DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in an interview with Gabriel Daniel on 3/19/2021.
PLEASE AMEND THE CLAIMS AS FOLLOWS:
 (Currently Amended) A computing device comprising:
a processor;
a network interface coupled to the processor to enable communication over a network;
a storage device coupled to the processor;
a security agent software stored in the storage device, wherein the processor, when executed by the security agent software, is configured to perform acts comprising:
receiving a request for a resource from a user device;
receiving a predefined number (p) from the user device;
creating a first number (c) and a second number (g);

sending the first discrete logarithm and the second number (g) to the user device;
receiving a second discrete logarithm from the user device based on a third number (s) generated by the user device, the predefined number (p), and the second number (g), from the user device;
calculating a first pass code (R1) via a third discrete logarithm, based on the second discrete logarithm, the first number (c), and the predefined number (p);
receiving a second pass code (R2) via a fourth discrete logarithm, based on the first discrete logarithm, the third number (s), and the predefined number (p), from the user device;
comparing the first pass code (R1) to the second pass code (R2); and
upon determining that the first pass code (R1) is identical to the second pass code (R2), allowing the user device to access the resource, wherein the computing device keeps the first number (c) and the second number (g) secret.

(Original) The computing device of claim 1, wherein the predefined number (p) is an identification (ID) number of the user device.

(Original) The computing device of claim 1, wherein the predefined number (p) is received over a Hypertext Transfer Protocol Secure (HTTPS) channel.

(Original) The computing device of claim 1, wherein the first discrete logarithm and the second number (g) sent to the user device is via a public switched telephone network (PSTN) channel.

(Original) The computing device of claim 1, wherein the receipt of the predefined number (p) by the computing device is over a channel that is different from that of sending the first discrete logarithm and the second number (g) to the user device.

(Original) The computing device of claim 1, wherein the first discrete logarithm is based on (gc mod p).

(Original) The computing device of claim 6, wherein the second discrete logarithm is based on (gs mod p).

(Original) The computing device of claim 7, wherein the third discrete logarithm is based on ((gs mod p)c mod p).

(Original) The computing device of claim 8, wherein the fourth discrete logarithm is based on ((gc mod p)s mod p).

(Original) The computing device of claim 1, wherein execution of the security agent by the processor further configures the computing device to perform acts, comprising: 
1) is not identical to the second pass code (R2), sending an alert to an account of a user associated with the requested resource.

(Original) The computing device of claim 1, wherein execution of the security agent by the processor further configures the computing device to perform acts, comprising: 
upon determining that the first pass code (R1) is identical to the second pass code (R2), changing the challenge code.


(Currently Amended) A non-transitory computer readable storage medium tangibly embodying a computer readable program code having computer readable instructions that, when executed, causes a computer device to carry out a method of authenticating a user, the method comprising:
receiving a request for a resource from a user device;
receiving a predefined number (p) from the user device;
creating a first number (c) and a second number (g);
determining a first discrete logarithm based on the first number (c) and the predefined number (p);
sending the first discrete logarithm and the second number (g) to the user device;
receiving a second discrete logarithm from the user device based on a third number (s) generated by the user device, the predefined number (p), and the second number (g), from the user device;
1) via a third discrete logarithm, based on the second discrete logarithm, the first number (c), and the predefined number (p);
receiving a second pass code (R2) via a fourth discrete logarithm, based on the first discrete logarithm, the third number (s), and the predefined number (p), from the user device;
comparing the first pass code (R1) to the second pass code (R2); and
upon determining that the first pass code (R1) is identical to the second pass code (R2), allowing the user device to access the resource, wherein the computer device keeps the first number (c) secret.

(Original) The non-transitory computer readable storage medium of claim 12, wherein the predefined number (p) is an identification (ID) number of the user device.

(Original) The non-transitory computer readable storage medium of claim 12, wherein the predefined number (p) is received over a Hypertext Transfer Protocol Secure (HTTPS) channel.

(Original) The non-transitory computer readable storage medium of claim 12, wherein the receipt of the predefined number (p) by the computing device is over a channel that is different from that of sending the first discrete logarithm and the second number (g) to the user device.

(Original) The non-transitory computer readable storage medium of claim 12, wherein the first discrete logarithm is based on (gc mod p).

(Original) The non-transitory computer readable storage medium of claim 16, wherein the second discrete logarithm is based on (gs mod p).

(Currently amended) The non-transitory computer readable storage medium of claim 17, wherein: 
the third discrete logarithm is based on ((gs mod p)c mod p), and
the fourth discrete logarithm is based on ((gc mod p)s mod p).

(Original) The non-transitory computer readable storage medium of claim 12, further comprising: 
upon determining that the first pass code (R1) is not identical to the second pass code (R2), sending an alert to an account of a user associated with the requested resource.

(Original) The non-transitory computer readable storage medium of claim 12, further comprising: 
upon determining that the first pass code (R1) is identical to the second pass code (R2), changing the challenge code.

(Currently Amended) A computing device comprising:
a processor;

a storage device coupled to the processor;
a security agent software stored in the storage device, wherein the processor, when executed by the security agent software, is configured to perform acts comprising:
sending a request for a resource, from the computing device to a server;
sending a predefined number (p) to the server;
receiving (i) a first discrete logarithm based on the first number (c) and the predefined number (p) and (ii) and the second number (g) from the server;
generating a third number (s);
determining a second discrete logarithm based on a third number (s), the predefined number (p), and the second number (g);
sending the second discrete logarithm to the server;
calculating a second pass code (R2) via a fourth discrete logarithm, based on the first discrete logarithm, the third number (s), and the predefined number (p);
sending the second pass code (R2) to the server for comparison to a first pass code R1 based on the second discrete logarithm, the first number (c), and the predefined number (p); and
receiving access to the secure resource upon the second pass code (R2) being identical to the first pass code (R1), wherein the computer device keeps the first number (c) secret.

(Original) The computing device of claim 21, wherein the predefined number (p) is an identification (ID) number of the user device.

(Original) The computing device of claim 21, wherein the sending of the predefined number (p) by the computing device is over a channel that is different from that of receiving the first discrete logarithm and the second number (g) from the server.

(Original) The computing device of claim 21, wherein: 
the first discrete logarithm is based on (gc mod p),
the second discrete logarithm is based on (gs mod p),
the third discrete logarithm is based on ((gs mod p)c mod p), and
the fourth discrete logarithm is based on ((gc mod p)s mod p).
Allowable Subject Matter
Claims 1-24 are allowed.
The following is an examiner’s statement of reasons for allowance: No reason for allowance is needed as the record is clear in light of the reasons for allowance in the Notice of Allowance dated 1/11/2021. This communication thus satisfies the "record as a whole" proviso of the rule 37 CFR 1.1.04(e). As such the reasons for allowance are in all probability evident from the record and no statement is deemed necessary, see for example MPEP 1302.14.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the 
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KENDALL DOLLY whose telephone number is (571)270-1948.  The examiner can normally be reached on Monday-Thursday 7am-4pm(EST) and Friday 7am-11am(EST).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on (571)272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/KENDALL DOLLY/Primary Examiner, Art Unit 2436