Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Office Action is in response to the RCE filed on 12/17/2020. Claims 1-10, 13, 14, 16 and 17 are pending.  This Office Action is Non-Final.

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 12/17/2021 has been entered.
 

Response to Arguments
	A) Applicant’s arguments with respect to claim(s) 1 and 13 have been considered but are moot because the new ground of rejection does not rely on to the same exact references applied in the prior rejection of record for a teaching or matter specifically challenged in the argument.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically teachd as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claim(s) 1, 13 and 14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Cordery et al. (US 2010/0128872) in view of Kuraki et al. (US 2008/0298596).

As per claim 1, Cordery teaches an image transmitting device comprising: an image processor configured to process an image to be transmitted to an external device (Cordery, Paragraph 0014 recites “Accounting device further includes a controller 22, which is preferably implemented as any type of general or special purpose microprocessor or the like. Preferably, the controller 22 is located within a secure boundary to prevent tampering with the functioning of the controller 22. Indicium data generated by the PSD 20 is provided to an image generator 24 of the controller 22, which uses the indicium data to generate an image of the indicium or instructions required to generate an image of the indicium, hereinafter referred to as image data. The image generation is preferably implemented as software within the controller 22. The image data is provided to a NLFSR 26 for generation of a message authentication code (MAC) associated with the image data as will be described further below. The NLFSR 26 can be implemented as any type of software, hardware, or a combination of the two. The image data and MAC are then provided to a communication unit 28 of the controller 26, and the image data and MAC sent to printer 14 via cable 16.” Examiner note: the printer device and the accounting device maybe of the same system but are external to each other.); 
and a security circuit including a key shared with the external device (Cordery, Paragraph 0020 recites “ After a key agreement process has been performed and the NLFSR 26 in the accounting device 12 and printer 14 have been initialized, the controller 22 of the accounting device 12 uses the session key k to compute MACs for the image data it transmits to the printer 14 and the controller 40 of the printer 14 uses the session key k to verify the MACs received from the accounting device 12. The NLFSRs 26 can be used to compute and verify MACs for multiple images without having to be re-initialized (unless so desired as described above).” And 0021 recites “An example of the processing performed by the controller 22 of the accounting device 12 to generate a MAC for an image is described with respect to FIG. 4.”);
wherein the image transmitting device is configured to transmit the tag, generated to correspond to the image, to the external device with data of the image (Cordery, Paragraph 0028 recites “In step 146, the image data for the image m, along with the MAC generated for the image m, is sent from the accounting device 12 to the printer 14 via communication link 16. The image data for the image m need not be encrypted, as the security of the communication link 16 is provided by the MAC which is used to authenticate the image data (as described below). Because the data is not encrypted, troubleshooting of the communication link 16 in the event of an error is significantly easier as compared to troubleshooting when the data is encrypted.”). 
But fails to teach based on region information representing a region of a certain position of the image to which a tag used for image authentication is to be applied, generate the tag by using data of only a partial region of the image corresponding to the certain position, from among regions of an entire image, and the key, and wherein the certain position of the image represented by the region information changes among a plurality of images to be transmitted with tags.
However, in an analogous art Kuraki teaches based on region information representing a region of a certain position of the image to which a tag used for image authentication is to be applied, generate the tag by using data of only a partial region of the image corresponding to the certain position, from among regions of an entire image, and the key (Kuraki, Paragraph 0011 recites “an encryption zone obtainment unit for obtaining position information of a partial zone of an image to be encrypted that is specified by a user; … an encryption key generation unit for generating an encryption key for encrypting an image; a decryption key generation unit for generating a decryption key corresponding to the encryption key; a decryption key storage unit for storing the management number, the position information of the partial zone and the decryption key by correlating them; and an encryption key transmission unit for transmitting the encryption key and management number to a user.”)
And wherein the certain position of the image represented by the region information changes among a plurality of images to be transmitted with tags (Kuraki, Paragraph 0037 recites “The encryption apparatus selects a zone that is desired to be encrypted of digital data created by an application or an image read by an optical device such as a digital camera or scanner. After the selection of a zone, the encryption apparatus sends an inquiry to the key management server for user authentication. The key management server performs an authentication by using a user database or the like and gives permission for an encryption if the user is a legitimate user. Then, the encryption apparatus obtains a management number for identifying the encrypted image from the key management server, and sends the position information of the selected partial zone and the information necessary for decryption to the key management server (i.e., by reading the entirety of the image by using a scanner and obtaining the position information of a spot where the selected zone is positioned in the entirety of the image). The information necessary for the decryption referred to herein is such information as information about the authority of users that are permitted to perform decryption and time information such as the time period, date and such for permitting decryption to be performed only within a specified time period. The key management server generates, and sends to the encryption apparatus, an encryption key for encrypting the partial zone, and stores the information received from the encryption apparatus, the management number and encryption key in a key management database. The encryption key used for the encryption may be the same as the decryption key that is taken out of the aforementioned database when decrypting. If the encryption key and decryption key are different, a decryption key is created and stored at this point in time. The encryption apparatus encrypts the selected partial zone by using the encryption key received from the key management server. When encrypting a plurality of partial zones, the process between sending the position information and encrypting described above is repeated.”)
	It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date, to use Kuraki’s image encryption/decryption system with Cordery’s method and system for securing communications in a metering device because it offers the advantage of having the flexibility of using positional information to perform encryption and decryption functions.

As per claim 13, Cordery teaches a method of operating an image transmitting device, the method comprising: obtaining a session key to be used for image authentication through communication with an external device (Cordery, Paragraph 0020 recites “ After a key agreement process has been performed and the NLFSR 26 in the accounting device 12 and printer 14 have been initialized, the controller 22 of the accounting device 12 uses the session key k to compute MACs for the image data it transmits to the printer 14 and the controller 40 of the printer 14 uses the session key k to verify the MACs received from the accounting device 12. The NLFSRs 26 can be used to compute and verify MACs for multiple images without having to be re-initialized (unless so desired as described above).” And 0021 recites “An example of the processing performed by the controller 22 of the accounting device 12 to generate a MAC for an image is described with respect to FIG. 4.” Examiner note: the printer device and the accounting device maybe of the same system but are external to each other.);
 and transmitting a packet including the image and the tag corresponding to the image to the external device (Cordery, Paragraph 0028 recites “In step 146, the image data for the image m, along with the MAC generated for the image m, is sent from the accounting device 12 to the printer 14 via communication link 16. The image data for the image m need not be encrypted, as the security of the communication link 16 is provided by the MAC which is used to authenticate the image data (as described below). Because the data is not encrypted, troubleshooting of the communication link 16 in the event of an error is significantly easier as compared to troubleshooting when the data is encrypted.”).
But fails to teach with respect to an image to be transmitted to the external device, based on region information representing a region of a certain position of the image to which a tag used for the image authentication is to be applied, generating the 
However, in an analogous art Kuraki teaches with respect to an image to be transmitted to the external device, based on region information representing a region of a certain position of the image to which a tag used for the image authentication is to be applied, generating the tag by using data of only a partial region of the image corresponding to the certain position, from among regions of an entire image, and the session key (Kuraki, Paragraph 0011 recites “an encryption zone obtainment unit for obtaining position information of a partial zone of an image to be encrypted that is specified by a user; … an encryption key generation unit for generating an encryption key for encrypting an image; a decryption key generation unit for generating a decryption key corresponding to the encryption key; a decryption key storage unit for storing the management number, the position information of the partial zone and the decryption key by correlating them; and an encryption key transmission unit for transmitting the encryption key and management number to a user.”) and
wherein the certain position of the image represented by the region information changes among a plurality of images to be transmitted with tags (Kuraki, Paragraph 0037 recites “The encryption apparatus selects a zone that is desired to be encrypted of digital data created by an application or an image read by an optical device such as a digital camera or scanner. After the selection of a zone, the encryption apparatus sends an inquiry to the key management server for user authentication. The key management server performs an authentication by using a user database or the like and gives permission for an encryption if the user is a legitimate user. Then, the encryption apparatus obtains a management number for identifying the encrypted image from the key management server, and sends the position information of the selected partial zone and the information necessary for decryption to the key management server (i.e., by reading the entirety of the image by using a scanner and obtaining the position information of a spot where the selected zone is positioned in the entirety of the image). The information necessary for the decryption referred to herein is such information as information about the authority of users that are permitted to perform decryption and time information such as the time period, date and such for permitting decryption to be performed only within a specified time period. The key management server generates, and sends to the encryption apparatus, an encryption key for encrypting the partial zone, and stores the information received from the encryption apparatus, the management number and encryption key in a key management database. The encryption key used for the encryption may be the same as the decryption key that is taken out of the aforementioned database when decrypting. If the encryption key and decryption key are different, a decryption key is created and stored at this point in time. The encryption apparatus encrypts the selected partial zone by using the encryption key received from the key management server. When encrypting a plurality of partial zones, the process between sending the position information and encrypting described above is repeated.”)
	It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date, to use Kuraki’s image encryption/decryption system with Cordery’s method and system for securing communications in a metering device because it offers the advantage of having the flexibility of using positional information to perform encryption and decryption functions.

As per claim 14, Cordery in combination with Kuraki teaches the method of claim 13, Cordery further teaches performing a challenge-response-based device authentication process with the external device, wherein the tag used for the image authentication is selectively generated when the challenge-response-based device authentication process is successfully performed (Cordery, Paragraph 0018 recites “The master key MK may be updated after the postage metering system 10 has been deployed in the field, using for example, a network connection or the like. A preferred embodiment of a key agreement process according to the present invention operates as illustrated in FIG. 3. It should be noted, however, that any key agreement protocol could be used to agree upon a derived shared session key used to initialize the NLFSRs in the accounting unit 12 and printer 14. Referring now to FIG. 3, in step 100 the accounting unit controller 22 generates challenge data r.sub.1 and sends it to the printer controller 40. The challenge data may be, for example, a 128 bit number generated by a counter, random or pseudo-random number generator. In step 102, the printer controller 40 generates its own challenge data r.sub.2 and sends r.sub.2 and its serial number, SN, to the accounting device controller 22. In step 104, both the accounting unit controller 22 and printer controller 40 compute the session key k based on the challenge data r.sub.1, r.sub.2, the serial number, SN, and the master key, MK, previously stored therein.”). 

Claim 2 is/are rejected under 35 U.S.C. 103 as being unpatentable over Cordery et al. (US 2010/0128872) and Kuraki et al. (US 2008/0298596) and in further view of Saisho (US 2011/0069342).

As per claim 2, Cordery in combination with Kuraki teaches the image transmitting device of claim 1, but fails to teach a packet format encoder configured to generate a packet including the tag provided from the security circuit with the data of the image provided from the image processor.
	However, in an analogous art Saisho teaches a packet format encoder configured to generate a packet including the tag provided from the security circuit with the data of the image provided from the image processor (Saisho, Paragraph 0029 recites “The image compression unit 120 encodes image data in a predetermined compression format. The packet generation unit 121 packetizes compressed tile image data in accordance with the packet format. The packet readout DMAC 122 reads out data including overlapping image data required by the image processing unit 124 for editing an image from the packet data stored in the packet storage buffer 126. The image decompression unit 123 decodes and decompresses the packetized compressed image data when outputting the data with the printer 102.”). 
	It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date, to use Saisho’s image processing apparatus, control method therefor and program with Cordery’s method and system for securing communications in a metering device because it offers the advantage of ensuring transmission compatibility.
 
Claim 3-7 and 16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Cordery et al. (US 2010/0128872) and Kuraki et al. (US 2008/0298596) and in further view of Oguma et al. (US 2017/0111177).

As per claim 3, Cordery in combination with Kuraki teaches the image transmitting device of claim 1, but fails to teach wherein the security circuit is further configured to receive a session key encrypted through communication with the external device, obtain the session key through a decoding process, and generate the tag by using the obtained session key as the key. 
	However, in an analogous art Oguma teaches wherein the security circuit is further configured to receive a session key encrypted through communication with the external device, obtain the session key through a decoding process, and generate the tag by using the obtained session key as the key (Oguma, Paragraph 0059 recites “When the validity of the master ECU m is confirmed, the general ECU a decrypts the encrypted session key EK using the private key 122a of the general ECU a itself (S207). Accordingly, the session key K can be shared between the master ECU m and the general ECU a. Subsequently, safe communication is performed using the session key between the master ECU m and the general ECU a. For example, by generating and transmitting a message authentication code (a MAC) of a transmission message using the session key, safety of communication can be secured.”).
It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date, to use Oguma’s vehicle system and authentication method with Cordery’s method and system for securing communications in a metering device because it offers the advantage of secure communications when transmitting data. 
 
As per claim 4, Cordery in combination with Oguma teaches the image transmitting device of claim 3, Cordery further teaches wherein the tag is a message authentication code (MAC) generated by using the data of the partial region of the image and at least a partial bit of the session key  (Cordery, Paragraph 0020 recites “ After a key agreement process has been performed and the NLFSR 26 in the accounting device 12 and printer 14 have been initialized, the controller 22 of the accounting device 12 uses the session key k to compute MACs for the image data it transmits to the printer 14 and the controller 40 of the printer 14 uses the session key k to verify the MACs received from the accounting device 12. The NLFSRs 26 can be used to compute and verify MACs for multiple images without having to be re-initialized (unless so desired as described above).” And 0021 recites “An example of the processing performed by the controller 22 of the accounting device 12 to generate a MAC for an image is described with respect to FIG. 4.”).

As per claim 5, Cordery in combination with Kuraki teaches the image transmitting device of claim 1, Cordery further teaches a tag generator configured to generate the tag by using the [[obtained key]] and the data of the partial region of the image (Cordery, Paragraph 0020 recites “ After a key agreement process has been performed and the NLFSR 26 in the accounting device 12 and printer 14 have been initialized, the controller 22 of the accounting device 12 uses the session key k to compute MACs for the image data it transmits to the printer 14 and the controller 40 of the printer 14 uses the session key k to verify the MACs received from the accounting device 12. The NLFSRs 26 can be used to compute and verify MACs for multiple images without having to be re-initialized (unless so desired as described above).” And 0021 recites “An example of the processing performed by the controller 22 of the accounting device 12 to generate a MAC for an image is described with respect to FIG. 4.”).
But fails to teach wherein the security circuit comprises: a security controller configured to control an operation in the security circuit for the image authentication; a key sharer configured to decode encrypted information provided from the external device, decode an encrypted key received in relation to the image authentication, and obtain the key used for generating the tag.
	However, in an analogous art Oguma teaches wherein the security circuit comprises: a security controller configured to control an operation in the security circuit (Oguma, Paragraph 0059 recites “When the validity of the master ECU m is confirmed, the general ECU a decrypts the encrypted session key EK using the private key 122a of the general ECU a itself (S207). Accordingly, the session key K can be shared between the master ECU m and the general ECU a. Subsequently, safe communication is performed using the session key between the master ECU m and the general ECU a. For example, by generating and transmitting a message authentication code (a MAC) of a transmission message using the session key, safety of communication can be secured.”).
It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date, to use Oguma’s vehicle system and authentication method with Cordery’s method and system for securing communications in a metering device because it offers the advantage of secure communications when transmitting data. 
 
As per claim 6, Cordery in combination with Oguma teaches the image transmitting device of claim 5, Oguma further teaches wherein the security circuit further comprises a secure storage configured to store an encryption key used for decoding performed by the key sharer (Oguma, Paragraph 0059 recites “When the validity of the master ECU m is confirmed, the general ECU a decrypts the encrypted session key EK using the private key 122a of the general ECU a itself (S207). Accordingly, the session key K can be shared between the master ECU m and the general ECU a. Subsequently, safe communication is performed using the session key between the master ECU m and the general ECU a. For example, by generating and transmitting a message authentication code (a MAC) of a transmission message using the session key, safety of communication can be secured.” Private keys by nature are securely stored.). 
It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date, to use Oguma’s vehicle system and authentication method with Cordery’s method and system for securing communications in a metering device because it offers the advantage of secure communications when transmitting data. 

As per claim 7, Cordery in combination with Kuraki teaches the image transmitting device of claim 1, but fails to teach wherein the region information is generated by the image transmitting device, wherein the security circuit is further configured to encrypt the generated region information and generate encrypted region information, and wherein the image transmitting device further transmits the encrypted region information to the external device.
However, in an analogous art Oguma teaches wherein the region information is generated by the image transmitting device, wherein the security circuit is further configured to encrypt the generated region information and generate encrypted region information, and wherein the image transmitting device further transmits the encrypted region information to the external device (Oguma, Paragraph 0059 recites “When the validity of the master ECU m is confirmed, the general ECU a decrypts the encrypted session key EK using the private key 122a of the general ECU a itself (S207). Accordingly, the session key K can be shared between the master ECU m and the general ECU a. Subsequently, safe communication is performed using the session key between the master ECU m and the general ECU a. For example, by generating and transmitting a message authentication code (a MAC) of a transmission message using the session key, safety of communication can be secured.” See item S208 of Fig. 3 for further details.).  
It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date, to use Oguma’s vehicle system and authentication method with Cordery’s method and system for securing communications in a metering device because it offers the advantage of secure communications when transmitting data. 

As per claim 16, Cordery in combination with Kuraki teaches the method of claim 13, but fails to teach wherein the region information is generated by the image transmitting device, and wherein information obtained by encrypting the region information is further provided in the packet transmitted to the external device.
However, in an analogous art Oguma teaches wherein the region information is generated by the image transmitting device, and wherein information obtained by encrypting the region information is further provided in the packet transmitted to the external device (Oguma, Paragraph 0059 recites “When the validity of the master ECU m is confirmed, the general ECU a decrypts the encrypted session key EK using the private key 122a of the general ECU a itself (S207). Accordingly, the session key K can be shared between the master ECU m and the general ECU a. Subsequently, safe communication is performed using the session key between the master ECU m and the general ECU a. For example, by generating and transmitting a message authentication code (a MAC) of a transmission message using the session key, safety of communication can be secured.” See item S208 of Fig. 3 for further details.).  
It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date, to use Oguma’s vehicle system and authentication method with Cordery’s method and system for securing communications in a metering device because it offers the advantage of secure communications when transmitting data. 

Claims 8, 9 and 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Cordery et al. (US 2010/0128872) and Kuraki et al. (US 2008/0298596) and in further view of Jeong (US 2013/0283061).
As per claim 8 Cordery in combination with Kuraki teaches the image transmitting device of claim 1, but fails to teach wherein the region information is encrypted and is provided by the external device to the image transmitting device, and wherein the security circuit is further configured to decode the encrypted region information and select the partial region of the image by using decoded region information. 
	However, in an analogous art Jeong teaches wherein the region information is encrypted and is provided by the external device to the image transmitting device, and wherein the security circuit is further configured to decode the encrypted region information and select the partial region of the image by using decoded region information (Jeong, Paragraph 0015 recites “In some example embodiments, an image processing method for storing an image constituted by a plurality of regions on which encryption is performed or not performed according to access privileges of the respective regions, includes: receiving an original image; determining a plurality of regions with respect to the received image, and assigning access privileges to the respective regions; encrypting at least a part of the plurality of regions according to the assigned access privileges; and storing regional images of the plurality of regions, the access privileges of the plurality of regions, and information on an encryption key used for encrypting the plurality of regions.”).
It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date, to use Jeong’s image processing method and apparatus for privacy protection of captured image with Cordery’s method and system for securing communications in a metering device because it offers the advantage of secure communications when transmitting data. 

As per claim 9, Cordery in combination with Kuraki and Jeong teaches the image transmitting device of claim 8, Jeong further teaches wherein the certain position of the image represented by the region information changes in response to the image transmitting device being rebooted (Jeong, Paragraph 0015 recites “In some example embodiments, an image processing method for storing an image constituted by a plurality of regions on which encryption is performed or not performed according to access privileges of the respective regions, includes: receiving an original image; determining a plurality of regions with respect to the received image, and assigning access privileges to the respective regions; encrypting at least a part of the plurality of regions according to the assigned access privileges; and storing regional images of the plurality of regions, the access privileges of the plurality of regions, and information on an encryption key used for encrypting the plurality of regions.” Jeong doesn’t explicitly recite that a reboot would be performed, therefore it would be implied that the region is selected prior to a reboot.).
It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date, to use Jeong’s image processing method and apparatus for privacy protection of captured image with Cordery’s method and system for securing communications in a metering device because it offers the advantage of secure communications when transmitting data. 

As per claim 17, Cordery in combination with Kuraki teaches the method of claim 13, but fails to teach receiving encrypted region information from the external device; and obtaining the region information through decoding the encrypted region information. 
However, in an analogous art Jeong teaches receiving encrypted region information from the external device; and obtaining the region information through decoding the encrypted region information (Jeong, Paragraph 0015 recites “In some example embodiments, an image processing method for storing an image constituted by a plurality of regions on which encryption is performed or not performed according to access privileges of the respective regions, includes: receiving an original image; determining a plurality of regions with respect to the received image, and assigning access privileges to the respective regions; encrypting at least a part of the plurality of regions according to the assigned access privileges; and storing regional images of the plurality of regions, the access privileges of the plurality of regions, and information on an encryption key used for encrypting the plurality of regions.”).
It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date, to use Jeong’s image processing method and apparatus for privacy protection of captured image with Cordery’s method and system for securing communications in a metering device because it offers the advantage of secure communications when transmitting data. 

Claim 10 is/are rejected under 35 U.S.C. 103 as being unpatentable over Cordery et al. (US 2010/0128872), Kuraki et al. (US 2008/0298596) and Jeong (US 2013/0283061) and in further view of Lee et al. (US 2016/0323741).

As per claim 10, Cordery in combination with Kuraki and Jeong teaches the image transmitting device of claim 8, but fails to teach wherein the certain position of the partial region represented by the region information changes each time of the predetermined time intervals.
	However, in an analogous art Lee teaches wherein the certain position of the partial region represented by the region information changes each time of the predetermined time intervals (Lee, Paragraph 0083 recites “The vehicle information collection apparatus receives accident information (including the image data) from the vehicle terminal and performs an integrity verification procedure. The vehicle terminal performs symmetric key-based encryption on the corresponding image using a previously distributed encryption key in order to maintain the confidentiality of the image to which the masking scheme has been applied. After the encryption operation is terminated, the vehicle terminal selects one header value representative of the encrypted image data and generates an MAC tag value through hash operation. The vehicle terminal attaches a time stamp value indicative of a point of time at which the black box sends the packet (i.e., the encrypted image and MAC) to the vehicle information collection apparatus to the generated MAC tag value in order to prevent a replay attack and sends the MAC tag value, including the time stamp value, to the vehicle information collection apparatus along with the encrypted image. The vehicle information collection apparatus first calculates a time lag .DELTA.T between the time stamp value of the vehicle terminal, attached to the MAC tag value, and the time stamp value of the vehicle information collection apparatus indicative of a point of time at which the vehicle terminal has received the packet and verifies whether the corresponding packet has been transmitted by the vehicle terminal by determining whether the time lag .DELTA.T is within a permissible range. If, as a result of the verification of the time stamp values, it is found to be normal, the vehicle information collection apparatus selects a header value representative of the image data in the same manner as that in which the vehicle terminal has generated the MAC tag value for the received encrypted image and generates an MAC tag value through hash operation. The vehicle information collection apparatus compares the received MAC tag value with the generated MAC tag value. If, as a result of the comparison, the two MAC tag values are different, the vehicle information collection apparatus may be aware that the image information has been forged and falsified by an attacker.”).





Conclusion
	Any inquiry concerning this communication or earlier communications from the examiner should be directed to RODERICK TOLENTINO whose telephone number is (571)272-2661.  The examiner can normally be reached on Mon- Fri 8am-4pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on 571-270-5002.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.



RODERICK . TOLENTINO
Examiner
Art Unit 2439



/RODERICK TOLENTINO/Primary Examiner, Art Unit 2439