DETAILED ACTION
Examiner's Note:  The Examiner has pointed out particular references contained in the prior art of record within the body of this action for the convenience of the Applicant.  Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and figures may apply.  Applicant, in preparing the response, should consider fully the entire reference as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the Examiner.
Notice of Pre-AIA  or AIA  Status
1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
2.	Applicant’s remarks filed on 01/19/2021 have been fully considered. 
3.	Regarding claim[s] 1 – 20 under the various obviousness rejections, applicant’s remarks are moot because the new ground of rejection does not rely on any reference[s] applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. Therefore, see the office action below. 
4.	The examiner further notes that all other remarks that do not concern the prior art rejections and remarks that do concern the prior art rejections where the office action uses the previous art of record, if any, will be answered in the office action below. 
5.	Applicant states on page[s] 10 of the remarks as filed: “With regard to claim 12, Xu fails to teach or suggest at least the first and second steps of claim 12. For example, the Office Action at page 18 relies on Xu at paragraph [0036] to show Id., paragraph [0036], However, Xu does not refer to the source SGSN receiving TIE capability information from the EIE. Nowhere does Xu discuss the TIE sending TIE capability information to another device.”
	In response the examiner isn’t persuaded, the examiner points to the prior art of Xu. Specifically, of Xu, at paragraph: 0093, Furthermore, a transparent container may be generated out of the security information of the NAS and AS selected by the LTE system, the capability information supported by the UE, and the encryption algorithm selected by the target eNB, and the transparent container is transmitted to the UE. Therefore, when the UE hands over from the UTRAN to the LTE system, the UE obtains the parameter information of the NAS key and AS key selected by the LTE system, and the encryption algorithm selected by the target eNB [i.e. applicant’s computing device – supported key algorithm]. The UE negotiates the NAS and AS security parameters and the security algorithm between the LTE system and a different system without adding any signaling, and a security correlation is created between the UE and the LTE system. [i.e. applicant’s based on the list, that the user device does not support a key derivation algorithm supported by the computing device].
6.	Applicant states on page[s] 10 of the remarks as filed: “Xu is silent with respect to the UE sending UE capability information to the source BSS.”
	In response the examiner isn’t persuaded, the examiner points to the prior art of Xu. Specifically, of Xu, at paragraph: 0093, Furthermore, a transparent container may the capability information supported by the UE, and the encryption algorithm selected by the target eNB, and the transparent container is transmitted to the UE. Therefore, when the UE hands over from the UTRAN to the LTE system, the UE obtains the parameter information of the NAS key and AS key selected by the LTE system, and the encryption algorithm selected by the target eNB [i.e. applicant’s computing device – supported key algorithm]. The UE negotiates the NAS and AS security parameters and the security algorithm between the LTE system and a different system without adding any signaling, and a security correlation is created between the UE and the LTE system. [i.e. applicant’s based on the list, that the user device does not support a key derivation algorithm supported by the computing device].
7.	Applicant states on page[s] 11 of the remarks as filed: “Furthermore, the Office Action at page 18 refers to the Xu list of NAS algorithms to show the claimed list. Xu states at paragraph [0037] that “[according to the received key information, the target MME ... selects an NAS algorithm.” However, the mere selection of an algorithm from a list of algorithms does not indicate that the unselected algorithms are unsupported by the UE. To the contrary, Xu at paragraph [0036] refers to “the UE capability information (including a list of NAS algorithm of the UE)” (underscore added).”
	In response the examiner isn’t persuaded, the examiner points to the prior art of Xu. Specifically, of Xu, at paragraph: 0093, Furthermore, a transparent container may be generated out of the security information of the NAS and AS selected by the LTE system, the capability information supported by the UE, and the encryption algorithm selected by the target eNB, and the transparent container is transmitted to the UE. the UE obtains the parameter information of the NAS key and AS key selected by the LTE system, and the encryption algorithm selected by the target eNB [i.e. applicant’s computing device – supported key algorithm]. The UE negotiates the NAS and AS security parameters and the security algorithm between the LTE system and a different system without adding any signaling, and a security correlation is created between the UE and the LTE system. [i.e. applicant’s based on the list, that the user device does not support a key derivation algorithm supported by the computing device].
The examiner notes that one of ordinary skilled in the art would know that in a key negotiation or communication key negotiation, both parties are to decide which party supports a particular key algorithm or and doesn’t support a particular algorithm. Once, a key algorithm is negotiated on or agreed to that both parties are able to support, then only can communication begin between parties with the negotiated key. 
It appears that applicant has intentionally overlooked this basic definition of key negotiation. 
Applicant’s allegation of Xu, “However, the mere selection of an algorithm from a list of algorithms does not indicate that the unselected algorithms are unsupported by the UE.,” is unfounded [emphasis added]. It is obvious that the negotiation operation of the UE and eNB and NAS and AS security parameters and the security algorithm, inherently takes into consideration what security algorithms the UE supports or doesn’t support. Thus, applicant’s argued claim limitation is an obvious variation of the 
8.	Applicant states on page[s] 11 of the remarks as filed: “A list of algorithms “of the UE” does not teach or suggest that the list of algorithms comprises an algorithm that is unsupported by the UE. Nothing else in Xu indicates that the list of algorithms of the UE would include algorithms the UE does not support, or that a recipient of that list otherwise determines (based on the list) an algorithm is not supported. Therefore, Xu fails to teach or suggest “determining, by a computing device and based on the list, that the user device does not support a key derivation algorithm supported by the computing device” as recited in claim 12. For at least these reasons, Applicant submits that claim 12 is allowable.”
	In response the examiner isn’t persuaded, the examiner points to the prior art of Xu. Specifically, of Xu, at paragraph: 0093, Furthermore, a transparent container may be generated out of the security information of the NAS and AS selected by the LTE system, the capability information supported by the UE, and the encryption algorithm selected by the target eNB, and the transparent container is transmitted to the UE. Therefore, when the UE hands over from the UTRAN to the LTE system, the UE obtains the parameter information of the NAS key and AS key selected by the LTE system, and the encryption algorithm selected by the target eNB [i.e. applicant’s computing device – supported key algorithm]. The UE negotiates the NAS and AS security parameters and the security algorithm between the LTE system and a different system without adding any signaling, and a security correlation is created between the UE and the LTE system. [i.e. applicant’s based on the list, that the user device does not support a key derivation algorithm supported by the computing device].
The examiner notes that one of ordinary skilled in the art would know that in a key negotiation or communication key negotiation, both parties are to decide which party supports a particular key algorithm or and doesn’t support a particular algorithm. Once, a key algorithm is negotiated on or agreed to that both parties are able to support, then only can communication begin between parties with the negotiated key. 
It appears that applicant has intentionally overlooked this basic definition of key negotiation. 
Applicant’s allegation of Xu, “Nothing else in Xu indicates that the list of algorithms of the UE would include algorithms the UE does not support, or that a recipient of that list otherwise determines (based on the list) an algorithm is not supported. Therefore, Xu fails to teach or suggest “determining, by a computing device and based on the list, that the user device does not support a key derivation algorithm supported by the computing device” as recited in claim 12,” is unfounded [emphasis added]. 
It is obvious that the negotiation operation of the UE and eNB and NAS and AS security parameters and the security algorithm, inherently takes into consideration what security algorithms the UE supports or doesn’t support. Thus, applicant’s argument identified above is an obvious variation of the operation involving the NAS and AS 
Response to Amendment
9.	Status of the instant application:
10.	Claim[s] 4, 5, 8, 11, 14 have been cancelled. 
11.	Regarding claim[s] 16 – 19, under the obviousness rejection, applicant’s newly added claim amendments have been considered, therefore, the rejection is withdrawn. However, there are new prior art rejections on the claims to address applicant’s newly added claim amendments in the office action below. See the office action below. 
12.	Regarding claim[s] 1, 2, 10, 12, under the obviousness rejection, applicant’s newly added claim amendments have been considered, therefore, the rejection is withdrawn. However, there are new prior art rejections on the claims to address applicant’s newly added claim amendments in the office action below. See the office action below.
13.	Regarding claim[s] 3, 4, 11, 13, under the obviousness rejection, applicant’s newly added claim amendments or cancellation of the claim[s] have been considered, therefore, the rejection is withdrawn. However, for the claims with newly added claim limitations, there are new prior art rejections on the claims to address applicants newly added claim amendments in the office action below. See the office action below.
14.	Regarding claim[s] 5, 14, under the obviousness rejection, applicant’s newly added claim amendments or cancellation of the claim[s] have been considered, However, for the claims with newly added claim limitations, there are new prior art rejections on the claims to address applicants newly added claim amendments in the office action below. See the office action below.
15.	Regarding claim[s] 6, 7, 8, under the obviousness rejection, applicant’s newly added claim amendments or cancellation of the claim[s] have been considered, therefore, the rejection is withdrawn. However, for the claims with newly added claim limitations, there are new prior art rejections on the claims to address applicants newly added claim amendments in the office action below. See the office action below.
16.	Regarding claim[s] 9, under the obviousness rejection, applicant’s newly added claim amendments have been considered, therefore, the rejection is withdrawn. However, there are new prior art rejections on the claims to address applicant’s newly added claim amendments in the office action below. See the office action below.
17,	Regarding claim[s] 15, under the obviousness rejection, applicant’s newly added claim amendments have been considered, therefore, the rejection is withdrawn. However, there are new prior art rejections on the claims to address applicant’s newly added claim amendments in the office action below. See the office action below.
18.	Regarding newly added claim[s] 21 – 26 are addressed in the office action below. 
Claim Rejections - 35 USC § 103
19.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
20.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

21.	The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or non-obviousness.
[s] 1, 16, 21 – 23, 25, 26 is/are rejected under 35 U.S.C. 103 as being unpatentable over Appenzeller et al. [US PGPUB # 2006/0010324]
23.	As per claim 1. Appenzeller does teach a method [paragraph: 0006, It is an object of the present invention to provide secure messaging systems that use symmetric keys to facilitate secure communications] comprising:
receiving, by a first computing device from a user device, a message based on a first key derived from a master key and a key derivation algorithm [Figure # 3, and paragraph: 0068, At step 46, sender A [i.e. applicant’s user device] sends the message to the recipient [i.e. applicant’s first computing device]. As an example, sender A's email client may send an email message [i.e. applicant’s message] that is addressed to the recipient over intranet 16. 
Where at paragraph: 0070, The outbound message from the sender may be received by the gateway 22 at step 48. The gateway may have message management software or other suitable software that is used to implement policies such as encryption policies, virus scanning policies, archiving policies, etc. The gateway can use these policies and message attribute information such as message content information, source and destination address information, header information, etc. to determine how to handle each message. For example, the gateway can examine the domain name portion of each recipient's email address to determine whether or not a particular message should be encrypted. 
Gateway 22 uses encryption engine 28 to encrypt each message using a symmetric key. The symmetric key is derived from the master key 26 by the key generator 20 and is therefore referred to as a "derived key."
Then at paragraph: 0071, lines 1 – 5, Any suitable encryption policies may be implemented using gateway 22. For example, gateway 22 may encrypt all outgoing messages, may encrypt messages being sent to a particular recipient or list of recipients (i.e., particular customers) [i.e. applicant’s a message based on a first key derived from a master key and a key derivation algorithm]].
Appenzeller does not teach clearly deriving, by the first computing device based on a second key and the key derivation algorithm, a derived key, wherein the second key is derived by a second computing device based on the master key and the key derivation algorithm:.
and authenticating the user device based on the message and the derived key.
However, Appenzeller does teach deriving, by the first computing device based on a second key and the key derivation algorithm, a derived key, wherein the second key is derived by a second computing device based on the master key and the key derivation algorithm [Figure # 3 and paragraph: 0077, At step 58, the recipient (recipient C in this example) receives the message over communications network 14. The message may be received by the recipient's client software running on the recipient's equipment 12.
Then at paragraph: 0078, If the recipient's client software has a copy of an appropriate derived key available in a local cache, the client software may use that derived key to decrypt the message. If the derived key is not available locally, the recipient may obtain a copy of the derived key from organization 18. 
Then at paragraph: 0079, In particular, at step 60, the recipient may generate a derived-key request and may provide the derived key request to the decryption server 24. Any suitable arrangement may be used to make the derived key request. For example, the client of sender A or the gateway 22 may automatically include a clickable link (e.g., a web link) in the outgoing message. When recipient C receives the message, instructions in the message may prompt recipient C to click on the link. Clicking on the link may instruct recipient C's web browser or other suitable client software to transmit certain information in the link to a particular web address over communications network 14. The information that is transmitted may include recipient identity information and may serve as a derived key request. The web address may be associated with decryption server 24. This is merely one illustrative way in which a derived key request may be provided to decryption server 24. Any suitable arrangement may be used if desired. 
	Then at paragraph: 0082, After the decryption server 24 obtains the derived key for recipient C from key generator 20 at step 64, the decryption server 24 may provide the derived key to recipient C over communications network 14 at step 66. The :
and authenticating the user device based on the message and the derived key [Figure # 4 and paragraph: 0083, At step 68, recipient C receives the derived symmetric key [i.e. applicant’s derived key] from the decryption server 24 over the secure communications channel. The recipient may then use decryption engine 34 to decrypt the encrypted message (i.e., to decrypt the ciphertext) [i.e. applicant’s authenticating the user device based on the message]. The inputs to decryption engine 34 are the encrypted version of the message (i.e., the ciphertext) and the derived key of recipient C. The output of the decryption engine 34 is the unencrypted version of the message contents. ].
	It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to solve the banking industry-wide problem of properly encrypting sensitive electronic communications such as email messages to prevent unauthorized access to such messages. Where senders and recipients of secure messages do and do not have existing relationships with organizations. For example, a bank may wish to send its customers account statements securely. As another example, a customer who receives an encrypted account statement may wish to send a secure email message back to the bank to ask a question by an organization. This may be accomplished by using a key generator that derives symmetric message keys from a master key. The key generator may produce the derived keys by applying a  
24.	As per claim 16. Wang does teach a method [paragraph: 0006, It is an object of the present invention to provide secure messaging systems that use symmetric keys to facilitate secure communications] comprising:
deriving, by a computing device based on a first key as an initial input to a first quantity of iterations of a key derivation algorithm, a derived key [paragraph: 0053, lines 8 – 12, The sender A sends each message through gateway 22. Gateway 22 [i.e. applicant’s first computing device] uses encryption engine 28 to encrypt each message using a symmetric key. The symmetric key is derived [i.e. applicant’s derived key] from the master key 26 by the key generator 20 and is therefore referred to as a "derived key."
Then at paragraph: 0071, lines 1 – 5, Any suitable encryption policies may be implemented using gateway 22. For example, gateway 22 may encrypt all outgoing messages, may encrypt messages being sent to a particular recipient or list of recipients (i.e., particular customers) [i.e. applicant’s first key]];
receiving, by the computing device from a user device, a message based on a second key, wherein the second key is derived based on a master key as an initial input to a second quantity of iterations of the key derivation algorithm [Figure # 3 and paragraph: 0077, At step 58, the recipient (recipient C in this example) receives the message over communications network 14. The message may be received by the recipient's client software running on the recipient's equipment 12.
Then at paragraph: 0078, If the recipient's client software has a copy of an appropriate derived key available in a local cache, the client software may use that derived key to decrypt the message. If the derived key is not available locally, the recipient may obtain a copy of the derived key from organization 18. 
Then at paragraph: 0079, In particular, at step 60, the recipient may generate a derived-key request and may provide the derived key request to the decryption server 24. Any suitable arrangement may be used to make the derived key request. For example, the client of sender A or the gateway 22 may automatically include a clickable link (e.g., a web link) in the outgoing message. When recipient C receives the message, instructions in the message may prompt recipient C to click on the link. Clicking on the link may instruct recipient C's web browser or other suitable client software to transmit certain information in the link to a particular web address over communications network 14. The information that is transmitted may include recipient identity information and may serve as a derived key request. The web address may be associated with decryption server 24. This is merely one illustrative way in which a derived key request may be provided to decryption server 24. Any suitable arrangement may be used if desired. 
Then at paragraph: 0082, After the decryption server 24 obtains the derived key for recipient C from key generator 20 at step 64, the decryption server 24 may provide the derived key to recipient C over communications network 14 at step 66. The , wherein the second derived key is different from the first derived key and different from the master key [paragraph: 0093, lines 1 – 3, The organization controls the super key generator 70 and ensures the secrecy of the super master key 72. Each unit has its own delegated key generator, each of which has its own sub-master key that has been derived from the super master key.], and wherein the second quantity is greater than the first quantity [paragraph: 0091, A diagram of an illustrative system 10 in which a hierarchical architecture has been used for the key generators is shown in FIG. 5. Super key generator 70 has a master key 72. Super key generator 70 is operated by an organization 18 (FIG. 1) and may be used to derive sub-master keys for the various units of the organization. In FIG. 5, two organizational units are shown--unit E and unit F. In general, an organization may have any suitable number of units.]; and
authenticating the user device based on the derived key and the message [Figure # 4 and paragraph: 0083, At step 68, recipient C receives the derived symmetric key [i.e. applicant’s derived key] from the decryption server 24 over the secure communications channel. The recipient may then use decryption engine 34 to decrypt the encrypted message (i.e., to decrypt the ciphertext) [i.e. applicant’s authenticating the user device based on the message]. The inputs to decryption engine 34 are the encrypted version of the message (i.e., the ciphertext) and the derived key of recipient C. The output of the decryption engine 34 is the unencrypted version of the message contents.].
 
25.	Regarding claim 21. Appenzeller does teach the method of claim 1, wherein the message based on the first key comprises the message comprising the first key or a hash based on the first key [Appenzeller, paragraph: 0012, lines 1 – 2, For example, the key generator may apply an HMAC function to a master key and recipient ID to produced a derived key].
26.	Regarding claim 22.  Appenzeller does teach the method of claim 1, wherein the authenticating based on the message and the derived key comprises authenticating the user device based on a comparison of the message [Appenzeller, Figure # 4 and paragraph: 0083, At step 68, recipient C receives the recipient may then use decryption engine 34 to decrypt the encrypted message (i.e., to decrypt the ciphertext) [i.e. applicant’s authenticating the user device based on a comparison of the message]. The inputs to decryption engine 34 are the encrypted version of the message (i.e., the ciphertext) and the derived key of recipient C. The output of the decryption engine 34 is the unencrypted version of the message contents.] and:
the derived key [Appenzeller, Figure # 4 and paragraph: 0083, At step 68, recipient C receives the derived symmetric key [i.e. applicant’s the derived key] from the decryption server 24 over the secure communications channel. The recipient may then use decryption engine 34 to decrypt the encrypted message (i.e., to decrypt the ciphertext) [i.e. applicant’s authenticating the user device based on the message]. The inputs to decryption engine 34 are the encrypted version of the message (i.e., the ciphertext) and the derived key of recipient C. The output of the decryption engine 34 is the unencrypted version of the message contents. ]; or
a value generated by the first computing device based on the derived key.
27.	Regarding claim 23.  Appenzeller does teach the method of claim 1, wherein the first computing device does not have access to the master key, wherein the deriving based on a second key and the key derivation algorithm comprises deriving based on one or more iterations of the key derivation algorithm, and wherein a first iteration, of the one or more iterations, used the second key as an input [Appenzeller, paragraph: 0081, At step 64, after the decryption server 24 has the decryption server 24 may request and obtain the derived key from key generator 20. The key request made by decryption server 24 may be made over intranet 16 and may include the recipient ID. The decryption server 24 is at the same organization as the key generator 20, so the key generator 20 trusts the decryption server. Accordingly, the key generator 20 may use the recipient ID [i.e. applicant’s second key] information from the decryption server and the derived key generation process of steps 38, 40, and 42 (FIG. 2) to produce the derived key. The derived key may be provided to the decryption server over intranet 16.].
28.	As per claim 25. Appenzeller does teach the method of claim 16, wherein the message based on the second key comprises the message comprising the second key or a hash based on the second key [Appenzeller, paragraph: 0007, Secure messages may be sent between senders and recipients using symmetric message keys. An organization may have a key generator that derives symmetric message keys from a master key. The key generator may produce the derived keys by applying a one-way function such as an HMAC function or other hash function to the master key and recipient identity information (i.e., a recipient ID). The resulting derived keys are specific to each recipient. The compromise of a derived key will not compromise the master key, which helps to ensure security.].
29.	As per claim 26. Appenzeller does teach the method of claim 16, wherein the authenticating based on the message and the derived key comprises authenticating the user device based on a comparison of the message recipient may then use decryption engine 34 to decrypt the encrypted message (i.e., to decrypt the ciphertext) [i.e. applicant’s authenticating the user device based on a comparison of the message]. The inputs to decryption engine 34 are the encrypted version of the message (i.e., the ciphertext) and the derived key of recipient C. The output of the decryption engine 34 is the unencrypted version of the message contents.] and:
the derived key [Appenzeller, Figure # 4 and paragraph: 0083, At step 68, recipient C receives the derived symmetric key [i.e. applicant’s the derived key] from the decryption server 24 over the secure communications channel. The recipient may then use decryption engine 34 to decrypt the encrypted message (i.e., to decrypt the ciphertext) [i.e. applicant’s authenticating the user device based on the message]. The inputs to decryption engine 34 are the encrypted version of the message (i.e., the ciphertext) and the derived key of recipient C. The output of the decryption engine 34 is the unencrypted version of the message contents.]; or
a value generated by the computing device based on the derived key.
30.	Claim[s] 2, 10, 12, 13 is/are rejected under 35 U.S.C. 103 as being unpatentable over Appenzeller et al. [US PGPUB # 2006/0010324] in view of Xu et al. [US PGPUB # 2015/0208238]
31.	As per claim 2. Appenzeller as does teach what is taught in the rejection of claim # 1 above. 
Appenzeller does not teach clearly the method of claim 1, further comprising:
receiving, from the user device, a list comprising two or more key derivation algorithms supported by the user device; and
determining, based on the list, that the user device supports the key derivation algorithm.
However, Xu does teach the method of claim 1, further comprising:
receiving, from the user device, a list comprising two or more key derivation algorithms supported by the user device [Xu, Figure # 3, and paragraph: 0036, Step 32: The source SGSN sends the handover request to the target MME. The handover request includes the UE capability information (including a list of NAS algorithm of the UE, RRC algorithm of the UE, and UP algorithm of the UE) and the key information currently used by the source system (or the key derived by the source system according to the currently used key information).]; and
determining, based on the list, that the user device supports the key derivation algorithm [Xu, Figure # 3 and paragraph: 0045, Step 310: According to the parameters used in the RRC encryption key derivation [i.e. applicant’s determining, based on the list, that the user device supports the key derivation algorithm] and the UP encryption key derivation, the parameters used in K.sub.ASME derivation, the parameters used in K.sub.NAS derivation, the parameters used in K.sub.eNB derivation in the received contents of the transparent container, the UE derives the RRC encryption key, UP encryption key, K.sub.ASME, K.sub.NAS, and K.sub.eNB, and sets a protection algorithm applicable after handover]
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Appenzeller and Xu in order for the encryption of bank transactions or bank communications between the bank and the various customer devices or customer to external customers of the bank of Appenzeller to include performing data key communication security negotiations between base stations of Xu. This would allow for the protection of the communication data by encrypting the data with key[s] that both the customer[s] and the bank can support. See paragraph: 0008 of Xu.
32.	As per claim 10. Appenzeller as modified does teach the method of claim 1, further comprising:
determining, based on a list of key derivation algorithms received from the user device [Xu, Figure # 3, and paragraph: 0036, Step 32: The source SGSN sends the handover request to the target MME. The handover request includes the UE capability information (including a list of NAS algorithm of the UE, RRC algorithm of the UE, and UP algorithm of the UE) and the key information currently used by the source system (or the key derived by the source system according to the currently used key information).], that the user device does not support the key derivation algorithm [Xu, paragraph: 0037, Step 33: According to the received key information, the target MME derives an Access Security Management Entity (ASME) key K.sub.ASME, an NAS key K.sub.NAS, and an eNB key K.sub.eNB, and selects an NAS algorithm.]; and
sending, to the user device, via a secured channel, and based on the determining that the user device does not support the key derivation algorithm, the key derivation algorithm [Xu, Figure # 3 and paragraph: 0045, Step 310: According to the parameters used in the RRC encryption key derivation [i.e. applicant’s determining, based on the list, that the user device supports the key derivation algorithm] and the UP encryption key derivation, the parameters used in K.sub.ASME derivation, the parameters used in K.sub.NAS derivation, the parameters used in K.sub.eNB derivation in the received contents of the transparent container, the UE derives the RRC encryption key, UP encryption key, K.sub.ASME, K.sub.NAS, and K.sub.eNB, and sets a protection algorithm applicable after handover].
33.	As per claim 12. Appenzeller does teach a method [Appenzeller, paragraph: 0006, It is an object of the present invention to provide secure messaging systems that use symmetric keys to facilitate secure communications] comprising:
	Appenzeller doesn’t clear teach receiving, from a user device, a list comprising two or more key derivation algorithms supported by the user device;
determining, by a computing device and based on the list, that the user device does not support a key derivation algorithm supported by the computing device; and
sending, to the user device, via a secured channel, and based on the determining that the user device does not support the key derivation algorithm supported by the computing device, the key derivation algorithm supported by the computing device.

However, Xu does teach receiving, from a user device, a list comprising two or more key derivation algorithms supported by the user device [Xu, Figure # 3, and paragraph: 0036, Step 32: The source SGSN sends the handover request to the target MME. The handover request includes the UE capability information (including a list of NAS algorithm of the UE, RRC algorithm of the UE, and UP algorithm of the UE) [i.e. applicant’s list comprising two or more key derivation algorithms supported by the user device] and the key information currently used by the source system (or the key derived by the source system according to the currently used key information).];
determining, by a computing device and based on the list, that the user device does not support a key derivation algorithm supported by the computing device [Xu, paragraph: 0037, Step 33: According to the received key information, the target MME derives an Access Security Management Entity (ASME) key K.sub.ASME, an NAS key K.sub.NAS, and an eNB key K.sub.eNB, and selects an NAS algorithm. Where at paragraph: 0093, Furthermore, a transparent container may be generated out of the security information of the NAS and AS selected by the LTE system, the capability information supported by the UE, and the encryption algorithm selected by the target eNB, and the transparent container is transmitted to the UE. Therefore, when the UE hands over from the UTRAN to the LTE system, the UE obtains the parameter information of the NAS key and AS key selected by the LTE system, and the encryption algorithm selected by the target eNB [i.e. applicant’s computing device – supported key algorithm]. The UE negotiates the NAS and AS security parameters and the security algorithm between the LTE system and a different system without adding any signaling, and a security correlation is created between the UE and the LTE system. [i.e. applicant’s based on the list, that the user device does not support a key derivation algorithm supported by the computing device]]; and
sending, to the user device, via a secured channel, and based on the determining that the user device does not support the key derivation algorithm supported by the computing device, the key derivation algorithm supported by the computing device [Xu, Figure # 3 and paragraph: 0045, Step 310: According to the parameters used in the RRC encryption key derivation and the UP encryption key derivation, the parameters used in K.sub.ASME derivation, the parameters used in K.sub.NAS derivation, the parameters used in K.sub.eNB derivation in the received contents of the transparent container, the UE [i.e. applicant’s user device] derives the RRC encryption key, UP encryption key, K.sub.ASME, K.sub.NAS, and K.sub.eNB, and sets a protection algorithm applicable after handover [i.e. applicant’s key derivation algorithm supported by the computing device]].
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Appenzeller and Xu in order for the encryption of bank transactions or bank communications between the bank and the various customer devices or customer to external customers of the bank of Appenzeller to include performing data key communication security negotiations between participants in before communication with each other of Xu. This 
34.	As per claim 13. Appenzeller does teach what is taught in the rejection of claim # 1 above.
Appenzeller does not teach clearly the method of claim 12, further comprising:
receiving, by the computing device from the user device, a message based on a first key derived from a master key and the key derivation algorithm;
 deriving, based on the key derivation algorithm and a second key derived, based on the master key and the key derivation algorithm, by a second computing device, a derived key, wherein the second key is different from the first key; and
authenticating the user device based on the  derived key and the message.
However, Appenzeller does teach the method of claim 12, further comprising:
receiving, by the computing device from the user device, a message based on a first key [Figure # 3, and paragraph: 0068, At step 46, sender A [i.e. applicant’s user device] sends the message to the recipient [i.e. applicant’s first computing device]. As an example, sender A's email client may send an email message [i.e. applicant’s message] that is addressed to the recipient over intranet 16. 
The outbound message from the sender may be received by the gateway 22 at step 48. The gateway may have message management software or other suitable software that is used to implement policies such as encryption policies, virus scanning policies, archiving policies, etc. The gateway can use these policies and message attribute information such as message content information, source and destination address information, header information, etc. to determine how to handle each message. For example, the gateway can examine the domain name portion of each recipient's email address to determine whether or not a particular message should be encrypted. 
Then at paragraph: 0071, lines 1 – 5, Any suitable encryption policies may be implemented using gateway 22. For example, gateway 22 may encrypt all outgoing messages, may encrypt messages being sent to a particular recipient or list of recipients (i.e., particular customers) [i.e. applicant’s a message based on a first key] derived from a master key and the key derivation algorithm [paragraph: 0053, lines 8 – 12, The sender A sends each message through gateway 22. Gateway 22 uses encryption engine 28 to encrypt each message using a symmetric key. The symmetric key is derived from the master key 26 by the key generator 20 and is therefore referred to as a "derived key."];
 deriving, based on the key derivation algorithm and a second key derived [Figure # 3 and paragraph: 0077, At step 58, the recipient (recipient C in this example) receives the message over communications network 14. The message may be received by the recipient's client software running on the recipient's equipment 12.
f the recipient's client software has a copy of an appropriate derived key available in a local cache, the client software may use that derived key to decrypt the message. If the derived key is not available locally, the recipient may obtain a copy of the derived key from organization 18. 
Then at paragraph: 0079, In particular, at step 60, the recipient may generate a derived-key request and may provide the derived key request to the decryption server 24. Any suitable arrangement may be used to make the derived key request. For example, the client of sender A or the gateway 22 may automatically include a clickable link (e.g., a web link) in the outgoing message. When recipient C receives the message, instructions in the message may prompt recipient C to click on the link. Clicking on the link may instruct recipient C's web browser or other suitable client software to transmit certain information in the link to a particular web address over communications network 14. The information that is transmitted may include recipient identity information and may serve as a derived key request. The web address may be associated with decryption server 24. This is merely one illustrative way in which a derived key request may be provided to decryption server 24. Any suitable arrangement may be used if desired], based on the master key and the key derivation algorithm [paragraph: 0053, lines 8 – 12, The sender A sends each message through gateway 22. Gateway 22 uses encryption engine 28 to encrypt each message using a symmetric key. The symmetric key is derived from the master key 26 by the key generator 20 and is therefore referred to as a "derived key."], by a second computing device, a derived key [Then at paragraph: 0082, After the decryption server 24 obtains the derived key for recipient C from key generator 20 at step 64, the decryption server 24 may provide the derived key to recipient C over communications network 14 at step 66. The decryption server 24 may provide the derived key to recipient C securely by using the secure communications channel that was established at step 62 (e.g., over the SSL link)], wherein the second key is different from the first key [paragraph: 0082, After the decryption server 24 obtains the derived key [i.e. applicant’s the second key is different from the first key] for recipient C from key generator 20 ]; and
authenticating the user device based on the  derived key and the message [Figure # 4 and paragraph: 0083, At step 68, recipient C receives the derived symmetric key [i.e. applicant’s derived key] from the decryption server 24 over the secure communications channel. The recipient may then use decryption engine 34 to decrypt the encrypted message (i.e., to decrypt the ciphertext) [i.e. applicant’s authenticating the user device based on the message]. The inputs to decryption engine 34 are the encrypted version of the message (i.e., the ciphertext) and the derived key of recipient C. The output of the decryption engine 34 is the unencrypted version of the message contents.].
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to solve the banking industry-wide problem of properly encrypt sensitive electronic communications such as email messages. Where senders and recipients of secure messages do and do not have existing relationships with organizations. For example, a bank may wish to send its customers account statements securely. As another example, a customer who receives an encrypted account statement may wish to send a secure email message back to the .
35.	Claim[s] 3, 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Appenzeller et al. [US PGPUB # 2006/0010324] in view of Zhang et al. [US PGPUB # 2016/0330617]
36.	As per claim 3. Appenzeller does teach what is taught in the rejection of claim # 1 above. 
Although, Appenzeller does teach the method of claim 1, wherein the first key is derived from a first quantity of iterations of the key derivation algorithm [paragraph: 0053, lines 8 – 12, The sender A sends each message through gateway 22. Gateway 22 uses encryption engine 28 to encrypt each message using a symmetric key. The symmetric key is derived from the master key 26 by the key generator 20 and is therefore referred to as a "derived key."
Then at paragraph: 0071, lines 1 – 5, Any suitable encryption policies may be implemented using gateway 22. For example, gateway 22 may encrypt all outgoing messages, may encrypt messages being sent to a particular recipient or list of recipients (i.e., particular customers)] using the master key as an initial input [paragraph: 0053, lines 8 – 12, The sender A sends each message through gateway 22. Gateway 22 uses encryption engine 28 to encrypt each message using a symmetric key. The symmetric key is derived from the master key 26 by the key generator 20 and is therefore referred to as a "derived key."], the second key is derived from a second quantity of iterations of the key derivation algorithm using the master key as an initial input [paragraph: 0081, At step 64, after the decryption server 24 has determined that the requesting recipient (recipient C in this example) is authorized to obtain a copy of the derived key, the decryption server 24 may request and obtain the derived key from key generator 20. The key request made by decryption server 24 may be made over intranet 16 and may include the recipient ID. The decryption server 24 is at the same organization as the key generator 20, so the key generator 20 trusts the decryption server. Accordingly, the key generator 20 may use the recipient ID  information from the decryption server and the derived key generation process of steps 38, 40, and 42 (FIG. 2) to produce the derived key. The derived key [i.e. applicant’s second key] may be provided to the decryption server over intranet 16.]. 
While Appenzeller does not teach clearly the first key is also derivable from a third quantity of iterations of the key derivation algorithm using the second key as an initial input, and the first quantity is a sum of the second and the third quantities.
However, Zhang does teach the first key is also derivable from a third quantity of iterations of the key derivation algorithm using the second key as an initial input, and the first quantity is a sum of the second and the third quantities [paragraph: 0037, Further, a method according to twenty-fifth exemplary aspect of the present invention provides a method of protecting communication in a mobile communication system including a plurality of base stations, and a UE (User Equipment) connectable to the plurality of base stations for dual connectivity. This method includes: deriving, by a first base station, a second key [i.e. applicant’s first key] from a first key [i.e. applicant’s second key]; sending, by the first base station, the second key to a second base station; deriving, by the second base station, a third key [i.e. applicant’s first quantity is a sum of the second and third quantities] from the second key; sending, by the first base station, information or parameter relating to a fourth key to the UE; and deriving, by the UE, the fourth key for ciphering of user plane. The third key and the fourth key are the same, and the same key is used for encrypting communication between the second base station and the UE.].
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Appenzeller as modified and Zhang in order for the encryption of bank transactions or bank communications between the bank and the various customer devices or customer to external customers of the bank of Appenzeller as modified to include calculating and distributing random values for the purpose of protecting the communication of data of Zhang. This would allow for the customers and the bank to encrypt data based on a random value for protection of the transaction communications between the customers and bank. See paragraph: 0016 of Zhang. 
37.	As per claim 18. Appenzeller as modified does teach the method of claim 16, wherein the first key is derived based on performing a third quantity of iterations of the key derivation algorithm based on the master key as an initial input  wherein the second quantity is a sum of the first and the third quantities [Zhang, paragraph: 0037, Further, a method according to twenty-fifth exemplary aspect of the present invention provides a method of protecting communication in a mobile communication system including a plurality of base stations, and a UE (User Equipment) connectable to the plurality of base stations for dual connectivity. This method includes: deriving, by a first base station, a second key [i.e. applicant’s first key] from a first key [i.e. applicant’s second key]; sending, by the first base station, the second key to a second base station; deriving, by the second base station, a third key [i.e. applicant’s first quantity is a sum of the second and third quantities] from the second key; sending, by the first base station, information or parameter relating to a fourth key to the UE; and deriving, by the UE, the fourth key for ciphering of user plane. The third key and the fourth key are the same, and the same key is used for encrypting communication between the second base station and the UE.].
38.	Claim[s] 6, 7, 24 is/are rejected under 35 U.S.C. 103 as being unpatentable over Appenzeller et al. [US PGPUB # 2006/0010324] in view of Laitinen [US PGPUB # 2006/0101270]
39.	As per claim 6. Appenzeller does teach what is taught in the rejection of claim 1 above. 
Appenzeller does not teach clearly the method of claim 1, further comprising:
receiving, by the first computing device, a first updated key and an updated key derivation algorithm associated with the first updated key; and
replacing the key derivation algorithm with the updated key derivation algorithm.
However, Laitinen does teach method of claim 1, further comprising:
receiving, by the first computing device, a first updated key [Laitinen, paragraph: 0051, lines 4 – 7, The bootstrapping server function may indicate the key derivation function to be used when deriving keys from Ks by sending an algorithm identifier] and an updated key derivation algorithm associated with the first updated key [Laitinen, paragraph: 0049, lines 1 – 8, The user equipment receives (314) the key derivation function in response to the request. Therefore, in this alternative the key derivation function is updated e.g. using the OTA (Over The Air) interface, where the key derivation function implementation itself, or an address (e.g. Uniform Resource Location (URL)) to the key derivation function implementation is sent the user equipment by an operator's OTA server]; and
replacing the key derivation algorithm with the updated key derivation algorithm [Laitinen, paragraph: 0049, lines 1 – 8, The user equipment receives (314) the key derivation function in response to the request. Therefore, in this alternative the key derivation function is updated e.g. using the OTA (Over The Air) interface, where the key derivation function implementation itself, or an address (e.g. Uniform Resource Location (URL)) to the key derivation function implementation is sent the user equipment by an operator's OTA server].

40.	As per claim 7. Appenzeller as modified does teach the method of claim 1, further comprising:
sending, to the user device based on a determination that the user device supports an updated key derivation algorithm [Laitinen, paragraph: 0044, lines 6 – 9, Also, an operator may want to define a new key derivation function and customize the user equipment to use the customized key derivation function instead of the default one. Where at paragraph: 0049, lines 1 – 8, The user equipment receives (314) the key derivation function in response to the request. Therefore, in this alternative the key derivation function is updated e.g. using the OTA (Over The Air) interface, where the key derivation function implementation itself, or an address (e.g. Uniform Resource Location (URL)) to the key derivation function implementation is sent the user equipment by an operator's OTA server], a request for an updated message [Laitinen, 
 and authenticating, based on the updated message and a key derived based on the updated key derivation algorithm, the user device [Laitinen, paragraph: 0057, lines 7 – 10, The receiver 402 may also receive a key derivation function update from a key derivation function update entity, that is, when the key derivation function is to be updated in the user equipment 40. Then at paragraph: 0016, According to another aspect of the invention there is provided a method for determining a key derivation function to be used by user equipment. The method comprises receiving an authentication request from user equipment and sending a key derivation function identifier along with a bootstrapping transaction identifier to the user equipment in response to the authentication request.].
41.	As per claim 24. Appenzeller as modified does teach the method of claim 16, further comprising:
receiving, by the computing device and based on a compromise of the key derivation algorithm [Laitinen, paragraph: 0044, lines 6 – 9, Also, an operator may want to define a new key derivation function and customize the user equipment to use the customized key derivation function instead of the default one.], an updated key derivation algorithm and an updated first key [Laitinen, paragraph: 0026, In one embodiment of the invention, the receiver is configured to receive a key derivation function update from a key derivation function update entity]; and
sending, to the user device and based on a determination that the user device supports the updated key derivation algorithm, an indication of the updated key derivation algorithm [Laitinen, paragraph: 0057, lines 7 – 10, The receiver 402 may also receive a key derivation function update from a key derivation function update entity, that is, when the key derivation function is to be updated in the user equipment 40. Then at paragraph: 0016, According to another aspect of the invention there is provided a method for determining a key derivation function to be used by user equipment. The method comprises receiving an authentication request from user equipment and sending a key derivation function identifier along with a bootstrapping transaction identifier to the user equipment in response to the authentication request].
42.	Claim[s] 9 is/are rejected under 35 U.S.C. 103 as being unpatentable over Appenzeller et al. [US PGPUB # 2006/0010324] in view of Chandoor et al. [US PGPUB # 2017/0201520]
43.	As per claim 9. Appenzeller does teach what is taught in the rejection of claim 1 above. 
Appenzeller does not teach clearly the method of claim 1, further comprising:
encrypting, based on the authenticating and based on an encryption protocol shared between the first computing device and the user device, provisioning data; and
sending, to the user device, the encrypted provisioning data.
However, Chandoor does teach the method of claim 1, further comprising:
encrypting, based on the authenticating and based on an encryption protocol shared between the first computing device and the user device, provisioning data [paragraph: 0008, lines 21 – 24, The method may further include receiving, by the second application, access data provided by the remote server computer based on validation of the encrypted provisioning request data.]; and
sending, to the user device, the encrypted provisioning data [paragraph: 0008, lines 24 – 26, The method may also include provisioning, by the second application, the access data onto the second application.].
It would have been obvious to one ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Appenzeller as modified and Chandoor in order for the encryption of bank transactions or bank communications between the bank and the various customer devices or customer to external customers of the bank of Appenzeller as modified to include encrypting the communications between the stations by using multiple encryption rounds [i.e. TOES] of Chandoor. This would allow for the prevention of an attacker using brute force attacks and gaining access to such communications data given that the data is encrypted multiple times. See paragraph: 0035 of Chandoor. 
44.	Claim[s] 15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Appenzeller et al. [US PGPUB # 2006/0010324] in view of Xu et al. [US PGPUB # 
45.	As per claim 15.  Appenzeller and Xu do teach what is taught in the rejection of claim 12 above. 
Appenzeller and Xu do not teach clearly the method of claim 12, further comprising:
encrypting, before the sending the key derivation algorithm, and based on a digital signature, the key derivation algorithm.
However, Tyree does teach the method of claim 12, further comprising:
encrypting, before the sending the key derivation algorithm, and based on a digital signature, the key derivation algorithm [paragraph: 0077, lines 4 – 13, It should be understood that the cryptographic public key infrastructure signature algorithm may render the derivation of the private key from the shared key, cryptographically infeasible (e.g., impractical given the present and projected state of technology or mathematical practice). Furthermore, use of the cryptographic public key infrastructure signature algorithm to generate a shared key that renders derivation of the private key cryptographically infeasible].
It would have been obvious before the effective filing date of the claimed invention to combine the teachings of Appenzeller as modified and Tyree in order for the encryption of bank transactions or bank communications between the bank and the various customer devices or customer to external customers of the bank of Appenzeller . 
46.	Claim[s] 17, 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Appenzeller et al. [US PUGPUB # 2006/0010324] in view of Wang et al. [US PGPUB # 2013/0315393]
47.	As per claim 17. Appenzeller does teach what is taught in the rejection of claim 16 above. 
	Appenzeller does not clearly teach the method of claim 16, wherein the key derivation algorithm receives the initial input as an input to a first iteration, and wherein each successive iteration, if any, after the first iteration receives an output derived key of an immediately previous iteration as an input key.
	However, Wang does teach the method of claim 16, wherein the key derivation algorithm receives the initial input as an input to a first iteration, and wherein each successive iteration, if any, after the first iteration receives an output derived key of an immediately previous iteration as an input key [Wang, Figure # 5, paragraph: 0042, lines 5 – 10, Then, the user equipment UE1 transmits the first random value R1 to the user equipment UE2 (step S562) [i.e. applicant’s immediately previous iteration as an input key]. The user equipment UE2 [i.e. applicant’s second computing device] generates the second random value R2, and 
It would have been obvious before the effective filing date of the claimed invention to combine the teachings of Appenzeller as modified and Wang in order for the encryption of bank transactions or bank communications between the bank and the various customer devices or customer to external customers of the bank of Appenzeller as modified to include that each entity is authenticated by an authentication server before being allowed to obtain time limited key derivation function and master key parameters of Wang. This would allow for the calculation of a time limited encryption key for use with protecting communicated data between customers and the bank. See paragraphs: 0025 and 0007 of Wang. 
48.	As per claim 19. Appenzeller as modified does teach the method of claim 16, further comprising sending, based on the authenticating, provisioning data to the user device [Wang, Figure # 5, paragraph: 0042, lines 5 – 10, Then, the user equipment UE1 transmits the first random value R1 to the user equipment UE2 (step S562) [i.e. applicant’s sending….provisioning data to the user device]. The user equipment UE2 [i.e. applicant’s user device] generates the second random value R2, and calculates the second temporary key TK2 [i.e. applicant’s second derived key] according to the master key MK [i.e. applicant’s master key] of the D2D master key information (step S563). 
After both of the user equipment UE1 and UE2 obtains the authentication for D2D communication [i.e. applicant’s based on the authenticating], if the user equipment UE1 is intended to perform the D2D communication with the user equipment UE2, the user equipment UE1 sends a D2D communication request related to the user equipment UE2 to the D2D communication controller 130 in the authentication server 110 (step S510).].
49.	Claim[s] 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Appenzeller et al. [US PUGPUB # 2006/0010324] in view of Wang et al. [US PGPUB # 2013/0315393], further in view of Xu et al. [US PGPUB # 2015/0208238]
50.	As per claim 20. Appenzeller does teach what is taught in the rejection of claim 16 above.
	Appenzeller does not teach clearly the method of claim 16, further comprising: receiving, from the user device, a request indicating a plurality of algorithms including the key derivation algorithm; and
sending, to the user device, a message comprising an indication of the key derivation algorithm and requesting the message based on the second key.
However, Wang does teach and sending, to the user device, a message comprising an indication of the key derivation algorithm [Wang, paragraph: 0007, lines 6 – 14, When the first user equipment and the second user equipment respectively send a connection request for device-to-device communication to the authentication server, the authentication server performs routine authentication procedures on the first user equipment and the second user equipment [i.e. applicant’s user device], and respectively provides first key generation information and second key generation information [i.e. applicant’s a message comprising an indication of the key derivation algorithm] to the first user equipment and the second user equipment.] and requesting the message based on the second key [Wang, Figure # 5, paragraph: 0042, lines 5 – 10, Then, the user equipment UE1 transmits the first random value R1 to the user equipment UE2 (step S562). The user equipment UE2 generates the second random value R2, and calculates the second temporary key TK2 [i.e. applicant’s second derived key] according to the master key MK of the D2D master key information (step S563). Where at paragraph: 0044, After the user equipment UE2 receives the third intermediary value V3, the user equipment UE2 calculates a fourth intermediary value V4 according to the second temporary key TK2 and the second random value R2, and determines whether the third intermediary value V3 is the same to the fourth intermediary value V4 (step S569). If the third intermediary value V3 is the same to the fourth intermediary value V4, the user equipment UE2 allows the user equipment UE1 to perform the D2D communication and the encryption and decryption operations during the communication according to the D2D master key information (step S570). According to the above descriptions, it is known that the D2D mutual authentication (the step S560) and the follow-up D2D communication (step S580) are performed without using the D2D communication controller 130.].
It would have been obvious before the effective filing date of the claimed invention to combine the teachings of Appenzeller as modified and Wang in order for the encryption of bank transactions or bank communications between the bank and the various customer devices or customer to external customers of the bank of Appenzeller 
Appenzeller and Wang do not teach clearly receiving, from the user device, a request indicating a plurality of algorithms including the key derivation algorithm. 
However, Xu does teach receiving, from the user device, a request indicating a plurality of algorithms including the key derivation algorithm [Xu, Figure # 3, and paragraph: 0036, Step 32: The source SGSN sends the handover request to the target MME. The handover request includes the UE capability information (including a list of NAS algorithm of the UE, RRC algorithm of the UE, and UP algorithm of the UE) and the key information currently used by the source system (or the key derived by the source system according to the currently used key information).]
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Appenzeller and Xu in order for the encryption of bank transactions or bank communications between the bank and the various customer devices or customer to external customers of the bank of Appenzeller to include performing data key communication security negotiations between participants before communication with each other of Xu. This would allow for the negotiated protection of the communication data by encrypting the .
Conclusion
51.	Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DANT B SHAIFER HARRIMAN whose telephone number is (571)272-7910.  The examiner can normally be reached on M - F: 8am to 5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/DANT B SHAIFER HARRIMAN/Primary Examiner, Art Unit 2434