DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Applicant's amendments filed on 03/10/2021 has been received and entered.  Currently Claims 1-21 are pending.

Information Disclosure Statement
The information disclosure statement (IDS) submitted by applicant dated 01/27/2021 has been considered by the examiner.

Response to Arguments
Applicant argues on page 11 of applicant’s remarks that claim 15 is amended to recite that its processor is a hardware processor.  This is inherited by dependent claims 16-21. In view of these amendments, the claims recite eligible subject matter and these rejections should be withdrawn. 
The examiner notes that claim 15 has not been amended to recite that its processor is a hardware processor.  Therefore, the 101 rejections of claims 15-21 remain standing.

Applicant argues on pages 12-13 of applicant’s remarks that Abbott does not anticipate the claims as amended.
Applicant’s arguments are moot in view of the new ground(s) of rejection.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 15-21 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  
As per claim 15, the claim recite(s) a device comprising components which may be interpreted simply as software, which does not fall under one of the four statutory categories.  The recitation of "a processor" does not limit the claim to hardware, since processors are not necessarily considered as hardware and may refer to software.  It is suggested to amend the limitation to “a hardware processor”.  The recitation of "computer readable storage medium" does not limit the claim to statutory subject matter, since a computer readable storage medium may be interpreted as a signal or carrier wave.  The examiner suggest amending the limitation to recite a non-transitory computer readable storage medium.
Dependent claims 16-21 do not limit the independent claim 15 to statutory subject matter and therefore are also rejected under 35 U.S.C. 101.


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 8 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Garg et al. US2020/0007327 hereinafter referred to as Garg, in view of Abbott US2016/0149899.
As per claim 1, Garg teaches a method for secure communication between a first device to a second device, the method comprising: identifying, by the first device, a request to establish communication with the second device (Garg paragraph [0041], client initiates session); 

sending the first public key to the second device (Garg paragraph [0041], client sends and server receives the public key of the client ephemeral key pair);
receiving, at the first device, a second public key from the second device of a second public/private key pair generated by the second device (Garg paragraph [0041], server generates ephemeral key pair.  Server sends and client receives the public key of the server ephemeral key pair).
Garg does not explicitly disclose generating, by a first device, third public-private key pair including a third public key and a third private key specific to the first device receiving messages from a second device;
storing the third private key as a messaging key for decrypting received messages from the second device;
encrypting the third public key generated by the first device with a second public key received from the second device;
sending, from the first device, the encrypted third public key to the second device;
receiving, at the first device, an encrypted fourth public key from the second device of a fourth public/private key pair generated by the second device;
recovering the fourth public key by decrypting the encrypted fourth public key with a first private key generated by the first device;
storing the fourth public key as a messaging key for encrypting messages to be sent to the second device; and
securely communicating with the second device, wherein messages received from the second device are decrypted with the third private key and messages sent to the second device are encrypted with the fourth public key.
Abbott teaches generating, by a first device, third public-private key pair including a third public key and a third private key specific to the first device receiving messages from a second device (Abbott paragraph [0035], client A generates session key pair);

encrypting the third public key generated by the first device with a second public key received from the second device (Abbott paragraph [0035], encrypt client A public session key with client B public identity key);
sending, from the first device, the encrypted third public key to the second device (Abbott paragraph [0035], sending the encrypted client A public session key);
receiving, at the first device, an encrypted fourth public key from the second device of a fourth public/private key pair generated by the second device (Abbott paragraph [0034], receive encrypted client B public session key);
recovering the fourth public key by decrypting the encrypted fourth public key with a first private key generated by the first device (Abbott paragraph [0034], decrypting the encrypted client B public session key with client A private identity key);
storing the fourth public key as a messaging key for encrypting messages to be sent to the second device (Abbott paragraph [0026], [0034], storing client B public session key); and
securely communicating with the second device, wherein messages received from the second device are decrypted with the third private key and messages sent to the second device are encrypted with the fourth public key (Abbott paragraph [0035], [0037]-[0038], conduct secure communications between the two devices.  Decrypt received messages with client A private session key and encrypt sent messages with client B public session key).
Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to substitute the session keys and generation of the session keys of Garg with the session keys and generation of the session keys as taught by Abbott because the results would have been predictable and resulted in the generation of session key pairs for secure communications between the client and the server.  It would have also been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to substitute the encrypting/decrypting of the public session keys using the identity keys of Abbott with using the ephemeral keys of Garg because the results would have been predictable and resulted in the session public keys being encrypted using the ephemeral keys.

As per claims 8 and 15, claims 8 and 15 claim a non-transitory computer readable storage medium and a device essentially corresponding to the method claim 1 above, and they are rejected, at least for the same reasons.

Claims 2-5, 9-12 and 16-19 are rejected under 35 U.S.C. 103 as being unpatentable over Garg in view of Abbott, and further in view of Westerveld et al. US2011/0311044 hereinafter referred to as Westerveld.
As per claim 2, Garg in view of Abbott teaches the method of claim 1.
Garg in view of Abbott does not explicitly disclose wherein first and second device send and receive keys with messages communicate via an encrypted session between the first and second devices.
Westerveld teaches wherein first and second device send and receive keys with messages communicate via an encrypted session between the first and second devices (Westerveld paragraph [0039]-[0041], [0043], send and received encrypted control words).
Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Garg in view of Abbott with the teachings of Westerveld to include sending and receiving encrypted control words in order to securely provide streaming media.

As per claim 3, Garg in view of Abbott teaches the method of claim 1.
Garg in view of Abbott does not explicitly disclose further comprising: sending by first device, a symmetric key encrypted with key to second device;
encrypting a media file with the symmetric key; and sending the encrypted media file to the second device.
Westerveld teaches further comprising: sending by first device, a symmetric key encrypted with key to second device (Westerveld paragraph [0039]-[0041], [0043], send encrypted control words);

Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Garg in view of Abbott with the teachings of Westerveld to include sending and receiving encrypted control words in order to securely provide streaming media.  It would have also been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Westerveld with the teachings of Garg in view of Abbott to include using public/private keys for secure session communications because the results would have been predictable and resulted in data being encrypted using a session public key and decrypted using a session private key.

As per claim 4, Garg in view of Abbott and Westerveld teaches the method of claim 3, wherein the second device is a set-top box configured to decrypt the media file with the symmetric key (Westerveld paragraph [0037], [0043], STB decrypts media using control words).

As per claim 5, Garg in view of Abbott and Westerveld teaches the method of claim 3, wherein the symmetric key is a key chain sequence of symmetric keys (Westerveld paragraph [0041], [0043], [0046], plurality of control words).

As per claims 9-12 and 16-19, claims 9-12 and 16-19 claim a non-transitory computer readable storage medium and a device essentially corresponding to the method claims 2-5 above, and they are rejected, at least for the same reasons.

Claims 6, 13 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Garg in view of Abbott, and further in view of Reddy et al. US2018/0234388 hereinafter referred to as Reddy.
As per claim 6, Garg in view of Abbott teaches the method of claim 1, wherein the first device does not have a networking address of the second device, the method further comprising: sending, by the first device, a request to establish secure communication with the second device to a connection management server, the request including identifying information of the second device (Abbott paragraph [0031]-[0032], send request to the server)(It is obvious to one of ordinary skill in the art that the request identifies the recipient in order for the server to determine if the recipient is available and to forward the request to the recipient);
wherein sending the first public key and the encrypted third public key to the second device comprises sending the keys to the connection management server (Garg paragraph [0041]; Abbott paragraph [0034]-[0035], sending the keys to the server).
 Garg in view of Abbott does not explicitly disclose data encrypted by a public key associated with a connection management server.
Reddy teaches data encrypted by a public key associated with a connection management server (Reddy paragraph [0049]-[0050], [0056], encrypt data with public key of proxy device).
Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Garg in view of Abbott with the teachings of Reddy to include encrypting data with a public key of a proxy in order to provide secure communications between the devices and the proxy.  

As per claims 13 and 20, claims 13 and 20 claim a non-transitory computer readable storage medium and a device essentially corresponding to the method claims 6 above, and they are rejected, at least for the same reasons.

Allowable Subject Matter
Claims 7 and 14 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.




Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HENRY TSANG whose telephone number is (571)270-7959.  The examiner can normally be reached on M-F 8am - 5pm EST.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on (571) 272-3739.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 






/HENRY TSANG/Primary Examiner, Art Unit 2495