DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Priority
The instant application claims priority to JP 2016-224669, which was filed on November 18, 2016.  A certified copy of the Japanese patent application has been received.

Information Disclosure Statement
The Information Disclosure Statements (IDS) submitted on 08/06/2019, 03/23/2020 and 12/16/2020 are in compliance with the provisions of 37 CFR 1.97. Accordingly, the IDS statements have been considered by the Examiner.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claim 8 is rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because claim 8 is a claim to a server device; however, the claim does not identify any hardware for the server device.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 1 is rejected under 35 U.S.C. 103 as being unpatentable over Yasuyuki Takahashi et al. US 20130173112 (hereinafter Takahashi) in view of Gary Chew et al. US 20150256537 (hereinafter Chew) and further in view of Ghiath Al-Kadi et al. US 20160315937 (hereinafter Al-Kadi).
As per claim 1, Takahashi teaches: A communication system that performs communication between a vehicle and a server device, comprising: 
the server device (server in communication in-vehicle system. Takahashi: para. 11);
a first arithmetic processing device installed in the vehicle (communication controller: Takahashi: Abstract); and
 	a second arithmetic processing device installed in the vehicle, wherein the second arithmetic processing device includes: 
a vehicle key storage unit configured to store a first key and a second key used for communication between the vehicle and the server device (“the GW-ECU 11 [second arithmetic processing device] includes a CPU 111 and flash memory 112, i.e., nonvolatile memory that can electrically rewrite the stored contents.  The flash memory 112 stores a secret key Sv, a public key Pv, and a common key C as key data for the onboard system 1.  The public key Pv pairs with the secret key Sv.  The common key C is used for cryptographic communication based on a common key encryption system in the vehicle.  The secret key Sv is managed as secret information.” Takahashi: para. 26. Also, see para. 36 “the GW-ECU 11 generates the secret key Sv and the public key Pv in accordance with the public key encryption system predetermined in the vehicular communication system according to the embodiment and stores the generated secret keys in its storage portion” Takahashi: para. 36);
a vehicle key transmission/reception unit configured to transmit or receive a third key to or from the server device by encryption communication which uses the second key (“The GW-ECU 11 receives or acquires the public key Pt from the center 3 and encrypts the common key C using the public key Pt.  Using the connector 17, the GW-ECU 11 transmits the common key C to the external tool 2 that requested the communication connection (S64 and S65).  In other words, the onboard system 1 performs cryptographic communication with the external tool 2 according to the public key encryption system using the public key Pt.” Takahashi: para. 43);
wherein the first arithmetic processing device includes a vehicle communication unit configured to perform encryption communication with the server device using the third key (“The communication controller performs cryptographic communication with the external 
wherein the sever device includes:
a server key storage unit configured to store the same first key and second key as the vehicle (“a method for communicating between an in-vehicle system and an external tool includes: transmitting key identification information from the external tool to the in-vehicle system, wherein the key identification information provides identification information about a tool public key of the external tool; transmitting the key identification information from the in-vehicle system to a server, wherein the server stores the tool public key and key identification information about the tool public key, which are associated with each other (Takahashi: para. 10);
a server authentication processing unit configured to perform an authentication process with the vehicle authentication processing unit of the vehicle using the first key (authentication through use of public key is performed with the in-vehicle system. Takahashi: para. 10);
a server key transmission/reception unit configured to transmit or receive the third key to or from the vehicle key transmission/reception unit of the vehicle by encryption communication which uses the second key (“transmitting a common key from 
Takahashi does not teach; however, Chew discloses: arithmetic processing device which is a secure element,
a vehicle authentication processing unit configured to perform an authentication process with the server device using the first key (“The secure link RSD can be established following a mutual authentication of the server SRV and the element SE, for example using a public key known by the server SRV and corresponding to a private key stored by the element SE, and using a public key known by the element SE and corresponding to a private key stored by the server SRV.” Chew: para. 43).
	Therefore it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Takahashi with the teaching of Chew to meet the preceding limitations. One of ordinary skill in the art would have been motivated to make such modification since such techniques were known at the time of the instant invention and would be applied to protect key information in secure storage.
	The combination of Takahashi and Chew does not teach; however, Al-Kadi discloses: a server communication unit configured to perform encryption communication with the vehicle communication unit of the vehicle using the third key (“the destination node uses this session key [third key] for encrypting or decrypting data.  For instance, the destination node may encrypt data to be communicated back to the source node with the generated session key.  Thereby, relatively complex procedures for generating session keys which are based on, for example, pseudo-random number generators may be avoided.” Al-Kadi: para. 22).
.
Claim 2 is rejected under 35 U.S.C. 103 as being unpatentable over 
Mateusz Bronk US 20170244565 (hereinafter Bronk) in view of Ghiath Al-Kadi et al. US 20160315937 (hereinafter Al-Kadi) and further in view of Yasuyuki Takahashi et al. US 20130173112 (hereinafter Takahashi).  
As per claim 2, Bronk teaches: A communication system that performs communication between a vehicle and a server device, comprising:
the server device (Bronk: fig. 1, coordination server 108);
a first arithmetic processing device installed in the vehicle (security Coprocessor 158); 
and a second arithmetic processing device (Bronk: fig. 1, processor 150 and embodiment described in example 7 “Example 7 includes the subject matter of any of Examples 1-6, and further including a main processor and a security co-processor different from the main processor, wherein to establish the trusted execution environment comprises to establish a trusted execution environment on the security co-processor of the in-vehicle computing system” Bronk: para. 65), 
wherein the second arithmetic processing device includes: 
a second vehicle key storage unit configured to store a first key used for communication between the vehicle and the server device(“the cryptographic module 208 may generate a message authentication code (MAC) [first key] of a message based on, for example, a session key shared between the in-vehicle computing system 102 and the coordination server 108.  In particular, in some embodiments, the in-vehicle computing system 102 may perform a key exchange protocol such as a Sign-and-MAC (SIGMA) protocol.” Bronk: para.37); and
a vehicle authentication processing unit configured to perform an authentication process with the server device using the first key (generating [by an authentication processing unit]  MAC [first key] for authenticating the communication with the server. Bronk: para.37);
the first arithmetic processing device includes:
a first vehicle key storage unit configured to store a second key used for communication between the vehicle and the server device (“a TEE key certificate (e.g., an EPID certificate) is also stored or provisioned into the security co-processor 158.  The TEE key certificate may include the public TEE key corresponding to the private TEE key provisioned into the security co-processor 158 and may be signed by the manufacturer of the security co-processor 158 (e.g., by the manufacturer server 112).  It should also be appreciated that, in some embodiments, the security co-processor 158 may directly communicate with a corresponding security co-processor of the coordination server 108.  Additionally, in some embodiments, the security co-processor 158 may establish a secure out-of-band communication link with remote devices and/or components (e.g., the coordination server 108).” Bronk: para. 24);
a vehicle key transmission/reception unit configured to transmit or receive a third key to or from the server device by encryption communication which uses the second key (“a cryptographic accelerator incorporated into the processor 150, or a standalone cryptographic software/firmware.  In some embodiments, the cryptographic module 208 may cooperate with the communication module 204 to establish a secure connection with remote devices (e.g., the coordination server 108) over a network 104.  For example, the cryptographic module 208 may encrypt and decrypt communications between the in-vehicle computing system 102 and the coordination server 108.  In some embodiments, the cryptographic module 208 may perform a key exchange with the coordination server 108 or a component of the coordination server 108 (e.g., a corresponding security co-processor).  For example, the cryptographic module 208 may perform a Diffie-Hellman key exchange, and Elliptic Curve Diffie-Hellman key exchange, or another suitable cryptographic key exchange protocol with the coordination server 108 (e.g., to generate session keys [third key]).” Bronk: para. 26);
Bronk does not teach; however, Al-Kadi discloses: a arithmetic processing device which (“in order to generate a session key, to deploy a secure true random generator implemented in, or executed by, a tamper-resistant secure element Furthermore, session keys which are generated by a central node in the network, such as a network gateway, should be distributed securely to other nodes, which may require relatively complicated security measures.” Al-Kadi: para. 29),
a vehicle communication unit configured to perform encryption communication with the server device using the third key (“the destination node uses this session key [third key] for encrypting or decrypting data.  For instance, the destination node may encrypt 
a server communication unit configured to perform encryption communication with the vehicle communication unit of the vehicle using the third key (“the destination node uses this session key [third key] for encrypting or decrypting data.  For instance, the destination node may encrypt data to be communicated back to the source node with the generated session key.  Thereby, relatively complex procedures for generating session keys which are based on, for example, pseudo-random number generators may be avoided.” Al-Kadi: para. 22).
	Therefore it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Bronk with the teaching of Al-Kadi to meet the preceding limitations. One of ordinary skill in the art would have been motivated to make such modification since such techniques were known at the time of the instant invention and would be applied to avoid complex procedures for generating session keys which are based on, pseudo-random number generators that would be useful for in-vehicle networks.
The combination of Bronk and Al-Kadi does not teach; however, Takahashi discloses: the server device includes:
a server key storage unit configured to store the same first key and second key as those of the vehicle (“a method for communicating between an in-vehicle system and an external tool includes: transmitting key identification information from the external tool to the in-vehicle system, wherein the key identification information provides identification 
a server authentication processing unit configured to perform an authentication process with the vehicle authentication processing unit of the vehicle using the first key (authentication through use of public key is performed with the in-vehicle system. Takahashi: para. 10);
a server key transmission/reception unit configured to transmit or receives the third key to or from the vehicle key transmission/reception unit of the vehicle by encryption communication which uses the second key (“transmitting a common key from the in-vehicle system to the external tool, wherein the common key is encrypted using the tool public key received by the in-vehicle system;” Takahashi: para.10);
	Therefore it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Bronk and Al-Kadi with the teaching of Takahashi to meet the preceding limitations. One of ordinary skill in the art would have been motivated to make such modification since such techniques were known at the time of the instant invention and would be applied to further secure the communication 

Claims 6, 9, and 11 are rejected under 35 U.S.C. 103 as being unpatentable over Yasuyuki Takahashi et al. US 20130173112 (hereinafter Takahashi) in view of Gary Chew et al. US 20150256537 (hereinafter Chew).
As per claim 6, Takahashi teaches: A vehicle that performs communication with a server device, the vehicle comprising:
a first arithmetic processing device (communication controller: Takahashi: Abstract); and
a second arithmetic processing device, wherein the second arithmetic processing device includes:
a vehicle key storage unit configured to store a first key and a second key used for communication between the vehicle and the server device (“the GW-ECU 11 [a second arithmetic processing device] includes a CPU 111 and flash memory 112, i.e., nonvolatile memory that can electrically rewrite the stored contents.  The flash memory 112 stores a secret key Sv, a public key Pv, and a common key C as key data for the onboard system 1.  The public key Pv pairs with the secret key Sv.  The common key C is used for cryptographic communication based on a common key encryption system in the vehicle.  The secret key Sv is managed as secret information.” Takahashi: para. 26. Also, see para. 36 “the GW-ECU 11 generates the secret key Sv and the public key Pv in accordance with the public key encryption system predetermined in the vehicular communication system according to the embodiment and stores the generated secret keys in its storage portion” Takahashi: para. 36);
a vehicle key transmission/reception unit configured to transmit or receive a third key to or from the server device by encryption communication which uses the second key (“The GW-ECU 11 receives or acquires the public key Pt from the center 3 and encrypts the common key C using the public key Pt.  Using the connector 17, the GW-ECU 11 transmits the common key C to the external tool 2 that requested the communication connection (S64 and S65).  In other words, the onboard system 1 performs cryptographic 
wherein the first arithmetic processing device includes a vehicle communication unit configured to perform, encryption communication with the server device using the third key (“The communication controller performs cryptographic communication with the external tool using the tool public key” Takahashi: para. 26. Also, “The GW-ECU 11 receives or acquires the public key Pt from the center 3 and encrypts the common key C [the third key] using the public key Pt. [second key] Using the connector 17, the GW-ECU 11 transmits the common key C to the external tool 2 that requested the communication connection (S64 and S65).  In other words, the onboard system 1 performs cryptographic communication with the external tool 2 according to the public key encryption system using the public key Pt.” Takahashi: para. 43).
Takahashi does not teach; however, Chew discloses: 
arithmetic processing device which is a secure element; 
a vehicle authentication processing unit configured to perform an authentication process with the server device using the first key (“The secure link RSD can be established following a mutual authentication of the server SRV and the element SE, for example using a public key known by the server SRV and corresponding to a private key stored by the element SE, and using a public key known by the element SE and corresponding to a private key stored by the server SRV.” Chew: para. 43).
	Therefore it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Takahashi with the teaching of Chew to meet the preceding limitations. One of ordinary skill in the art would have been 
As per claim 9, this claim defines a method that corresponds to system claim 6 and does not define beyond limitations of claim 6. Therefore, claim 9 is rejected with the same rational as in the rejection of claim 6.
As per claim 11, this claim defines a computer-readable medium storing instructions corresponding to method claim 9 and does not define beyond limitations of claim 9. Therefore, claim 11 is rejected with the same rational as in the rejection of claim 9.
Claims 7, 10, 12 and are rejected under 35 U.S.C. 103 as being unpatentable over Mateusz Bronk US 20170244565 (hereinafter Bronk) in view of Ghiath Al-Kadi et al. US 20160315937 (hereinafter Al-Kadi).
As per claim 7, Bronk teaches: A vehicle that performs communication with a server device, the vehicle comprising:
a first arithmetic processing device (security Coprocessor 158); and
a second arithmetic processing device (Bronk: fig. 1, processor 150 and embodiment described in example 7 “Example 7 includes the subject matter of any of Examples 1-6, and further including a main processor and a security co-processor different from the main processor, wherein to establish the trusted execution environment comprises to establish a trusted execution environment on the security co-processor of the in-vehicle computing system” Bronk: para. 65), wherein the second arithmetic processing device includes: 
a second vehicle key storage unit configured to store a first key used for communication between the vehicle and the server device (“the cryptographic module 208 may generate a message authentication code (MAC) [first key] of a message based on, for example, a session key shared between the in-vehicle computing system 102 and the coordination server 108.  In particular, in some embodiments, the in-vehicle computing system 102 may perform a key exchange protocol such as a Sign-and-MAC (SIGMA) protocol.” Bronk: para.37); and
a vehicle authentication processing unit configured to perform an authentication process with the server device using the first key (generating [by an authentication processing unit]  MAC [first key] for authenticating the communication with the server. Bronk: para.37);
the first arithmetic processing device includes:
a first vehicle key storage unit configured to store a second key used for communication between the vehicle and the server device (“a TEE key certificate (e.g., an EPID certificate) is also stored or provisioned into the security co-processor 158.  The TEE key certificate may include the public TEE key corresponding to the private TEE key provisioned into the security co-processor 158 and may be signed by the manufacturer of the security co-processor 158 (e.g., by the manufacturer server 112).  It should also be appreciated that, in some embodiments, the security co-processor 158 may directly communicate with a corresponding security co-processor of the coordination server 108.  Additionally, in some embodiments, the security co-processor 158 may establish a secure out-of-band communication link with remote devices and/or components (e.g., the coordination server 108).” Bronk: para. 24);
a vehicle key transmission/reception unit configured to transmit or receive a third key to or from the server device by encryption communication which uses the second key (“a cryptographic accelerator incorporated into the processor 150, or a standalone cryptographic software/firmware.  In some embodiments, the cryptographic module 208 may cooperate with the communication module 204 to establish a secure connection with remote devices (e.g., the coordination server 108) over a network 104.  For example, the cryptographic module 208 may encrypt and decrypt communications between the in-vehicle computing system 102 and the coordination server 108.  In some embodiments, the cryptographic module 208 may perform a key exchange with the coordination server 108 or a component of the coordination server 108 (e.g., a corresponding security co-processor).  For example, the cryptographic module 208 may perform a Diffie-Hellman key exchange, and Elliptic Curve Diffie-Hellman key exchange, or another suitable cryptographic key exchange protocol with the coordination server 108 (e.g., to generate session keys [third key]).” Bronk: para. 26);
Bronk does not teach; however, Al-Kadi discloses: arithmetic processing device which(“in order to generate a session key, to deploy a secure true random generator implemented in, or executed by, a tamper-resistant secure element Furthermore, session keys which are generated by a central node in the network, such as a network gateway, should be distributed securely to other nodes, which may require relatively complicated security measures.” Al-Kadi: para. 29),
a vehicle communication unit configured to perform encryption communication with the server device using the third key (“the destination node uses this session key [third key] for encrypting or decrypting data.  For instance, the destination node may encrypt 
	Therefore it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Bronk with the teaching of Al-Kadi to meet the preceding limitations. One of ordinary skill in the art would have been motivated to make such modification since such techniques were known at the time of the instant invention and would be applied to avoid complex procedures for generating session keys which are based on, pseudo-random number generators that would be useful for in-vehicle networks.
As per claim 10, this claim defines a method that corresponds to system claim 7 and does not define beyond limitations of claim 7. Therefore, claim 10 is rejected with the same rational as in the rejection of claim 7.
As per claim 12, this claim defines a computer-readable medium storing instructions corresponding to method claim 10 and does not define beyond limitations of claim 10. Therefore, claim 12 is rejected with the same rational as in the rejection of claim 10.

          Claims 8 and 13 are rejected under 35 U.S.C. 103 as being unpatentable over Yasuyuki Takahashi et al. US 20130173112 (hereinafter Takahashi) in view of Ghiath Al-Kadi et al. US 20160315937 (hereinafter Al-Kadi). 
As per claim 8, Takahashi teaches: A server device that performs communication with a vehicle, the server device comprising:
a server key storage unit configured to store the same first key and second key as the vehicle (“a method for communicating between an in-vehicle system and an external tool includes: transmitting key identification information from the external tool to the in-vehicle system, wherein the key identification information provides identification information about a tool public key of the external tool; transmitting the key identification information from the in-vehicle system to a server, wherein the server stores the tool public key and key identification information about the tool public key, which are associated with each other (Takahashi: para. 10);
a server authentication processing unit configured, to perform an authentication process with a vehicle authentication processing unit of a second arithmetic processing device which is a secure element of the vehicle using the first key (authentication through use of public key is performed with the in-vehicle system. Takahashi: para. 10) 
a server key transmission/reception unit configured to transmit or receive a third key to or from a vehicle key transmission/reception unit of the vehicle by encryption communication which uses the second key (“transmitting a common key from the in-vehicle system to the external tool, wherein the common key is encrypted using the tool public key received by the in-vehicle system;” Takahashi: para.10);
Takahashi does not teach; however, Al-Kadi discloses: arithmetic processing device which is secure element of the vehicle (“in order to generate a session key, to deploy a secure true random generator implemented in, or executed by, a tamper-resistant secure element Furthermore, session keys which are generated by a central node in the network, such as a network gateway, should be distributed securely to other nodes, which may require relatively complicated security measures.” Al-Kadi: para. 29);
a server communication unit configured to perform encryption communication with a vehicle communication unit of the vehicle using the third key (“the destination node uses this session key [third key] for encrypting or decrypting data.  For instance, the destination node may encrypt data to be communicated back to the source node with the generated session key.  Thereby, relatively complex procedures for generating session keys which are based on, for example, pseudo-random number generators may be avoided.” Al-Kadi: para. 22).
	Therefore it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Takahashi with the teaching of Al-Kadi to meet the preceding limitations. One of ordinary skill in the art would have been motivated to make such modification since such techniques were known at the time of the instant invention and would be applied to avoid complex procedures for generating session keys which are based on, pseudo-random number generators that would be useful for in-vehicle networks.
As per claim 13, this claim defines a computer-readable medium storing instructions corresponding to sever device of claim 8 and does not define beyond limitations of claim 8. Therefore, claim 13 is rejected with the same rational as in the rejection of claim 8.
Allowable Subject Matter
After further consideration it was concluded that the subject matter of claims 3-5 and 14-16 are not suggested by the prior art of record.  Claims 3-5 and 14-16 would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. 
“the second arithmetic processing device further includes; a vehicle master key storage unit configured to store a master key; and a vehicle key generation unit configured to generate the first key and the second key using the master key and a vehicle-corresponding identifier corresponding to the vehicle.” and similar limitations of independent claims 15 and 19 in combination with the other claimed features as a whole."
Therefore independent claim 14 are allowable.
 Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GHODRAT JAMSHIDI whose telephone number is (571)270-1956.  The examiner can normally be reached on 10:00-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on 5712723862.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.







/GHODRAT JAMSHIDI/Primary Examiner, Art Unit 2493