Notice of Pre-AIA  or AIA  Status
The present application, filed on or after January 23, 2019, is being examined under the first inventor to file provisions of the AIA .
Specification 
The specification filed on January 23, 2019 is accepted. 
Drawings
The drawings filed on January 23, 2019 are accepted.
Claim Objections
Claims 1, 6, 8-9, 11, 13-16, 18 and 19 objected to because of the following informalities: 
Claim 1 line 2 recites “the method comprising” should read as “the method comprising:”
Claim 6 line 1 recites “encrypting said private part….” should read as “encrypting key 
Claim 6 line 3 recites “storing said resulting encrypted private part of said public/private key pair” should read as “storing key of said public/private key pair”
Claim 8 line 2 recites “a remote server” should read as “said remote server” as recited in claim.
Claim 8 line 3 recites “said server” should read as “said remote server”.
Claim 9 line 1 recites “wherein a failure on an authentication protocol with a remote server comprises….” should read as “perform an authentication protocol with said remote server, wherein a failure on the authentication protocol with said remote server comprises”.  OR “using personal identification number for performing an authentication protocol with said remote server, wherein a failure on the authentication protocol with said remote server comprises”. In order to give proper weight to limitation after wherein clause, the examiner suggest to amend the limitation as outlined above.
key 
Claim 9 2nd last line recites “using said private part of said public/private key pair…. “Should read as “using said private key 
Claim 11 line 2 recites “said system comprising” should read as “said user data protection system comprising:” as recited on line of claim 11.
Claim 13 line 1 recites “The user data protection system according to claim 1” should read as “The user data protection system according to claim 11 
Claim 14 should be dependent on claim 13 not on claim 3.
Claim 15 should be dependent on claim 13 not on claim 3.
Claim 16 should be dependent on claim 14 not on claim 4.
Claim 16 line 1 recites “encrypting said private part….” should read as “encrypting key 
Claim 16 line 3 recites “storing said resulting encrypted private part of said public/private key pair” should read as “storing key of said public/private key pair”
Claim 18 should be dependent on claim 17 not on claim 7.
Claim 18 line 2 recites “a remote server” should read as “said remote server” as recited in claim.
Claim 18 line 3 recites “said server” should read as “said remote server”.
Claim 19 should be dependent on claim 15 not on claim 5.
Claim 19 line 1 recites “wherein a failure on an authentication protocol with a remote server comprises….” should read as “perform an authentication protocol with said remote server, wherein a failure on the authentication protocol with said remote server comprises”.  OR “using personal identification number for performing an authentication protocol with said remote server, wherein a failure on the authentication protocol with said remote server comprises”. In order to give proper 
Claim 19 line 5 recites “….said private part of said public/private key pair” should read as “key 
Claim 19 2nd last line recites “using said private part of said public/private key pair…. “Should read as “using said private key 

Examiner notes: The examiner notes that computer readable storage medium recited in claim 20 excludes transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through a waveguide or other transmission media. See para [0095].

CLAIM INTERPRETATION

The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 

As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 

Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 

Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.

This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitation(s) is/are: an encryption and decryption unit in claim 11, a switching module in claim 12 and a protection module in claim 14.

Claim limitation(s) “an encryption and decryption unit” in claim 11 gives their broadest reasonable interpretation of the claim elements with a limited description in the specification. The examiner notes that these elements (i.e. an encryption and decryption unit) lie within a data protection system 600 as sown in Fig 6 and there is a clear link between a computing devices 700 as shown in Fig 7 as the structure and the recited elements because the data protection system 600 is in a computing device 700. Accordingly claims 11 invoke 35 U.S.C. 112 (f) or sixth paragraph, but the corresponding structure is described.

Claim limitation(s) “switching module” and “protection module” of claims 12 and 14 respectively gives their broadest reasonable interpretation of the claim elements with a limited description in the specification. However, the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed function and to clearly link the structure, material, or acts to the function. Accordingly claims 12 and 14 invoke 35 U.S.C. 112 (f) or sixth paragraph, and the corresponding structure is NOT described. For more detail see the 112 rejection below.

Because these claim limitation(s) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, they are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.


If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.


Claim Rejections - 35 USC § 112
A.	The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to 

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claim 12 and 14 rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. The claim recites “a switching module” and “a protection module”. The specification fails to comply with the written description requirement. See Fig 6 and text on [0084] discloses user data protection system 600 comprising encryption unit 602 and decryption unit 604. The specification fails to teach a user data protection system 600 comprising “a switching module” and “a protection module” as recited in claims 12 and 14 respectively.

B.	The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claim limitation “a switching module” and “a protection module” of claims 12 and 14 respectively invokes 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. However, the written 
Applicant may:
(a)        Amend the claim so that the claim limitation will no longer be interpreted as a limitation under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph; 
(b)        Amend the written description of the specification such that it expressly recites what structure, material, or acts perform the entire claimed function, without introducing any new matter (35 U.S.C. 132(a)); or 
(c)        Amend the written description of the specification such that it clearly links the structure, material, or acts disclosed therein to the function recited in the claim, without introducing any new matter (35 U.S.C. 132(a)).
If applicant is of the opinion that the written description of the specification already implicitly or inherently discloses the corresponding structure, material, or acts and clearly links them to the function so that one of ordinary skill in the art would recognize what structure, material, or acts perform the claimed function, applicant should clarify the record by either: 
(a)        Amending the written description of the specification such that it expressly recites the corresponding structure, material, or acts for performing the claimed function and clearly links or associates the structure, material, or acts to the claimed function, without introducing any new matter (35 U.S.C. 132(a)); or 
(b)        Stating on the record what the corresponding structure, material, or acts, which are implicitly or inherently set forth in the written description of the specification, perform the claimed function. For more information, see 37 CFR 1.75(d) and MPEP §§ 608.01(o) and 2181.

Claim 6 line 3 recites the limitation "said non-volatile memory".  There is insufficient antecedent basis for this limitation in the claim.
Claim 7 last line recites “said remote server”. There is insufficient antecedent basis for this limitation in the claim.
Claim 8 line 3 recites “said remote recovery key”. There is insufficient antecedent basis for this limitation in the claim.
Claim 8 line 4 recites “said local recovery key”. There is insufficient antecedent basis for this limitation in the claim.
Claim 8 line 4 recites “said fresh encryption key”. There is insufficient antecedent basis for this limitation in the claim.
 Claim 9 line 3 recites “said high-entropy user input”. There is insufficient antecedent basis for this limitation in the claim.
Claim 9 line 3 recites “said high-entropy key”. There is insufficient antecedent basis for this limitation in the claim.
Claim 16 line 3 recites the limitation "said non-volatile memory".  There is insufficient antecedent basis for this limitation in the claim.
Claim 17 last line recites “said remote server”. There is insufficient antecedent basis for this limitation in the claim.
Claim 18 line 3 recites “said remote recovery key”. There is insufficient antecedent basis for this limitation in the claim.
Claim 18 line 4 recites “said local recovery key”. There is insufficient antecedent basis for this limitation in the claim.

Claim 19 line 3 recites “said high-entropy user input”. There is insufficient antecedent basis for this limitation in the claim.
Claim 19 line 3 recites “said high-entropy key”. There is insufficient antecedent basis for this limitation in the claim.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim(s) 1-2, 10-12 and 20 is/are rejected under 35 U.S.C. 102 (a) (1) as being anticipated by Adams et al (hereinafter Adams) (US 20050257043).
Regarding claim 1 Adams teaches a computer-implemented method for protecting a mobile device against unauthorized access to user data stored in the mobile device, the method comprising (Adams on [0012] teaches system and method for protecting mobile device. See on [0057] teaches preventing unauthorized party access for obtaining data stored in memory of mobile device);
(Adams on [0033] teaches when the device is locked, the device automatically encrypts the fields contents. See on [0027 and 0057] data associated with filed is stored in flash memory or RAM of device. See on [0040-0041] teaches Input is received which indicates that the mobile device is to enter into a protected mode (i.e. locked state [0039]). Data associated with fields displayed on a user interface is encrypted and stored in a data store);
and decrypting said user data stored in said volatile memory if said mobile device is switched from said locked status into an unlocked status (Adams on [0029] teaches  when a mobile device 100 has become unlocked, the encrypted user field data is decrypted by decryption software module 350. See on [0027 and 0057] data is stored in flash memory or RAM of device.  See on [0040-0041] teaches after the mobile device leaves the protected mode (i.e. unlocked state [0039]), the stored encrypted user interface field data is decrypted).
Regarding claim 11 Adams teaches a user data protection system for protecting a mobile device against unauthorized access to user data stored in said mobile device, said system comprising (Adams on [0012] teaches system and method for protecting mobile device. See on [0057] teaches preventing unauthorized party access for obtaining data stored in memory of mobile device);
an encryption unit adapted for encrypting said user data stored in a volatile memory of the mobile device if the mobile device is switched to a locked status (Adams on [0033] teaches when the device is locked, the device automatically encrypts the fields contents. See on [0027 and 0057] data associated with filed is stored in flash memory or RAM of device. See on [0040-0041] teaches Input is received which indicates that the mobile device is to enter into a protected mode (i.e. locked state [0039]). Data associated with fields displayed on a user interface is encrypted and stored in a data store);
and a decryption unit adapted for decrypting the user data stored in the volatile memory if said mobile device is switched from said locked status into an unlocked status (Adams on [0033] teaches when the device is locked, the device automatically encrypts the fields contents. See on [0027 and 0057] data associated with filed is stored in flash memory or RAM of device. See on [0040-0041] teaches Input is received which indicates that the mobile device is to enter into a protected mode (i.e. locked state [0039]). Data associated with fields displayed on a user interface is encrypted and stored in a data store).
Regarding claim 2 and 12 Adams teaches all the limitations of claim 1 and 11 respectively, Adams further teaches also comprising switching said mobile device into said locked status after a power-on of said mobile device, or after a time period of inactivity, or after receiving a lock signal (Adams on [0032] teaches The device could have entered the lock mode for many different reasons, such as the mobile device automatically entering the lock mode after a certain period of user inactivity, or the mobile device enters the lock mode because of user input).
Regarding claim 10 Adams teaches all the limitations of claim 1, Adams further teaches wherein said mobile device comprises a display and wherein said switching said mobile device into a locked status comprises blocking keypad inputs apart from accepting a personal identification number or, if no network connection is available, accepting a high-entropy value (Adams on [0026] teaches mobile device comprises a display and icon representing the state of device).
Regarding claim 20 Adams teaches a computer program product for protecting a mobile device against unauthorized access to user data stored in said mobile device, said computer program product comprising a computer readable storage medium having program instructions embodied therewith, said program instructions being executable by one or more computing systems or controllers to cause said one or more computing systems to (Adams on [0064 and Claim20] teaches Computer software program or programs stored on one or more computer readable media executed by computer. See on [0057] teaches preventing unauthorized party access for obtaining data stored in memory of mobile device);
(Adams on [0033] teaches when the device is locked, the device automatically encrypts the fields contents. See on [0027 and 0057] data associated with filed is stored in flash memory or RAM of device. See on [0040-0041] teaches Input is received which indicates that the mobile device is to enter into a protected mode (i.e. locked state [0039]). Data associated with fields displayed on a user interface is encrypted and stored in a data store);
 and decrypting said user data stored in said volatile memory if said mobile device is switched from said locked status into an unlocked status (Adams on [0033] teaches when the device is locked, the device automatically encrypts the fields contents. See on [0027 and 0057] data associated with filed is stored in flash memory or RAM of device. See on [0040-0041] teaches Input is received which indicates that the mobile device is to enter into a protected mode (i.e. locked state [0039]). Data associated with fields displayed on a user interface is encrypted and stored in a data store).

                                               Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 3, 7, 13 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Adams et al (hereinafter Adams) (US 20050257043) in view of Adams et al (hereinafter Neil) (US 20110185186).

Regarding claims 3 and 13 Adams teaches all the limitations of claim 1 and 11 respectively, Adams fails to explicitly teach a fresh encryption key every time said encrypting said user data stored in  (Neil on [0058-0060] teaches using a new key for encryption);
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Neil into the teaching of Adams by using new encryption key for encryption. One would be motivated to do so in order to provide enhanced protection of sensitive information stored on a mobile device (Neil on [0007]).
Regarding claim 7 and 17 Adams teaches all the limitations of claim 1 and 11 respectively, Adams fails to explicitly teach wherein said switching said mobile device from a locked status into said unlocked status comprises receiving a personal identification number, and using said personal identification number for performing an authentication protocol with said remote server, however Neil from analogous art teaches wherein said switching said mobile device from a locked status into said unlocked status comprises receiving a personal identification number, and using said personal identification number for performing an authentication protocol with said remote server (Neil on [0062] teaches unlocking mobile device using password).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Neil into the teaching of Adams by using new encryption key for encryption. One would be motivated to do so in order to provide enhanced protection of sensitive information stored on a mobile device (Neil on [0007]).

Claims 4-6, 8, 14-16 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Adams et al (hereinafter Adams) (US 20050257043) in view of Adams et al (hereinafter Neil) (US 20110185186) and further in view of Bowman et al (hereinafter Bowman) (US 20180248693).
4 and 14 the combination of Adams and Neil teaches all the limitations of claim 3 and 13 respectively, the combination fails to explicitly teach protecting said fresh encryption key by encrypting said fresh encryption key by a static encryption key, wherein said static encryption key is a public key of a public/private key pair, However Bowman from analogous art teaches also comprising protecting said fresh encryption key by encrypting said fresh encryption key by a static encryption key, wherein said static encryption key is a public key of a public/private key pair (Bowman on [0021, 0028, 0031 and 0035] teaches encrypting first and second portion of recovery key (i.e. fresh encryption key) using public key).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Bowman into the combined teaching of Adams and Neil by encrypting fresh key with public key. One would be motivated to do so in order to protect recovery key used for protecting sensitive data (Bowman on [0009-0010]).
Regarding claim 5 and 15 the combination of Adams, Neil and Bowman teaches all the limitations of claim 3 and 13 respectively, Bowman further teaches also comprising protecting said fresh encryption key by encoding said fresh encryption key into two parts, namely a local recovery key, stored in a non-volatile memory of said mobile device, and a remote recovery key, sent to a remote server (Bowman on [0027] teaches the first user device 102 divides the recovery key K into two portions: K1 and K2. See on [0031] teaches the first user device 102 transmits K2 to SCS 120 (i.e. server). See on [0028-0029] Key K1 is stored on the second user device);
and deleting said remote recovery key and said fresh encryption key from said mobile device (Bowman on [0031] teaches the first user device 102 discards the recovery key K by removing any portions of the recovery key K, e.g., K1 and K2, from the memory of the first user device 102).  The rationale to combine the references is the same reason set forth for claim 4 and 14 above. 
6 and 16 the combination of Adams and Neil and Bowman teaches all the limitations of claim 4 and 14 respectively, Neil further teaches also comprising encrypting said private part of said public/private key pair using a high-entropy key derived by a high-entropy user input (Neil on [0005 and 0065] teaches the private key is also encrypted using the temporary symmetric key generated from the user's password);
and storing said resulting encrypted private part of said public/private key pair on said non- volatile memory of said mobile device (Neil on [0065] teaches the mobile device 100 may also have stored thereon an asymmetric private/public key pair (k, K) for performing additional data protection).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Neil into the teaching of Adams by encrypting private part using high entropy key. One would be motivated to do so in order to provide enhanced protection of sensitive information stored on a mobile device (Neil on [0007]).

Regarding claim 8 and 18 the combination of Adams and Neil teaches all the limitations of claim 3 and 13 respectively, the combination fails to explicitly teach wherein a success of an authentication protocol with a remote server comprises receiving said remote recovery key from said server, and using said remote recovery key and said local recovery key to recover said fresh encryption key, however Bowman from analogous art teaches wherein a success of an authentication protocol with a remote server comprises receiving said remote recovery key from said server, and using said remote recovery key and said local recovery key to recover said fresh encryption key (Bowman on [0021] teaches In response to the key recovery request, the SCS 120 forwards the first portion of the recovery key to the second user device 104. The SCS 120 also transmits the second portion of the recovery key to the first user device 102. The second user device 104 transmits the first portion of the recovery key to the first user device 102. The first user device reconstructs the recovery key using the received first and second portions of the recovery key. See on [0037] teaches the first user device 102 reconstructs the recovery key K using the received K1 and K2).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Bowman into the combined teaching of Adams and Neil by recovering the encoded key. One would be motivated to do so in order to protect recovery key used for protecting sensitive data (Bowman on [0009-0010]).

Claims 9 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Adams et al (hereinafter Adams) (US 20050257043) in view of Adams et al (hereinafter Neil) (US 20110185186) in view of Bowman et al (hereinafter Bowman) (US 20180248693) and further in view of Ebrahimi et al (hereinafter Ebrahimi) (US 20190182042).

Regarding claim 9 and 19 the combination of Adams, Neil and Bowman teaches all the limitations of claim 5 and 15 respectively, Bowman further teaches and using said private part of said public/private key pair to decrypt said fresh encryption key which was encrypted using said static encryption key (Bowman on [0035-0036] teaches the SCS 120 can decrypt the encrypted K2 and K1 using its private key and obtains the unencrypted K2).
The combination fails to explicitly teach wherein a failure on an authentication protocol with a remote server comprises prompting for inserting said high-entropy user input, using said high-entropy user input to recover said high-entropy key and using said high-entropy key to decrypt said private part of said public/private key pair, However Ebrahimi from analogous art teaches wherein a failure on an authentication protocol with a remote server comprises prompting for inserting said high-entropy user input (Ebrahimi on [0076-0077] teaches receiving identity factor as an input by the user);
(Ebrahimi on [0077] teaches receiving identity factor as an input for recovering dynamic password  (i.e. high-entropy key interpreted in view of para [0048] of instant application)); 
using said high-entropy key to decrypt said private part of said public/private key pair (Ebrahimi on [0150] teaches decrypting private key using dynamic password).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Ebrahimi into the combined teaching of Adams, Neil and Bowman by recovering key based on user input and decrypting private key using the recovered key. One would be motivated to do so in order to protect recovery key used for protecting sensitive data (Ebrahimi on [0004]).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Leclercq (US 20120042157) RAM Based Security Element for Embedded Applications. The present invention also disclose a data processing device having a random access memory (RAM) based security element for use in a conditional access system. The device includes a demodulator coupled to the RAM based security element for receiving encrypted information. The device performs the steps of receiving data from a first external memory, storing the received data in the RAM disposed in the security element, and determining whether a backup condition occurs. The data stored in the RAM is encrypted using an encryption key that is generated using a unique code stored in a non-volatile memory register disposed in the security element and a seed.
Lee et al (US 20080080715) The present invention relates to an apparatus and a method for data encryption using a secure memory, and more particularly, to an apparatus and a 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOEEN KHAN whose telephone number is (571)272-3522.  The examiner can normally be reached on 7AM-5PM EST M-TH Alternate Fridays.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on (571)272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/MOEEN KHAN/Examiner, Art Unit 2436                                                                                                                                                                                                        
/SHEWAYE GELAGAY/Supervisory Patent Examiner, Art Unit 2436