Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
2.	EXAMINER’S NOTE: The claims have been reviewed and considered under the new guidance pursuant to the 2019 Revised Patent Subject Matter Eligibility Guidance (PEG 2019) issued January 7, 2019.
3.	This communication is in response to Applicant’s RCE amendment filed on 10 February 2021. The Examiner performed compact prosecution and proposed suggestions to the Applicant by incorporating the subject matter disclosed in paragraph 57 of the Applicant's specification into all independent claims to overcome the prior art of record. The proposal was accepted and authorization was given for an Examiner’s Amendment on 23 March 2021. 
4.	After the Examiner’s amendment was performed, claims 1, 8, 16-17, and 22 have been amended. Claims 1-23 remain pending. 

Continued Examination Under 37 CFR 1.114
5.	A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 10 February 2021 has been entered.

Information Disclosure Statement
6.	The Information Disclosure Statement respectfully submitted on 10 February 2021 has been considered by the Examiner.

Response to Arguments
7.	In response to Applicant’s arguments, as disclosed in the remarks, filed
on 10 February 2021, with respect to the prior art not expressly disclosing deriving a key-encrypting key using the first ephemeral public key and an application identifier associated with the first user profile have been fully considered and are persuasive in view of applicant's arguments, see for example pages 7-8. Therefore, the 35 U.S.C. 103 rejection in view of Scheidt et al. and Kaufman et al. for claims 1-23 has been withdrawn in addition to incorporating the features disclosed in paragraph 57 of the Applicant's specification into all independent claims placed the application in better condition for an allowance.

EXAMINER’S AMENDMENT
8.	An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in an interview with Attorney Christian LaForgia, Reg. No. 71, 227 on 23 March 2021.
The application has been amended as follows:

Claim 1. (Currently Amended) A method comprising: 
transmitting, by a first device, a request for a first user profile to a first server; 
determining, at the first device, whether a response to the request has been received from the first server; 
when no response has been received from the first server, retrieving information for the first user from a storage on the first device, wherein the information comprises a first ephemeral public key and a key identifier;
generating, by the first device, a first encryption key; 
deriving, by the first device, a key-encrypting key using the first ephemeral public key and an application identifier associated with the first user profile, wherein the application identifier is a random identifier generated by a secure communication application on the first device and identifies the first device and the secure communication application to the first server; 
encrypting, by the first device, a first communication to the first user using the first encryption key to generate a first encrypted communication;
encrypting, by the first device, the first encryption key using the key-encrypting key; and
transmitting, by the first device, the first encrypted communication, the key identifier, and the encrypted first encryption key to the first user. 

Claim 2. (Original) The method of claim 1, wherein the first encryption key is derived from a first set of pseudorandom bytes.

Claim 3. (Original) The method of claim 1, comprising:
generating, by the first device, a second ephemeral key pair.

Claim 4. (Original) The method of claim 3, wherein the key-encrypting key is derived according to a key agreement protocol.



Claim 6. (Original)  The method of claim 5, comprising: 
transmitting, by the first device, the second ephemeral public key to the first user with the first encrypted communication, the key identifier, and the encrypted first encryption key.

Claim 7. (Original) The method of claim 1, comprising:
displaying, by the first device, an error message when information for the first user is not present in the storage of the first device. 

Claim 8. (Currently Amended) A system comprising:
an interface configured to transmit a request to a first server for a first user’s profile information, receive a response from the first server that comprises the first user’s profile information, transmit a first encrypted communication, a key identifier, and an encrypted first encryption key to the first user, and receive a second encrypted communication from the first user; 
a processor configured to generate a first encryption key, derive a key-encrypting key based on a first ephemeral public key and an application identifier associated with the first user’s profile, encrypt a first communication using the first encryption key to generate the first encrypted communication, encrypt the first encryption key using the key-encrypting key to generate the encrypted first encryption key to generate the first encrypted communication, to generate a decrypted second communication, wherein the application identifier is a random identifier generated by a secure communication application on the first device and that identifies the first device and the secure communication application to the first server; and 
a memory configured to store the first user’s profile information, a first plurality of private keys and identifiers, and a second plurality of public keys and identifiers.

Claim 9. (Previously Presented) The system of claim 8, wherein the first user’s profile information comprises at least one of a username, the first ephemeral public key, the application identifier, a user-signing key, and a first application-signing key. 

Claim 10. (Original) The system of claim 8, further comprising: 
a crypto accelerator configured to assist the processor with cryptographic functions. 

Claim 11. (Original) The system of claim 8, further comprising: 
a display configured to provide the decrypted second communication to a second user. 

Claim 12. (Original) The system of claim 8, further comprising: 
an input/output unit configured to allow a second user to compose the first communication prior to it being encrypted. 

Claim 13. (Original) The system of claim 8, wherein the processor is further configured to generate a first plurality of asymmetric key pairs, assign each key pair in the first plurality of asymmetric key pairs a unique identifier, and store the first plurality of private keys and identifiers in the memory. 

Claim 14. (Original) The system of claim 13, wherein the second plurality of public keys and identifiers are received, via the interface, from the first user.

Claim 15. (Original) The system of claim 8, wherein the processor is configured to generate a second ephemeral key pair. 

Claim 16. (Currently Amended) The system of claim 15, wherein the processor is configured to derive the key-encrypting key from a first ephemeral public key from the first information and a second ephemeral private key generated by the processor.
Claim 17. (Currently Amended) A non-transitory computer-readable medium comprising instructions that when, executed by at least one processor, perform the steps of:
transmitting a request for a first user profile to a first server; 
determining whether a response to the request has been received from the first server; 
retrieving information for the first user from a storage on a first device when no response has been received from the first server, wherein the information comprises a first ephemeral public key and a key identifier;
generating a first encryption key; 
deriving a key-encrypting key using the first ephemeral public key and an application identifier associated with the first user profile, wherein the application identifier is a random identifier generated by a secure communication application on the first device and identifies the first device and the secure communication application to the first server; 
encrypting a first communication to the first user using the first encryption key to generate a first encrypted communication;
encrypting the first encryption key using the key-encrypting key; and
transmitting the first encrypted communication, the key identifier, and the encrypted first encryption key to the first user.

Claim 18. (Original) The non-transitory computer-readable medium of claim 17, wherein the first encryption key is derived from a first set of pseudorandom bytes.

Claim 19. (Original) The non-transitory computer-readable medium of claim 17, comprising instructions for:
generating a second ephemeral key pair.

Claim 20. (Original) The non-transitory computer-readable medium of claim 19, wherein the key-encrypting key is derived according to a key agreement protocol.

Claim 21. (Previously Presented) The non-transitory computer-readable medium of claim 20, wherein the key agreement protocol uses the first ephemeral public key and a second ephemeral private key generated by the first device to derive the key-encrypting key.

Claim 22. (Currently Amended) The non-transitory computer-readable medium of claim 21, comprising instructions for: 
transmitting a second ephemeral public key to the first user with the first encrypted communication, the key identifier, and the encrypted first encryption key.

Claim 23. (Original) The non-transitory computer-readable medium of claim 17, comprising instructions for:
displaying an error message when information for the first user is not present in the storage of the first device. 


Allowable Subject Matter
 9.	Claims 1-23 are allowed.
10.	The following is an examiner’s statement of reasons for allowance: The present invention is directed towards a method and system for providing encrypted communications using a local ephemeral key pool when a key distribution center and communication server are unavailable. Claims 1, 8, and 17 identifies the uniquely distinct features “deriving a key-encrypting key using the first ephemeral public key and an application identifier associated with the first user profile, wherein the application identifier is a random identifier generated by a secure communication application on the first device and identifies the first device and the secure communication application to the first server; encrypting a first communication to the first user using the first encryption key to generate a first encrypted communication; encrypting the first encryption key using the key-encrypting key; and transmitting the first encrypted communication, the key identifier, and the encrypted first encryption key to the first user”.
The closest prior art, Scheidt et al. (Pub No. 2005/0235148) discloses a method of authenticating a user to use a system includes using a provider token to generate a random value. The token generates a derived key based at least in part on a token-provided salt value and a user-provided password. The provider generates a token unlock key based at least in part on the derived key and sends it to the token. First and second challenge data instances are generated by the provider and the token, respectively, and the process is terminated if the challenge data instances are determined not to match. If the challenge data instances are determined to match, then an encrypted data transfer system is established between the token and the provider, and the token unlocks locked private data stored on the token. The user is authenticated for secured use of the system based at least in part on the unlocked private data.
However, either singularly or in combination, Scheidt et al. fail to anticipate or render obvious the claimed limitations of deriving a key-encrypting key using the first ephemeral public key and an application identifier associated with the first user profile, wherein the application identifier is a random identifier generated by a secure communication application on the first device and identifies the first device and the secure communication application to the first server; encrypting a first communication to the first user using the first encryption key to generate a first encrypted communication; 
The closest prior art, Kaufman et al. (US Patent No. 8,341,401) discloses techniques for interoperable cryptographic peer and server identities can include receiving a message, in a connection establishment transaction, from an endpoint, the message including an endpoint discriminator, selecting a certificate based on the endpoint discriminator, determining a cryptographic scheme based on the selected certificate, and establishing the requested connection with the endpoint using the determined cryptographic scheme. The techniques can also include accessing one or more hashes, each hash being a hash of at least a portion of a certificate, processing the endpoint discriminator for an identity object, and comparing the identity object with the one or more hashes to identify a matching hash. The selected certificate can correspond to the matching hash. These techniques can allow an endpoint to interoperate with other endpoints that use different or similar cryptographic schemes.	However, either singularly or in combination, Kaufman et al. fail to anticipate or render obvious the claimed limitations of deriving a key-encrypting key using the first ephemeral public key and an application identifier associated with the first user profile, wherein the application identifier is a random identifier generated by a secure communication application on the first device and identifies the first device and the secure communication application to the first server; encrypting a first communication to the first user using the first encryption key to generate a first encrypted communication; encrypting the first encryption key using the key-encrypting key; and transmitting the 
The closest prior art, Lambert et al. (Pub No. 2019/0089532) discloses the present disclosure describes apparatuses and techniques for secure device authentication. In some aspects, a public ephemeral key of a device is exposed. A message received from a remote device to authenticate includes a hash of the public ephemeral key of the device, a public ephemeral key and an encrypted public key of the remote device, and an encrypted hash value useful to prove ownership of the public key received from the remote device. An encryption key is generated based on the public ephemeral key of the remote device and a private ephemeral key of the device. The device then decrypts, with the encryption key, the encrypted public key of the remote device and the encrypted hash value. The remote device is then authenticated by verifying, based on the decrypted hash value, that the remote device owns the decrypted public key.	
However, either singularly or in combination, Lambert et al. fail to anticipate or render obvious the claimed limitations of deriving a key-encrypting key using the first ephemeral public key and an application identifier associated with the first user profile, wherein the application identifier is a random identifier generated by a secure communication application on the first device and identifies the first device and the secure communication application to the first server; encrypting a first communication to the first user using the first encryption key to generate a first encrypted communication; encrypting the first encryption key using the key-encrypting key; and transmitting the 
The closest prior art, Le Saint et al. (Pub No. 2016/0065370) discloses embodiments of the invention introduce efficient methods for securely generating a cryptogram by a user device, and validating the cryptogram by a server computer. In some embodiments, a secure communication can be conducted whereby a user device provides a cryptogram without requiring the user device to persistently store an encryption key or other sensitive data used to generate the cryptogram. For example, the user device and server computer can mutually authenticate and establish a shared secret. Using the shared secret, the server computer can derive a session key and transmit key derivation parameters encrypted using the session key to the user device. The user device can also derive the session key using the shared secret, decrypt the encrypted key derivation parameters, and store the key derivation parameters. Key derivation parameters and the shared secret can be used to generate a single use cryptogram key. The cryptogram key can be used to generate a cryptogram for conducting secure communications.	
However, either singularly or in combination, Le Saint et al. fail to anticipate or render obvious the claimed limitations of deriving a key-encrypting key using the first ephemeral public key and an application identifier associated with the first user profile, wherein the application identifier is a random identifier generated by a secure communication application on the first device and identifies the first device and the secure communication application to the first server; encrypting a first communication to the first user using the first encryption key to generate a first encrypted communication; 
The closest prior art, Rossi (Pub No. 2018/0152299) discloses a security function is provided by an intermediate device located between hosts and devices requesting for access to the hosts in a computerized network. The intermediate device receives a request for access to a host, and obtains at least one authenticator for use in the requested access to the host. The intermediate device then monitors for communications that use the at least one authenticator.
However, either singularly or in combination, Rossi fail to anticipate or render obvious the claimed limitations of deriving a key-encrypting key using the first ephemeral public key and an application identifier associated with the first user profile, wherein the application identifier is a random identifier generated by a secure communication application on the first device and identifies the first device and the secure communication application to the first server; encrypting a first communication to the first user using the first encryption key to generate a first encrypted communication; encrypting the first encryption key using the key-encrypting key; and transmitting the first encrypted communication, the key identifier, and the encrypted first encryption key to the first user.
11.	Therefore, claims 1, 8, and 17 and the respective dependent claims 2-7, 9-16, and 18-23 are in condition for allowance.

Conclusion
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
Any inquiry concerning this communication or earlier communications from the examiner should be directed to COURTNEY D FIELDS whose telephone number is (571)272-3871.  The examiner can normally be reached on IFP M-F 8am-4:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, SHEWAYE GELAGAY can be reached on (571)272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 






/COURTNEY D FIELDS/Examiner, Art Unit 2436                                                                                                                                                                                                        March 23, 2021

/SHEWAYE GELAGAY/Supervisory Patent Examiner, Art Unit 2436