 a ROM (read only memory) 22 or loaded from a storage unit 28 into a RAM (random access memory) 23 ):
obtaining, by a second terminal, a first interface address of a first terminal at a first time point, wherein the first interface address of the first terminal at the first time point is a first media access control address (MAC1), and a second interface address of the second terminal at the first time point is a second media access control address (MAC2) ( fig.4, 0187, The CE device 3 then transmits the session ID1, connection destination URL, and token 3, token 3=MAC(K2,IV,connection destination URL) (8) where, the connection destination URL,  to the device authentication server 5 (in step 130).);

 	 receiving, by the second terminal at a second time point following the first time point, a first message sent by the first terminal, wherein a transmitter address in the first message is a third media access control address (MAC3) obtained after a change, wherein the first message comprises first identification information obtained through first calculation after the first terminal inputs the MACi, the 1VAC2,  ( [0200] The CE device 3 checks to see if the last block of the encrypted information matches the MAC received from the device authentication server 5 (using checking means) for MAC verification (in step 135). [0201] A match between the last block and MAC allows the CE device 3 to ascertain that the encrypted information C has not been altered during communication. 
[0202] A mismatch between the last block of the encrypted information and MAC enables the CE device 3 to determine that the encrypted information C has been corrupted during communication.
 )and 
 	secret information into a first preset irreversible algorithm ( [0368] The CE device A then generates MAC1 defined by the expression (22) below (in step 510): MAC1=HMAC-MD5(PP,EncMess1) (22) where, HMAC-MD5 is one variety of MAC and constitutes a hash function and  par 0315 secret information for enabling the CE device involved to authenticate one another); 
 	determining, by the second terminal, that the 1VAC3 in the first message and the MACi obtained by the second terminal are used to identify a same device based on determination that the first identification information is consistent with the second identification information, wherein the same device is the first terminal, and wherein the second identification information is obtained through second calculation after the second terminal inputs the MACi, the MAC2, ( [0267] Using the server key Ks, the device authentication server 5 generates the ICV defined by the expression (15) below (in step 365), generates tokens 4 and 5 defined respectively by the expressions (16) and (17) below (in step 370), and transmits the tokens 3, 4 and 5 to the CE device 3 (in step 375). The expressions are as follows: ICV=ECB(Ks, session ID2) (15) token 4=CBC(K1,IV, session ID2.parallel.ICV) (16) token 5=CBC-MAC(K2,IV,token 4) (17) 
); and 
 	sending, by the second terminal, a first response message for the first message to the first terminal, wherein the first response message carries a fourth media access control address (MAC4), and the MAC4 is a changed interface address of the second terminal ( fig.7, at step 375, transmit token5 that includes token 5=CBC-MAC(K2,IV,token 4) to the CE device).  

 	Miura does not disclose the secret information is information shared by the first terminal and the second terminal; comparing, by the second terminal, the first identification information with second identification information.

 	However, Vogler disclose the secret information is information shared by the first terminal and the second terminal (0020 A session key is generated at step 343 by the first processor 320, i.e. the first terminal. The session key, the first processor unique identifier, and optionally the counter value incremented by one, is encrypted using the shared secret , i.e. secret, 344 and sent as an encrypted session key data set to the second processor, i.e. the second terminal); comparing, by the second terminal, the first identification information with second identification information ( par 0020, The second processor 330, at step 349, then compares the first processor device identifier obtained from the decryption, against the expected first processor device identifier (stored by the second processor during provisioning) to verify authenticity of the first processor.  Abstract, decrypted by a second processor (130) and compared against a known device identifier to verify authenticity).

 	Therefore, it would have been obvious before the effective filing date of the claimed invention to implement the claimed invention by modifying a method of exchanging the MAC between devices of Miura, based on the teaching of authenticity of device identifier of Vogler , because doing so would provide  authenticity of the device.

	As per claim 43, Miura discloses a non-transitory computer-readable medium having instructions stored thereon that, when executed by a second terminal, cause the second terminal to perform operations, the operations comprising: 
 
 	obtaining, by a second terminal, a first interface address of a first terminal at a first time point, wherein the first interface address of the first terminal at the first time point is a first media access control address (MAC1), and a second interface address of the second terminal at the first time point is a second media access control address (MAC2) ( fig.4, 0187, The CE device 3 then transmits the session ID1, connection destination URL, and token 3, token 3=MAC(K2,IV,connection destination URL) (8) where, the connection destination URL,  to the device authentication server 5 (in step 130).);
 	 receiving, by the second terminal at a second time point following the first time point, a first message sent by the first terminal, wherein a transmitter address in the first message is a third media access control address (MAC3) obtained after a change, wherein the first message comprises first identification information obtained through first calculation after the first terminal inputs the MACi, the 1VAC2,  ( [0200] The CE device 3 checks to see if the last block of the encrypted information matches the MAC received from the device authentication server 5 (using checking means) for MAC verification (in step 135). [0201] A match between the last block and MAC allows the CE device 3 to ascertain that the encrypted information C has not been altered during communication. 
[0202] A mismatch between the last block of the encrypted information and MAC enables the CE device 3 to determine that the encrypted information C has been corrupted during communication.
 )and 
 	secret information into a first preset irreversible algorithm ( [0368] The CE device A then generates MAC1 defined by the expression (22) below (in step 510): MAC1=HMAC-MD5(PP,EncMess1) (22) where, HMAC-MD5 is one variety of MAC and constitutes a hash function and  par 0315 secret information for enabling the CE device involved to authenticate one another); 
 	determining, by the second terminal, that the 1VAC3 in the first message and the MACi obtained by the second terminal are used to identify a same device based on determination that the first identification information is consistent with the second identification information, wherein the same device is the first terminal, and wherein the second identification information is obtained through second calculation after the second terminal inputs the MACi, the MAC2, ( [0267] Using the server key Ks, the device authentication server 5 generates the ICV defined by the expression (15) below (in step 365), generates tokens 4 and 5 defined respectively by the expressions (16) and (17) below (in step 370), and transmits the tokens 3, 4 and 5 to the CE device 3 (in step 375). The expressions are as follows: ICV=ECB(Ks,session ID2) (15) token 4=CBC(K1,IV, session ID2.parallel.ICV) (16) token 5=CBC-MAC(K2,IV,token 4) (17) 
); and 
 	sending, by the second terminal, a first response message for the first message to the first terminal, wherein the first response message carries a fourth media access control address (MAC4), and the MAC4 is a changed interface address of the second terminal (fig.7, at step 375, transmit token5 that includes token 5=CBC-MAC(K2,IV,token 4) to the CE device).  

 	Miura does not disclose the secret information is information shared by the first terminal and the second terminal; comparing, by the second terminal, the first identification information with second identification information.

 	However, Vogler disclose the secret information is information shared by the first terminal and the second terminal (0020 A session key is generated at step 343 by the first processor 320, i.e. the first terminal. The session key, the first processor unique identifier, and optionally the counter value incremented by one, is encrypted using the shared secret , i.e. secret, 344 and sent as an encrypted session key data set to the second processor, i.e. the second terminal); comparing, by the second terminal, the first identification information with second identification information ( par 0020, The second processor 330, at step 349, then compares the first processor device identifier obtained from the decryption, against the expected first processor device identifier (stored by the second processor during provisioning) to verify authenticity of the first processor.  Abstract, decrypted by a second processor (130) and compared against a known device identifier to verify authenticity).

 	Therefore, it would have been obvious before the effective filing date of the claimed invention to implement the claimed invention by modifying a method of exchanging the MAC between devices of Miura, based on the teaching of authenticity of device identifier of Vogler, because doing so would provide  authenticity of the device.


Allowable Subject Matter
Claims 29-34, 36-42 and 44-47 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
 

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Harries et al US 2005/0268107 [0160] If the authentication method is a shared secret plus a device id 422, the user inputs the secret to the device and the device transmits the secret and an identifier of the device such as a mobile phone number, to the site 430. The site receives the device identifier and the secret 432 and compares the secret it has stored for the identifier of the device that may have been provided to the user using an out-of-band technique such as e-mail or regular mail or received from the user via an out-of-band process (either of which may instead use an in-band process: a web page or telephone call). If the device identifier and secret received match those stored for the user 434, the method continues at step 470 and otherwise 434, the method continues at step 448 as described above. In one embodiment, step 420 includes timestamping the device identifier and secret and step 434 also includes comparing the timestamp with the current date and time and considering that a match has not occurred if the difference between the timestamp for the device identifier and secret and the current date and time exceeds a threshold.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to ABU S SHOLEMAN whose telephone number is (571)270-7314.  The examiner can normally be reached on EST: 9am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/ABU S SHOLEMAN/Primary Examiner, Art Unit 2495