Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
Continued Examination Under 37 CFR 1.114
A request for continued examination (RCE) under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed on 03/09/2021 in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant’s submission filed on 02/26/2021 has been entered.
As per instant Amendment, Claims 21, 23, 29, 33 and 37 have been amended; claims 22, 30-31, 34-35 and 38 have been cancelled. New claims 41-46 have been added.
An Examiner’s Amendment to the record appears below.  Should the changes and/or additions be unacceptable to Applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this Examiner’s Amendment was given in a telephone interview with Applicant’s representative, Mr. Leonard Z. Hua (Reg. No. 69,247) on March 16th, 2021. During the telephone conference, Mr. Leonard has agreed and authorized the examiner to  on 03/19/2021.
Claims
Replacing claims 21, 29, 33, 37, 42 and 46 as following:
21.  (Currently Amended) A computing device for securely deriving keys and performing cryptographic operations, the computing device comprising:
an embedded universal integrated circuit card (eUICC) having a first private key and a set of cryptographic parameters stored thereon, wherein the first private key is associated with a first public key, and the set of cryptographic parameters is for elliptic curve cryptography; and
a communication interface for communication with a cryptographic system over a wireless network, wherein the cryptographic system comprises one or more servers;
wherein the eUICC and the communication interface are configured to facilitate:
receiving, by the computing device, a challenge from the cryptographic system; 
generating, by the eUICC, using the first private key, a first digital signature for at least the challenge; 
sending, by the computing device and to the cryptographic system, the first digital signature; 

determining, by the eUICC, based on the one or more parameters of the received signal, the subset of the set of cryptographic parameters; 
deriving, by the eUICC, [[the]]a second private key and [[the]]a second public key based on the determined subset of the set of cryptographic parameters
generating, by the eUICC, using the first private key, a second digital signature for at least the second public key;
sending, by the computing device and to the cryptographic system, the second digital signature and the second public key;
receiving, by the computing device and from the cryptographic system, an encrypted profile for the eUICC, wherein the encrypted profile is ciphered with a symmetric ciphering key; 
deriving, by the eUICC, the symmetric ciphering key using the second private key; and 
decrypting, by the eUICC, the encrypted profile using the symmetric ciphering key. 

sending, by a cryptographic system, a challenge to a computing device, wherein the computing device is in communication with the cryptographic system over a wireless network, wherein the cryptographic system comprises one or more servers, and wherein the computing device comprises an embedded universal integrated circuit card (eUICC) having a first private key and a set of cryptographic parameters stored thereon, wherein the first private key is associated with a first public key, and the set of cryptographic parameters is for elliptic curve cryptography; 
receiving, by the cryptographic system and from the computing device, a first digital signature for at least the challenge; 
sending, by the cryptographic system, a signal to the computing device via the wireless network, wherein the signal comprises one or more parameters indicating a subset of the set of cryptographic parameters, wherein the one or more parameters of the signal are to be used by the eUICC to determine the subset of the set of cryptographic parameters, wherein the subset of the set of cryptographic parameters are to be used by the eUICC for deriving a second private key and a second public key, wherein the second private key is to be used by the eUICC to derive a first symmetric ciphering key, and wherein the first symmetric ciphering key is to be used by the eUICC to decrypt an encrypted profile received by the computing device from the cryptographic system;
receiving, by the cryptographic system and from the computing device, the second public key and a second digital signature for at least the second public key;

deriving, by the cryptographic system, a second symmetric ciphering key using the second public key; and 
sending, by the cryptographic system and to the computing device, the encrypted profile for the eUICC, wherein the encrypted profile is ciphered with the second symmetric ciphering key.
33.  (Currently Amended) A cryptographic system, comprising: 
one or more servers configured for:
sending a challenge to a computing device, wherein the computing device is in communication with the cryptographic system over a wireless network, and wherein the computing device comprises an embedded universal integrated circuit card (eUICC) having a first private key and a set of cryptographic parameters stored thereon, wherein the first private key is associated with a first public key, and the set of cryptographic parameters is for elliptic curve cryptography; 
receiving, from the computing device, a first digital signature for at least the challenge; 
sending, to the computing device, a signal via the wireless network, wherein the signal comprises one or more parameters indicating a subset of the set of cryptographic parameters, wherein the one or more parameters of the signal are to be used by the eUICC to determine the subset of the set of cryptographic parameters, wherein the subset of the set of cryptographic parameters are to be used by the eUICC for deriving a second private key and a second public key, wherein the second private key is to be used by the eUICC to derive a first symmetric ciphering key, and wherein the first symmetric ciphering key is to be used by the eUICC to decrypt an encrypted profile received by the computing device from the cryptographic system;
receiving, from the computing device, the second public key and a second digital signature for at least the second public key; 
verifying the second digital signature for the second public key using the first public key; and 
deriving a second symmetric ciphering key using the second public key; and 
sending, by the cryptographic system and to the computing device, the encrypted profile for the eUICC, wherein the encrypted profile is ciphered with the second symmetric ciphering key.
37.  (Currently Amended) A non-transitory computer-readable medium having processor-executable instructions stored thereon for securely deriving keys and performing cryptographic operations, wherein the processor-executable instructions, when executed, facilitate:
generating, by an embedded universal integrated circuit card (eUICC), a first digital signature for at least a challenge, wherein the eUICC has the first private key and a set of cryptographic parameters stored thereon, wherein the first private key is 
outputting, by the eUICC, the first digital signature;
receiving, by the eUICC, a signal sent from a cryptographic system via a wireless network, wherein the signal comprises one or more parameters indicating a subset of the set of cryptographic parameters
determining, by the eUICC, based on the one or more parameters of the received signal, the subset of the set of cryptographic parameters; 
deriving, by the eUICC, [[the]]a second private key and [[the]]a second public key based on the determined subset of the set of cryptographic parameters
generating, by the eUICC, using the first private key, a second digital signature for at least the second public key;
outputting, by the eUICC, the second digital signature and the second public key;
obtaining, by the eUICC, an encrypted profile for the eUICC from the cryptographic system, wherein the encrypted profile is ciphered with a symmetric ciphering key; 
deriving, by the eUICC, the symmetric ciphering key using the second private key; and 

42.  (Cancelled).
46.  (Cancelled).
Terminal Disclaimer
The terminal disclaimer filed on 03/19/2021 disclaiming the terminal portion of any patent granted on this application which would extend beyond the expiration date of patent no. 10,296,752 has been reviewed and is accepted.  The terminal disclaimer has been recorded. 
Response to Arguments 
Applicants’ arguments, see pages 10-14 in Remarks, filed on 02/26/2021, with respect to claims 21-40 are rejected under 35 U.S.C.103 (a) as being unpatentable over Park (US 2018/0123803), in view of Yang (US 2016/0006729) and in further view of Chastain (US 2015/0319151) and combination of other prior arts, have been fully considered and with the newly amended features, the arguments are persuasive. Accordingly, these rejections have been withdrawn.
Allowable Subject Matter
Claims 21, 23-29, 32-33, 36-37, 39-41 and 43-45 are allowed 
The following is an examiner’s statement of reasons for allowance: 
As to claims 21, 23-29, 32-33, 36-37, 39-41 and 43-45, the closest prior arts, Park (US 2018/0123803), in view of Yang (US 2016/0006729), in view of Chastain (US 2015/0319151), in view of Campagna (US 2014/0003604) and in further view of Nakhjiri (US 2014/0082359), alone or in combination fails to anticipate or render obvious the claim invention.  
Park (prior art of record) discloses an embedded universal integrated circuit card (eUICC) embedded in a terminal having a first private key and a set of cryptographic parameters stored thereon, wherein the first private key is associated with a first public key, and the set of cryptographic parameters is for elliptic curve cryptography; a communication interface for communication with a cryptographic system over a network, wherein the cryptographic system comprises one or more servers; generating, by the eUICC, a first digital signature for at least the challenge and deriving, by the eUICC, the second private key and the second public key based on the one or more parameters of the received signal.
Yang (prior art of record) discloses wherein deriving the Ks_Local by the UICC side using the valid Ks_int_NAF and the variable parameter which is the same as that used by the network side and storing the derived Ks_Local; or deriving a Ks_int_NAF which is different from the Ks_int_NAF derived previously using valid Ks and the variable parameter which is the same as that used by the network side, and then deriving the Ks_Local using the Ks_int_NAF.
Chastain (prior art of record) discloses wherein the symmetric ciphering key comprises a number with a length of 128 bits for a symmetric ciphering algorithm; 
Campagna (prior art) discloses systems and methods for authenticating a mobile device by a network and/or for generating one or more keys that can be used for securely transmitting data between the mobile device and the network; The key derivation function may optionally accept as part of its input other parameters, such as (but not limited to): a parameter relating to the length of the string output by the key derivation function, and/or data relating to at least one of a wireless carrier, an identity of the mobile device, an identification of the method being used to generate the response value, and additional information known a priori to both the mobile device and the network.
Nakhjiri (prior art) discloses a profile encryption key (PEK) using ECC, a key agreement exchange may take place between the MNO SM-DP and each UICC. One example of a key exchange algorithm that may be employed is an Elliptic Curve Diffie-Hellman exchange (ECDH) algorithm. Wherein keys stored by device/UICC, receive encrypted profile, decrypt different layers according to MNO public key; use key generation function with parameters to generate keys within UICC.
However, none of over Park, Yang, Chastain, Campagna and Nakhjiri teaches or suggests, alone or in combination, the particular combination of steps or elements as recited in the independent claims, 21, 29, 33 and 37.  For example, none of the cited prior art teaches or suggest the steps of  receiving, by the computing device, a signal sent from the cryptographic system via the wireless network, wherein the signal comprises one or more parameters indicating a subset of the set of cryptographic parameters wherein the set of cryptographic parameters is for elliptic curve cryptography stored in an embedded universal integrated circuit card (eUICC); determining, by the eUICC, based on the one or more parameters of the received signal, the subset of the set of cryptographic parameters; deriving, by the eUICC, a second private key and a second public key based on the determined subset of the set of cryptographic parameters; receiving, by the computing device and from the cryptographic system, an encrypted profile for the eUICC, wherein the encrypted profile is ciphered with a symmetric ciphering key; deriving, by the eUICC, the symmetric ciphering key using the second private key; and decrypting, by the eUICC, the encrypted profile using the symmetric ciphering key.
These limitations, in conjunction with all other limitations, has not been disclosed, suggested or made obvious over the prior art of record either taken by itself or in any combination, would have anticipated or made obvious the invention of the present application at or before the time it was filed.  For these reasons, as well as the other limitations and in the light of amendments to the claims of the independent claims, puts these claims in condition for allowance.
Claims 23-28, 32, 36, 39-41 and 43-45 are directly or indirectly dependent upon claims 21, 29, 33 and 37 therefore, they are also allowable over the prior arts of record.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SANCHIT K SARKER whose telephone number is (571)270-7907.  The examiner can normally be reached on M-F 8:30 AM-5:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, FARID HOMAYOUNMEHR can be reached on 571-272-3739.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/SANCHIT K SARKER/Examiner, Art Unit 2495                                                                                                                                                                                                        

/FARID HOMAYOUNMEHR/Supervisory Patent Examiner, Art Unit 2495