DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Allowable Subject Matter

Claims 5-6, 13, and 19-20 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and all intervening claims.
Response to Amendment
This action is in response to the communications and remarks filed on 12/18/2020. Claims 1, 4-5, 8, 12, 15, and 19 have been amended. Claims 1-20 have been examined and are pending.
Response to Arguments
Acknowledgement to applicant’s amendment to claim 1 has been noted. The claim has been reviewed, entered and found obviating to previously raised objection for minor informalities. Objection to the claim 1 is hereby withdrawn.

Applicants’ arguments in the instant Amendment, filed on 12/18/2020, with respect to limitations listed below, have been fully considered but they are not persuasive.
Applicant’s arguments: “...Applicant traverses the rejection of the claims under 35 U.S.C. § 103. As amended, claim 1 recites "a PUF information encrypter, comprising a memory unit and a first crypto-system, configured to store a plurality of public keys and encrypt the PUF information from the PUF information generator using one of the plurality of public keys wherein the plurality of public keys is stored in the memory unit." (Underlined text added.)...” 
The Examiner disagrees with the Applicants. The Examiner respectfully submits that Satpathy does disclose claim 1 recites "a PUF information encrypter, comprising a memory unit and a first crypto-system, configured to store a plurality of public keys and encrypt the PUF information from the PUF information generator using one of the plurality of public keys ...Here, a hybrid approach that enables an unified physically unclonable function (PUF) and a true random number generator (TRNG) to generate bits to be extracted as random input or entropy for a public-key infrastructure (PM) protocol/system; which need in-line private key generation and digital signature generation/authentication (ECDSA) with high quality random nonce, seed etc., requiring both PUF and TRNG functionality [Satpathy, ¶0014-0015]. A Public Key Infrastructure (PM) diagram 100, which can be a chip-level or package-level integrated system 910, at the Internet of Things (IoT) node 150 level [Satpathy,¶0068] analogous to an integrated circuit device 100 the invention describes [Specification, ¶¶0005 and 0011]. As the memory 114 feeds the crypto-system 116 of the memory unit 120, the crypto-system is an asymmetric encrypter 116 configured to receive public key stored in memory unit 114 [Specification, 0029]. Here, FIG. 1 depicts an Internet of Things (IoT) node 150 (a device for securing physically unclonable function (PUF) information), where the coupled PUF 102, a Private key generator 104 and a true random number a memory unit storing the entropy and randomness needed to produce a public key; while the coupling of a Hash circuitry 110,  a Public key generator 108, ECC/RSA 112 and CA 114 are analogous to a first crypto-system; where the Public key generator 108 generates public keys and CA 114 stores public keys [Satpathy, ¶¶0034-0035]. While Satpathy teaches storing a plurality of public keys stored in memory unit and encrypts the PUF information from the PUF information generator; however, Hamlet teaches encrypting the PUF information using one of the plurality of public keys stored in memory unit. As such, both Satpathy and Hamlet are maintained as these references teach the amended independent claims as shown below [See Hamlet, Fig. 1 and Col 5, lines 15-24, Col 9, lines 3-5 and 14-16, Col 9, lines 28-34 and Col 10, lines 54-56 and 58-61].
Applicant’s arguments: “Claim 8 is amended to recite "storing a plurality of public keys in a memory of the IC device...and ...claim 15 recites "a memory unit configured to store a plurality of public keys; a first crypto-system configured to select one of the plurality of public keys...Applicant submits that the limitations added by amendment are neither obvious nor trivial design choices. Rather, the added feature of the claimed invention provides significant advantages over the prior art, as disclosed in the original disclosure. See, e.g., paragraph [0029] of the publication of the present application (" ... using multiple public keys provides additional security to the PUF information since an unauthorized server is not able to determine which public key is used to encrypt the PUF information.")...”
The Examiner disagrees with the Applicants. The Examiner respectfully submits as noted in Satpathy, the singular forms “a”, “an” and the” are intended to include the plural forms as well, unless the context clearly indicates otherwise in ¶0020. Additionally, as noted above, the storing of public keys encompasses both the private key 124 generated key generator 104 sent to the public key generator 108 used to generate a plurality of public keys to be selected by the first crypto-system (i.e. ECC/RSA 112) for claims 8 and 15, is taught by Satpathy. The Certificate authority (CA) 114 stores digital certificates based on the unique “id” 120 and Public key(s) 122; hence, the CA is a trusted third party certifying the ownership of a public key, allows others (relying parties) to rely upon signatures or on assertions made about the private key that corresponds to the certified public key [https://en.wikipedia.org/wiki/Certificate_authority]. While Satpathy teaches the CA 114 that stores public keys, the encryption  The ECC/RSA 112 receives three inputs (i.e. generated private key, a nonce, and hashed is to send the encrypted message to the Verification authority 116 along with an encrypted signature “s” 132; while the CA sends the PUF response and public key to Verification Authority 116. Therefore, this is inclusive of the crypto-system that has a key generation, an encrypter, and a decrypter; where the CA 114 determines the appropriate public key to be selected for the signature, s 132 at the Verification Authority 116 [Satpathy, ¶0035]. 
As in amended claim 1, for both claims 8 and 15; Satpathy teaches storing a plurality of public keys stored in memory unit and encrypts the PUF information from the PUF information generator; however, Hamlet teaches encrypting the PUF information using one of the plurality of public keys stored in memory unit. As such, both Satpathy and Hamlet are maintained as these references teach the amended independent claims as shown below [See Hamlet, Fig. 1 and Col 5, lines 15-24, Col 9, lines 3-5 and 14-16, Col 9, lines 28-34 and Col 10, lines 54-56 and 58-61].
Applicant’s arguments: “The remaining pending dependent claims inherit the patentability of their respective base independent claims and recite further distinguishing limitations in combination.” 
The Examiner disagrees with the Applicants. The Examiner respectfully submits that by virtue of the Examiner’s assertion noted above with respects to Satpathy in view of Hamlet rejection of the base independent claims, thus Examiner maintains the current rejection and so the pending dependents claims inherit the rejection, as well.
Claim Rejections - 35 USC § 103
The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claims 1-4, 7-12, and 14-18  are rejected under 35 U.S.C. 103 as being unpatentable over Satpathy et al., hereinafter (“Satpathy”), US PG Publication (2019/0305970 A1), in view of. Hamlet et al., hereinafter (“Hamlet”), US Patent (8,868,923 B1).
Regarding currently amended claim 1, Satpathy teaches a device for securing physically unclonable function (PUF) information comprising: 
a PUF information encrypter, comprising a memory unit and a first crypto-system, configured to store a plurality of public keys and encrypt the PUF information from the PUF information generator, wherein the plurality of public keys is stored in the memory unit . [Satpathy, ¶0020: the singular forms “a”, “an” and “the” are intended to include the plural forms as well, unless the context clearly indicates otherwise. ¶0033: Fig. 1 shows a Public Key Infrastructure (PM) diagram 100 according to some embodiments of the disclosure. ¶¶0034-0035:  FIG. 1 comprises an Internet of Things (IoT) node 150 (a device for securing physically unclonable function (PUF) information), consisting of a PUF 102, a Private key generator 104 and a true random number generator (TRNG) 106 (a memory unit); Hash circuitry 110,  a Public key generator 108 and Error Correction Coder (ECC), Rivest, Shamir, & Adleman (RSA) circuitry 112  and Certificate Authority (CA) 114 (a first crypto-system); where the Public key generator 108 generates public keys and CA 114 stores public keys. ¶¶0054 and 0062: a smart device or a computer system or a SoC (System-on-Chip) is a computing device 800 (a device) (i.e. represents a mobile computing device, etc.; where memory subsystem 860  stores information (i.e. application data, user data, or other data, as well as system data (whether long-term or temporary) related to the execution of the applications and functions) in the computing device. Fig. 1 and ¶¶0034-0035: Internet of Things (IoT) node 150 containing PUF 102 produces a static entropy  (PUF information from the PUF information generator) to private key generator circuitry 104 that generates private key 124; where the Public key generator 104 generates a public key 122. The ECC/RSA 112 receives three inputs (i.e. generated private key, a nonce, and hashed is to send the encrypted message 130 to the Verification authority 116 along with an encrypted signature “s” 132; hence, Examiner interprets the encrypted static entropy input is part of the encrypted message to be encrypted by the ECC/RSA circuitry 112 (encrypt the PUF information from the PUF information generator).  The Certificate authority 114 is to issue, store, and sign digital certificates based on the unique “id” 120 and Public key 122 (store at least one public key). The ECC/RSA circuitry 112 is to send the encrypted message to the Verification authority 116 along with an encrypted signature “s” 132. The Verification authority 116 is to verify the digital certificate Fig. 8 and ¶¶0054 and 0062: a smart device or a computer system or a SoC (System-on-Chip) is a computing device 800 which includes: nonvolatile memory to store data, system data, etc. Examiner interprets that corresponding certificates are based on a plurality of public keys 122 that may be stored in the certificate authority 114 (see ¶0020). Hence the memory subsystem 860 stores and executes the applications (i.e. components of the PM system), which generates, stores, and distributes digital certificates which are used to certify and verify that a certain public key belongs to a particular entity therein (see ¶0033).].
While Satpathy teaches a PUF information and encrypt the PUF information from the PUF information generator u [Satpathy, Fig. 1 and ¶0034-0035: Internet of Things (IoT) node 150 containing PUF 102 produces a dynamic entropy input to private key generator circuitry 104; where the Public key generator 104 is to generate a public key 122 based on the input from the private key 124 generated by the Private key generator 104 and is to provide the public key 122 to the Certificate authority 114]; however, Satpathy fails to explicitly teach but Hamlet teaches a PUF information generator, comprising a PUF cell array and a helper data generator, configured to generate [[a PUF circuit 140 (a PUF information generator). Col 12, lines 32-45: The cryptographic fingerprint unit 400 includes a PUF circuit 405 (a PUF cell array), a noise reduction circuit 410, a key generator 415, a decryptor 420, PUF perturbation devices 425, a control unit 430, and combining logic 440. Col 12, lines 45-49: In other embodiments, combining logic 440 may be implemented in the seed generation mode 412 (a helper data generator) and the seed recovery mode 440 when the one or more authentication factors are incorporated into helper data (W1) during enrollment phase (described in more detail below in connection with FIGS. 7 and 8). Col 13, lines 20-40 and 40-47: A noise reduction circuit 410 is interposed between PUF circuit 405 and key generator 415 or between PUF circuit 405 and combining logic 440 to convert the noisy PUF value to a filtered PUF value that is stable and repeatable (e.g., corrects for intra-device variation). While it is desirable for a given PUF circuit 405 to output different, random values between different physical devices, it is not desirable for a given PUF circuit 405 of a single instance of device 105 to output different values over its lifecycle (unless PUF perturbation devices 425 have been reprogrammed by the end user as part of a deliberate re-fingerprinting of the user and the hardware device 105). Thus, noise reduction circuit 410 operates to remove the uncertainty in the noisy PUF value. In one embodiment, the filtered PUF value is a seed value 445 or seed value 446 (a PUF response) that is input into key generator 415.]  and 
encrypt the PUF information from the PUF information generator using one of the plurality of public keys, wherein the plurality of public keys is stored in the memory unit. [Hamlet, Fig. 1 and Col 5, lines 15-24: Cryptographic fingerprint unit 135 may be implemented entirely in hardware and partially using software/firmware; includes a PUF circuit 140 (a PUF information generator). Col 9, lines 3-5 and 14-16: PUF circuit 140 generates a unique PUF value that is measured by cryptographic fingerprint unit 135; the cryptographic fingerprint unit 135 combines the PUF values with at least one other authentication factor to generate a unique multi-factor authentication value (the PUF information generator). Col 9, lines 28-34: the cryptographic key or public key P (i.e. public key P from public-private key pair) is stored into a user-device fingerprint list 115 (plurality of public keys is stored in the memory unit). Col 10, lines 54-56 and 58-61: PUF measurement and PIN/password or biometric used as the seed for generation of private key/public key and challenge response protocol; challenger encrypts the challenge with public key.]
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of an apparatus/method for generating hybrid static/dynamic entropy physically unclonable function of Satpathy before him or her by including the teachings of a multi-factor authentication of Hamlet. The motivation is that it would be obvious to try the generation seeded values to generate a public key for the cryptosystem [Hamlet, Col 13, lines 20-40 and 40-47].

Regarding claims 2, 9, and 16, the combination of Satpathy and Hamlet teach claim 1 as described above.
Satpathy teaches wherein the PUF cell array comprises a plurality of bit cells, wherein the plurality of bit cells is configured to produce a PUF response according to corresponding logical states of the plurality of bit cells. [Satpathy, ¶0036: The Entropy Source (ES) 202 comprises of PUF array which includes an array of bi-stable cross-coupled inverter cells. In some embodiments, the array comprises of 1024 bits (e.g., 128 bits by 8 bits). Though all cells in the ES 202 array comprise identically laid-out matched devices, random manufacturing induced variation introduces a bias towards 1 or 0 in each cell. Cells that are strongly biased towards a 0 or 1 (e.g,. stable cells) are good candidates for static entropy generation while those that are least biased or unbiased (e.g,. unstable) can be used as sources for dynamic entropy]

Regarding claims 3, 10, and 17, the combination of Satpathy and Hamlet teach claim 1 as described above.
However, Satpathy fails to explicitly teach but Hamlet teaches wherein the helper data is further configured to remove noises in the PUF response.  [Hamlet, Col 12, lines 28-35 and Col 13, lines 20-26: A noise reduction circuit 410 of the cryptographic fingerprint unit 400, as implementation is depicted in Fig. 1 showing cryptographic fingerprint unit 135]
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of an apparatus/method for generating hybrid static/dynamic entropy physically unclonable function of Satpathy before him or her by including the teachings of a multi-factor authentication of Hamlet. The motivation is that it would be obvious to try the generation seeded values to generate a public key for the cryptosystem [Hamlet, Col 13, lines 20-40 and 40-47].

Regarding currently amended claims 4 and 18, the combination of Satpathy and Hamlet teach claim 1 as described above.
Satpathy teaches wherein the memory unit is a non-volatile memory device ¶¶0054 and 0062: a smart device or a computer system or a SoC (System-on-Chip) is a computing device 800 which includes: nonvolatile memory to store data, system data, etc.]

Regarding claim 7, the combination of Satpathy and Hamlet teach claim 1 as described above.
Satpathy teaches a message consumer, configured to read at least one first message from a server; [See Satpathy, ¶0033: Fig. 1 shows a Public Key Infrastructure (PM) diagram 100 according to some embodiments of the disclosure. ¶¶0034-0035:  FIG. 1 comprises of Internet of Things (IoT) node 150, and Certificate Authority 114 and Verification Authority 116 (a message consumer); consisting of a PUF 102, a TRNG 106, the Error Correction Coder (ECC) and Rivest, Shamir, & Adleman (RSA) circuitry 112 (a first crypto-system), a Private key generator 104, a Public key generator 108, and Hash circuitry 110] and
a message generator, configured to generate at least one second message to the server; [See Satpathy, ¶0033: Fig. 1 shows a Public Key Infrastructure (PM) diagram 100 according to some embodiments of the disclosure. ¶¶0034-0035 and 0057:  FIG. 1 comprises of Internet of Things (IoT) node 150 exchanging secure messages from users that interact with the computing device 800; IoT node 150 consisting of a PUF 102, a TRNG 106, the Error Correction Coder (ECC) and Rivest, Shamir, & Adleman (RSA) circuitry 112 (a first crypto-system), a Private key generator 104, a Public key generator 108, and Hash circuitry 110.] 
However, Satpathy fails to explicitly teach but Hamlet teaches at least one symmetric encrypter, configured to decrypt the at least one first message or encrypt the at least one second message using the PUF information. [Hamlet et al. 8,868,923 B1, Col 5, lines 15-24: Cryptographic fingerprint unit 135 may be implemented entirely in hardware and partially using software/firmware; includes a PUF circuit 140 (a PUF information generator). Col 12, lines 32-45: The cryptographic fingerprint unit 400 includes a PUF circuit 405 (a PUF cell array), a noise reduction circuit 410, a key generator 415, a decryptor 420, PUF perturbation devices 425, a control unit 430, and combining logic 440. Col 12, lines 45-49: In other embodiments, combining logic 440 may be implemented in the seed generation mode 412 (a helper data generator) and the seed recovery mode 440 when the one or more authentication factors are incorporated into helper data (W1) during enrollment phase (described in more detail below in connection with FIGS. 7 and 8). Col 13, lines 20-30: During operation, PUF circuit 405 outputs a PUF value. Col 14, lines 38-40: decryptor 420 receives challenge and uses private key S to decrypt message and generate a response] 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of an apparatus/method for generating hybrid static/dynamic entropy physically unclonable function of Satpathy before him or her by including the teachings of a multi-factor authentication of Hamlet. The motivation is that it would be obvious to try the generation seeded values to generate a public key for the cryptosystem [Hamlet, Col 13, lines 20-40 and 40-47].
Regarding currently amended claims 8 and 15, Satpathy teaches a method for securing physically unclonable function (PUF) information for an integrated circuit (IC) device, comprising: [Satpathy, ¶0068: a chip-level or package-level integrated system 910 (an integrated circuit (IC) device)]; and device for securing PUF information comprising:
storing a plurality of public keys in a memory of the IC device; [Satpathy, See  ¶¶0034-0035:  FIG. 1 comprises an Internet of Things (IoT) node 150 (a device for securing physically unclonable function (PUF) information), consisting of a PUF 102, a Private key generator 104 and a true random number generator (TRNG) 106 (a memory unit); Hash circuitry 110,  a Public key generator 108 and Error Correction Coder (ECC), Rivest, Shamir, & Adleman (RSA) circuitry 112  and Certificate Authority (CA) 114; where the Public key generator 108 generates public keys and CA 114 stores public keys (storing a plurality of public keys). ¶0062 and 0068: memory subsystem 860 (a memory of the IC device) information (i.e. application data, user data, or other data, as well as system data (whether long-term or temporary) related to the execution of the applications and functions) in the computing device; of the chip-level system 910 (the IC device)]
a memory unit configured to store at least one public key; [See Satpathy, ¶0020: the singular forms “a”, “an” and “the” are intended to include the plural forms as well, unless the context clearly indicates otherwise. ¶¶0034-0035:  FIG. 1 comprises of Internet of Things (IoT) node 150, and Certificate Authority 114 and Verification Authority 116; consisting of a PUF 102 (the PUF information generator), a TRNG 106 (a memory unit), Hash circuitry 110 and Error Correction Coder (ECC) and Rivest, Shamir, & Adleman (RSA) circuitry 112 (a PUF information encrypter, comprising a first crypto-system). ¶¶0054 and 0062: memory subsystem 860 (a memory unit) stores information (i.e. application data, user data, or other data, as well as system data (whether long-term or temporary) related to the execution of the applications and functions) in the computing device. Hence the memory subsystem 860 stores and executes the applications (i.e. components of the PM system), which generates, stores, and distributes digital certificates which are used to certify and verify that a certain public key belongs to a particular entity therein (see ¶0033).].
aa message consumer, configured to read at least one first message from a server; [See Satpathy, ¶0033: Fig. 1 shows a Public Key Infrastructure (PM) diagram 100 according to some embodiments of the disclosure. ¶¶0034-0035:  FIG. 1 comprises of Internet of Things (IoT) node 150, and Certificate Authority 114 and Verification Authority 116 (a message consumer); consisting of a PUF 102, a TRNG 106, the Error Correction Coder (ECC) and Rivest, Shamir, & Adleman (RSA) circuitry 112 (a first crypto-system), a Private key generator 104, a Public key generator 108, and Hash circuitry 110] and
a message generator, configured to generate at least one second message to the server; [See Satpathy, ¶0033: Fig. 1 shows a Public Key Infrastructure (PM) diagram 100 according to some embodiments of the disclosure. ¶¶0034-0035 and 0057:  FIG. 1 comprises of Internet of Things (IoT) node 150 exchanging secure messages from users that interact with the computing device 800; IoT node 150 consisting of a PUF 102, a TRNG 106, the Error Correction Coder (ECC) and Rivest, Shamir, & Adleman (RSA) circuitry 112 (a first crypto-system), a Private key generator 104, a Public key generator 108, and Hash circuitry 110.] 
While Satpathy teaches a first cryptosystem [See Satpathy, ¶¶0034-0035:  FIG. 1 comprises an Internet of Things (IoT) node 150 (a device for securing physically unclonable function (PUF) information), consisting of a PUF 102, a Private key generator 104 and a true random number generator (TRNG) 106 (a memory unit); Hash circuitry 110,  a Public key generator 108 and Error Correction Coder (ECC), Rivest, Shamir, & Adleman (RSA) circuitry 112  and Certificate Authority (CA) 114 (a first crypto-system)] and plurality of public keys [See Satpathy, ¶¶0034-0035:where the Public key generator 108 generates public keys and CA 114 stores public keys.]; however, Satpathy fails to explicitly teach but Hamlet teaches a PUF cell array configured to generate a PUF response [Hamlet, Col 5, lines 15-24: Cryptographic fingerprint unit 135 may be implemented entirely in hardware and partially using software/firmware; includes a PUF circuit 140 (a PUF information generator). Col 12, lines 32-45: The cryptographic fingerprint unit 400 includes a PUF circuit 405 (a PUF cell array), a noise reduction circuit 410, a key generator 415, a decryptor 420, PUF perturbation devices 425, a control unit 430, and combining logic 440. Col 12, lines 45-49: In other embodiments, combining logic 440 may be implemented in the seed generation mode 412 (a helper data generator) and the seed recovery mode 440 when the one or more authentication factors are incorporated into helper data (W1) during enrollment phase (described in more detail below in connection with FIGS. 7 and 8). Col 13, lines 20-40 and 40-47: A noise reduction circuit 410 is interposed between PUF circuit 405 and key generator 415 or between PUF circuit 405 and combining logic 440 to convert the noisy PUF value to a filtered PUF value that is stable and repeatable (e.g., corrects for intra-device variation). While it is desirable for a given PUF circuit 405 to output different, random values between different physical devices, it is not desirable for a given PUF circuit 405 of a single instance of device 105 to output different values over its lifecycle (unless PUF perturbation devices 425 have been reprogrammed by the end user as part of a deliberate re-fingerprinting of the user and the hardware device 105). Thus, noise reduction circuit 410 operates to remove the uncertainty in the noisy PUF value. In one embodiment, the filtered PUF value is a seed value 445 or seed value 446 (a PUF response) that is input into key generator 415]
at least one symmetric encrypter, configured to decrypt the at least one first message or encrypt the at least one second message. [Hamlet et al. 8,868,923 B1, Col 5, lines 15-24: Cryptographic fingerprint unit 135 may be implemented entirely in hardware and partially using software/firmware; includes a PUF circuit 140 (a PUF information generator). Col 12, lines 32-45: The cryptographic fingerprint unit 400 includes a PUF circuit 405 (a PUF cell array), a noise reduction circuit 410, a key generator 415, a decryptor 420, PUF perturbation devices 425, a control unit 430, and combining logic 440. Col 12, lines 45-49: In other embodiments, combining logic 440 may be implemented in the seed generation mode 412 (a helper data generator) and the seed recovery mode 440 when the one or more authentication factors are incorporated into helper data (W1) during enrollment phase (described in more detail below in connection with FIGS. 7 and 8). Col 13, lines 20-30: During operation, PUF circuit 405 outputs a PUF value. Col 13, lines 20-30: During operation, PUF circuit 405 outputs a PUF value. Col 14, lines 38-40: decryptor 420 receives challenge and uses private key S to decrypt message and generate a response] 
a PUF cell array configured to generate a PUF response; [Hamlet et al. 8,868,923 B1, Col 5, lines 15-24: Cryptographic fingerprint unit 135 may be implemented entirely in hardware and partially using software/firmware; includes a PUF circuit 140 (a PUF information generator). Col 12, lines 32-45: The cryptographic fingerprint unit 400 includes a PUF circuit 405 (a PUF cell array), a noise reduction circuit 410, a key generator 415, a decryptor 420, PUF perturbation devices 425, a control unit 430, and combining logic 440. Col 12, lines 45-49: In other embodiments, combining logic 440 may be implemented in the seed generation mode 412 (a helper data generator) and the seed recovery mode 440 when the one or more authentication factors are incorporated into helper data (W1) during enrollment phase (described in more detail below in connection with FIGS. 7 and 8). Col 13, lines 20-30: During operation, PUF circuit 405 outputs a PUF value]
a helper data generator configured to provide helper data; [Hamlet et al. 8,868,923 B1, Col 5, lines 15-24: Cryptographic fingerprint unit 135 may be implemented entirely in hardware and partially using software/firmware; includes a PUF circuit 140 (a PUF information generator). Col 12, lines 32-45: The cryptographic fingerprint unit 400 includes a PUF circuit 405 (a PUF cell array), a noise reduction circuit 410, a key generator 415, a decryptor 420, PUF perturbation devices 425, a control unit 430, and combining logic 440. Col 12, lines 45-49: In other embodiments, combining logic 440 may be implemented in the seed generation mode 412 (a helper data generator) and the seed recovery mode 440 when the one or more authentication factors are incorporated into helper data (W1) during enrollment phase (described in more detail below in connection with FIGS. 7 and 8). Col 13, lines 20-30: During operation, PUF circuit 405 outputs a PUF value]	 

a first crypto-system configured to select one of the plurality of public keys and encrypt the PUF response and helper data with the selected public key; [See Hamlet, Col 12, lines 45-49: In other embodiments, combining logic 440 may be implemented in the seed generation mode 412 (a helper data generator) and the seed recovery mode 440 when the one or more authentication factors are incorporated into helper data (W1) during enrollment phase (described in more detail below in connection with FIGS. 7 and 8). Col 13, lines 20-40 and 40-47: ... the filtered PUF value is a seed value 445 or seed value 446 (a PUF response) that is input into key generator 415. Col 9, lines 3-5 and 14-16: PUF circuit 140 generates a unique PUF value that is measured by cryptographic fingerprint unit 135; the cryptographic fingerprint unit 135 combines the PUF values with at least one other authentication factor to generate a unique multi-factor authentication value (the PUF information generator). Col 9, lines 28-34: the cryptographic key or public key P (i.e. public key P from public-private key pair) is stored into a user-device fingerprint list 115 (plurality of public keys is stored in the memory unit). Col 10, lines 54-56 and 58-61: PUF measurement and PIN/password or biometric used as the seed for generation of private key/public key and challenge response protocol; challenger encrypts the challenge with public key (d to select one of the plurality of public keys and encrypt).]
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of an apparatus/method for generating hybrid static/dynamic entropy physically unclonable function of Satpathy before him or her by including the teachings of a multi-factor authentication of Hamlet. The motivation is that it would be obvious to try the generation seeded values to generate a public key for the cryptosystem [Hamlet, Col 13, lines 20-40 and 40-47].

Regarding claim 11, the combination of Satpathy and Hamlet teach claim 8 as described above.
Satpathy teaches wherein the encrypted PUF information is determined by a first crypto-system. [See Satpathy, ¶¶0034-0035:  ...Fig. 1 and ¶¶0034-0035: Internet of Things (IoT) node 150 containing PUF 102 produces a static entropy  (PUF information from the PUF information generator) to private key generator circuitry 104 that generates private key 124; where the Public key generator 104 generates a public key 122. The ECC/RSA 112 receives three inputs (i.e. generated private key, a nonce, and hashed is to send the encrypted message 130 to the Verification authority 116 along with an encrypted signature “s” 132; hence, Examiner interprets the encrypted static entropy input is part of the encrypted message to be encrypted by the ECC/RSA circuitry 112 (encrypt the PUF information from the PUF information generator).]

Regarding currently amended claim 12, the combination of Satpathy and Hamlet teach claim 8 as described above.
Satpathy teaches wherein each of the at least one the plurality of public keys [[i-s]] is associated with a corresponding index stored in [[a]]the memory unit. [Satpathy, ¶0035: PUF 104 provides a unique “id” 120 (a corresponding index stored in [[a]]the memory unit.) to Certificate Authority 114. The Certificate authority 114 is to issue, store, and sign digital certificates based on the unique “id” 120 and Public key 122.]

Regarding claim 14, the combination of Satpathy and Hamlet teach claim 8 as described above.
Satpathy teaches transmitting first cypher text to the server [Satpathy, ¶0035: message 128 is sent to first be hashed by Hash circuitry 110 and then encrypted by ECC/RSA circuitry 112 as, encrypted message 130, before being sent to Verification Authority 116]; and 
receiving second cypher text from the server, wherein the first cypher text are encrypted and the second cypher text are decrypted by at least one symmetric encrypter using the PUF information. [Satpathy, ¶0035: the PUF 102 and TRNG 106 circuitry are to provide respectively a static and a dynamic entropy input to the private key generator circuitry 104. The private key generator 104 is to generate private keys based on the input from PUF 102 and TRNG 106 circuitry and is to provide the generated private key to the Public key generator 108 and to the ECC (Error Correction Coder) and RSA circuitry 112. The ECC/RSA circuitry 112 is to send the encrypted message to the Verification authority 116 along with an encrypted signature “s” 132. The Verification authority 116 is to verify the digital certificate and is to decrypt the message 130 using the public key 122, and the encrypted signature input “s” 132.]
	
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SAKINAH W TAYLOR whose telephone number is (571)270-0682.  The examiner can normally be reached on Monday-Friday, 9:45-5:45.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, ELENI SHIFERAW can be reached on 571-272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-                                                                                                                                                                                                        273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/SWT/Examiner, Art Unit 2497                                                                                                                                                                                                        


/ANDREW J STEINLE/Primary Examiner, Art Unit 2497