DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

The following is a Non-Final Office Action in response to communications received on January 24, 2019. Claims 1-23 are pending and addressed below.

Specification
For the record, Examiner acknowledges that the Specification submitted on January 24, 2019 has been accepted.

Drawings
The drawings are objected to as failing to comply with 37 CFR 1.84(p)(5) because they include the following reference character(s) not mentioned in the description: 110 in Fig. 1.  Corrected drawing sheets in compliance with 37 CFR 1.121(d), or amendment to the specification to add the reference character(s) in the description in compliance with 37 CFR 1.121(b) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the 

Claim Objections
Claims 1, 12 and 13 are objected to because of the following informalities:  
Claim 1 recites the phrase “at least one credential required for accessing to a wireless network.” It is suggested the phrase be amended to “at least one credential required for accessing [[to]] a wireless network” for grammatical correctness. Claim 13 is objected for similar reasons to claim 1.
Claim 12 recites the phrase “A second communication device configured to establish a data connection with a first communication device configured to:…”. It is suggested the phrase be amended to “A second communication device configured to establish a data connection with a first communication device, the second communication device further configured to:…” so that it is clear that the remainder of the claim is referring to the second communication device and not the first communication device.
Appropriate correction is required.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-23 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention. 
Claim 1 recites the limitation “using it’s private key” in the last two lines. It is unclear what entity “it’s” is referring to. Applicant may overcome this rejection by, for example, amending the limitation to “using [[it’s]] private key”. Dependent claims 2-11 are rejected for containing the same indefinite language as parent claim 1 without further remedying the indefinite language. 
Claim 10 recites the limitation “the state.” There is insufficient antecedent basis for this limitation. It is suggested the limitation be amended to “[[the]] a state”.
 Claim 12 recites the limitation “the set” in line 5, “the public key” in line 14, and “the certificate” in line 14. There is insufficient antecedent basis for these limitations. Also, claim 12 recites the limitation “K” in line 11. The term “K” is never defined so it is unclear what K” represents. Further, claim 12 recites the limitation “using it’s private key” in the penultimate line. It is unclear what entity “it’s” is referring to. Applicant may overcome this rejection by, for example, amending the limitation to “using [[it’s]] private key”. Dependent claims 14-23 are rejected for containing the same indefinite language as parent claim 12 without further remedying the indefinite language.
Claim 13 recites the limitation “for it to generate” in line 12. It is unclear what entity “it” is referring to. Applicant may overcome this rejection by, for the wireless network to generate”. Also, claim 13 recites the limitation “said set of at least one credential” in line 14. There are multiple previously recited set of at least one credential and it is unclear as to which particular set of at least one credential the limitation is referring. 
Claim 15 recites that the second communication device generates K” using a derivation function memorized by the first communication device. It is unclear how the second communication device generates K” when the derivation function is stored on the first communication device (emphasis added). Also, parent claim 12 makes clear that the first communication device generates K” and not the second communication device. This is also clear as the random number R2 is required to generate K” and R2 is encrypted with the public key of the first device and can only be decrypted by the private key of the first device which the second device does not have. Therefore, it is unclear how the second communication device generates K”. Dependent claim 17 is rejected for containing the same indefinite language as parent claim 15 without further remedying the indefinite language.
Claim 22 recites the limitation “the state.” There is insufficient antecedent basis for this limitation. It is suggested the limitation be amended to “[[the]] a state”.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:



Claims 12-23 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter. Claim 12 is directed towards a “second communication device” configured to perform various operations. The claim does not recite any specific hardware that makes up the claimed second communication device. The claim may, therefore, be considered to be accomplished entirely in software. As such, the claim is considered to be directed towards software per se and is therefore, non-statutory. Similarly, claim 13 is directed towards a “first communication device” configured to perform various actions without reciting any actual hardware making up the first communication device. Claim 13 is, therefore, considered to be directed towards software per se for similar reasons to claim 12 and is thus, non-statutory. Dependent claims 14-23 are rejected for failing to further define parent claim 12 as statutory. 

Allowable Subject Matter
Claims 1-11 would be allowable if rewritten or amended to overcome the rejection(s) under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), 2nd paragraph, set forth in this Office action.
Claims 12-23 would be allowable if rewritten or amended to overcome the rejection(s) under 35 U.S.C. 101 and 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), 2nd paragraph, set forth in this Office action.
Claim 1 recites, inter alia, “receiving by the second communication device a response from the wireless network comprising R1 and R2, R2 being ciphered using the public key PK of the certificate associated to the first communication device; generating K' by the second communication device using R1 and K;  transmitting by the second communication device to the first communication device K' and the ciphered version of R2 for the first communication device to decipher R2 using its private key PrK and to generate K" using R2 and K'”.

The closest prior art made of record are:
Guterman (cited in the IDS filed on 1/24/2019) which discloses using two random numbers to generate a key – Abstract
Lee (U.S. Pub. No. 2010/0287375) which discloses generating a session key between a server and IC card by encrypting a random number with a public key of the IC card – paragraph [0006]
Toepke et al. (U.S. Pub. No. 2010/0290351 and hereinafter referred to as Toepke) which discloses provisioning a filed device with a key using another device – Abstract and Fig. 4

While the prior art does disclose provisioning devices with other devices and generating credentials using random numbers, the prior art is not considered to disclose the combination of limitations of claim 1, in particular the use of the first and second devices to generate the keys using the random numbers in the specific manner claimed. Therefore, claim 1 does not specifically disclose “receiving by the second 

Claims 12 and 13, although different, further recite limitations similar to those of claim 1 and are therefore, considered to contain allowable subject matter for similar reasons to claim 1. Dependent claims 2-11 and 14-23 are considered to contain allowable subject based on their dependency.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Lee et al. (U.S. Pub. No. 2005/0210279) – cited for teaching generating a session key from a first and second random number – paragraph [0019]
De Kievit (U.S. Pub. No. 2016/0242032) – cited for teaching provisioning credentials between devices – Fig. 5

Any inquiry concerning this communication or earlier communications from the examiner should be directed to THADDEUS J PLECHA whose telephone number is (571)270-7506.  The examiner can normally be reached on M-F 8-4:30.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi Arani can be reached on 571-272-3787.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/THADDEUS J PLECHA/Examiner, Art Unit 2438