Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .



DETAILED ACTION
This action is in response to the communication filed on 02/20/2020.
Claims 24-46 are under examination.
The Information Disclosure Statements filed on 02/20/2020 has been entered and considered.

Allowable Subject Matter
Claim 32 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

  
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the claims at issue are not In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the reference application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159.  See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/forms/. The filing date of the application in which the form is filed  determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 24-46 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-21 of U.S. Patent No. 10,594,491. Although the claims at issue are not identical, they are not patentably distinct from each other because the subject matter claimed in the .
	

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claims 24-28, 30, 33-41 and 43-46 are rejected under 35 U.S.C. 103 as being unpatentable over Callaghan (US 2005/0283566 A1), Sibert (US 2012/0317344 A1), Arava (US 2011/0085660 A1), Anderson et al. (US 10,372,528 B1), O’Connor et al. (US 2009/0006886 A1).
Regarding claim 24, Callaghan discloses A system for managing encrypted memory [abs, encrypt /decrypt data as well as perform authentication checks to ensure the integrity of data and/or deter attacks thereon] comprising: a processing unit to: detect that a first integrity based on data being stored in a system memory does not matches a second integrity based on data retrieved from the system memory [par. 0074, “When that unit of data is to be read, the hash function can be again applied to the data to produce a second hash digest, which can be compared to the first hash digest. If the two digest are different the data has been corrupted and an error can be generated”]; decrypt a block of the data stored in the system memory [par. 0014, “the self-testing RAM can continuously test and correct for memory errors during system operation”, par. 0020, “error correction techniques (e.g., Hamming Code) can be utilized to try to correct corrupted data. If the error can be corrected that data can still be passed to the CPU without problems”, par. 0074, “The error can then prevent execution of corrupt data that could cause erroneous operations and/or disastrous effects depending on the application. However, the present invention also contemplates utilizing error correction techniques including but not limited to Hamming codes to correct errors, if possible, prior to generating an error at 1860. If an error is in fact generated at 1860 then the process terminates thereafter. If, however, the data was not corrupt then the data can be decrypted (if encrypted) at 1870”].
Callaghan does not explicitly disclose using message authentication cod (MAC) for integrity check value; 
However Sibert teaches using message authentication cod (MAC) for integrity check value [par. 0030, “The encrypt and decrypt functions may be combined with an integrity protecting function that computes a footprint of the data content in order to write it during a write operation or to verify it during a read operation. This integrity-protecting function may be a public signature, a message authentication code (MAC), or the like”].
At the time of the invention, it would have been obvious to a person having ordinary skill in the art to incorporate the teaching of Sibert into the teaching of Callaghan with the motivation to store and retrieve data securely, protecting the integrity of the data as taught by Sibert [Sibert: par. 0030].
They do not explicitly disclose wherein a size of the block corresponds to a size of a block cipher's input or output;
However, Arava teaches wherein a size of the block corresponds to a size of a block cipher's input or output [par. 0005, the Advanced Encryption Standard (AES), which includes three block ciphers, AES-128, AES-192, and AES-256 having 128-bit block size with key sizes of 128, 192, and 256 bits];
At the time of the invention, it would have been obvious to a person having ordinary skill in the art to incorporate the teaching of Arava into the teaching of Callaghan and Sibert with the motivation for encrypting data based on the Advanced Encryption Standard (AES) block algorithm  as taught by Arava [Arava: par. 0003].
They do not explicitly disclose determine that entropy of plaintext in the decrypted block of the data is above a threshold level.
However Anderson et al. teaches determine that entropy of plaintext in the decrypted block of the data is above a threshold level [col. 10, lines 17-19, “the method 500 may include determining if a threshold level of randomness has been met (i.e. whether the entropy level is high enough)”]; 
At the time of the invention, it would have been obvious to a person having ordinary skill in the art to incorporate the teaching of Anderson et al. into the teaching of Callaghan,  Sibert and Arava with the motivation to assure the randomness and generate the corrected data by applying error correcting codes to the data with errors [Anderson et al.:abs, col. 10, lines 17-19].
They do not explicitly disclose perform a correction operation on each device in the system memory storing a portion of the block of the data, wherein the correction operation comprises an XOR operation based on the data retrieved from the system memory and a replacement value for a device of the system memory.
However, O’Connor et al. in the field relates to error detection and correction in a RAID memory system teaches and perform a correction operation on each device in the system memory storing a portion of the block of the data, wherein the correction operation comprises an XOR operation based on the data retrieved from the system memory and a replacement value for a device of the system memory [par. 0072, “Once the error has been isolated, error correction is accomplished simply by the XOR of the other row data elements with the RAID-3 stored RAID-3 checksum: D42=D40+D41+D43+P04 or the XOR of column data elements with the stored RAID-6 checksum: D42=D02+D12+D22+D32+D52+ . . . +DB2+DC2+DD2+DE2+DF2+Q02. The other RAID-6, [18, 16] R-S equation can also be used to correct for the error”];
[O’Connor et al.: par. 0027].
Regarding claim 25, the rejection of claim 24 is incorporated.
Callaghan discloses recalculating the second integrity check value [par. 0014].
Sibert teaches using message authentication cod (MAC) for integrity check value [par. 0030].
O’Connor et al. further teaches the correction operation comprises recalculating for a plurality of devices of the system memory [par. 0147];
At the time of the invention, it would have been obvious to a person having ordinary skill in the art to incorporate the teaching of O’Connor et al. into the teaching of Callaghan and Sibert with the motivation to for correcting errors in a memory system as taught by O’Connor et al. [O’Connor et al.: par. 0027].
Regarding claim 26, the rejection of claim 25 is incorporated.
O’Connor et al. further teaches the processor is to execute the XOR operation for each of the plurality of devices, wherein the XOR operation is based on the replacement value and the data stored in each of the plurality of devices with one device excluded [par. 0072, “Once the error has been isolated, error correction is accomplished simply by the XOR of the other row data elements with the RAID-3 stored RAID-3 checksum: D42=D40+D41+D43+P04 or the XOR of column data elements with the stored RAID-6 checksum: D42=D02+D12+D22+D32+D52+ . . . +DB2+DC2+DD2+DE2+DF2+Q02. The other RAID-6, [18, 16] R-S equation can also be used to correct for the error”];
At the time of the invention, it would have been obvious to a person having ordinary skill in the art to incorporate the teaching of O’Connor et al. into the teaching of Callaghan and Sibert with the motivation to for correcting errors in a memory system as taught by O’Connor et al. [O’Connor et al.: par. 0027].
Regarding claim 27, the rejection of claim 24 is incorporated.
Callaghan discloses generate a non-correctable error in response to detecting the recalculated second [[MAC]] does not match the first [[MAC]] for each device of the system memory [par. 0014, “the self-testing RAM can continuously test and correct for memory errors during system operation”, par. 0020, “error correction techniques (e.g., Hamming Code) can be utilized to try to correct corrupted data. If the error can be corrected that data can still be passed to the CPU without problems”, par. 0074, “The error can then prevent execution of corrupt data that could cause erroneous operations and/or disastrous effects depending on the application. However, the present invention also contemplates utilizing error correction techniques including but not limited to Hamming codes to correct errors, if possible, prior to generating an error at 1860. If an error is in fact generated at 1860 then the process terminates thereafter. If, however, the data was not corrupt then the data can be decrypted (if encrypted) at 1870”].
Sibert teaches using message authentication cod (MAC) for integrity check value [par. 0030, “The encrypt and decrypt functions may be combined with an integrity protecting function that computes a footprint of the data content in order to write it during a write operation or to verify it during a read operation. This integrity-protecting function may be a public signature, a message authentication code (MAC), or the like”].
At the time of the invention, it would have been obvious to a person having ordinary skill in the art to incorporate the teaching of Sibert into the teaching of Callaghan with the motivation to store and retrieve data securely, protecting the integrity of the data as taught by Sibert [Sibert: par. 0030].
Regarding claim 28, the rejection of claim 24 is incorporated.
Callaghan further discloses wherein the second MAC is calculated in response to detecting a read operation [par. 0074, “When that unit of data is to be read, the hash function can be again applied to the data to produce a second hash digest, which can be compared to the first hash digest. If the two digest are different the data has been corrupted and an error can be generated”].
Regarding claim 30, the rejection of claim 1 is incorporated.
Sibert further teaches the block cipher of the present invention advantageously produces both decrypted output and a validation value [par. 0030, “The encrypt and decrypt functions may be combined with an integrity protecting function that computes a footprint of the data content in order to write it during a write operation or to verify it during a read operation. This integrity-protecting function may be a public signature, a message authentication code (MAC), or the like”].
At the time of the invention, it would have been obvious to a person having ordinary skill in the art to incorporate the teaching of Sibert into the teaching of Callaghan with the [Sibert: par. 0030].
Regarding claim 33, it recites limitations similar to claim 24. The reason for the rejection of claim 24 is incorporated herein.
Regarding claim 34, the rejection of claim 33 is incorporated.
Sibert teaches generate the first MAC based on cipher text data stored in the system memory [par. 0030, “The encrypt and decrypt functions may be combined with an integrity protecting function that computes a footprint of the data content in order to write it during a write operation or to verify it during a read operation. This integrity-protecting function may be a public signature, a message authentication code (MAC), or the like”].
At the time of the invention, it would have been obvious to a person having ordinary skill in the art to incorporate the teaching of Sibert into the teaching of Callaghan with the motivation to store and retrieve data securely, protecting the integrity of the data as taught by Sibert [Sibert: par. 0030].
O’Connor et al. teaches generate the first integrity check value based on an XOR operation comprising cipher text data stored in the system memory [par. 0072, “Once the error has been isolated, error correction is accomplished simply by the XOR of the other row data elements with the RAID-3 stored RAID-3 checksum: D42=D40+D41+D43+P04 or the XOR of column data elements with the stored RAID-6 checksum: D42=D02+D12+D22+D32+D52+ . . . +DB2+DC2+DD2+DE2+DF2+Q02. The other RAID-6, [18, 16] R-S equation can also be used to correct for the error”];
[O’Connor et al.: par. 0027].
Regarding claim 35, the rejection of claim 33 is incorporated.
Callaghan further teaches the processor is to decrypt the data stored in the system memory and the first block correction value [par. 0014, “the self-testing RAM can continuously test and correct for memory errors during system operation”, par. 0020, “error correction techniques (e.g., Hamming Code) can be utilized to try to correct corrupted data. If the error can be corrected that data can still be passed to the CPU without problems”, par. 0074, “The error can then prevent execution of corrupt data that could cause erroneous operations and/or disastrous effects depending on the application. However, the present invention also contemplates utilizing error correction techniques including but not limited to Hamming codes to correct errors, if possible, prior to generating an error at 1860. If an error is in fact generated at 1860 then the process terminates thereafter. If, however, the data was not corrupt then the data can be decrypted (if encrypted) at 1870”].
Regarding claim 36, the rejection of claim 33 is incorporated.
O’Connor et al. further teaches the system comprises a single device in the system memory to store the first block correction value [par. 0020, “RAID-3, RAID-4 and RAID-5 are very similar in that they use a single XOR check sum to correct for a single data element error. RAID-3 is byte-level striping with dedicated parity HDD. RAID-4 uses block level striping with a dedicated parity HDD”].
Regarding claim 37, it recites limitations similar to claim 24. The reason for the rejection of claim 24 is incorporated herein.
Regarding claim 38, it recites limitations similar to claim 25. The reason for the rejection of claim 25 is incorporated herein.
Regarding claim 39, it recites limitations similar to claim 26. The reason for the rejection of claim 26 is incorporated herein.
Regarding claim 40, it recites limitations similar to claim 27. The reason for the rejection of claim 27 is incorporated herein.
Regarding claim 41, it recites limitations similar to claim 28. The reason for the rejection of claim 28 is incorporated herein.
Regarding claim 43, it recites limitations similar to claim 24. The reason for the rejection of claim 24 is incorporated herein.
Regarding claim 44, it recites limitations similar to claim 25. The reason for the rejection of claim 25 is incorporated herein.
Regarding claim 45, it recites limitations similar to claim 26. The reason for the rejection of claim 26 is incorporated herein.
Regarding claim 46, it recites limitations similar to claim 27. The reason for the rejection of claim 27 is incorporated herein.

Claim 29 is rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over Callaghan (US 2005/0283566 A1), Sibert (US 2012/0317344 A1), Arava (US 2011/0085660 A1), Anderson et al. (US 10,372,528 B1), O’Connor et al. (US 2009/0006886 A1) as applied to claims 24-28, 30, 33-41 and 43-46 above, and further in view of Kitamura et al. (US 4,701,915 A).
Regarding claim 29, the rejection of claim 24 is incorporated.
Callaghan discloses the processor comprises logic to execute the correction command comprises generating the second MAC with the replacement value for each device of the system memory.
They do not teach the processor comprises logic to execute the correction command in a parallel pipeline.
However Kitamura et al. in the field relates to an error recovery system and method in a data processor teaches the processor comprises logic to execute the correction command in a parallel pipeline [col. 2, lines 61-66, “The method includes the steps of using an error detection and correction code for each microinstruction stored in the control storage; checking the microinstructions read in sequence in parallel with the processing in the pipeline processing portion by means of an error detecting means”].
At the time of the invention, it would have been obvious to a person having ordinary skill in the art to incorporate the teaching of Kitamura et al. into the teaching of Callaghan, Sibert, O’Connor et al. and Hall with the motivation such that the error recovery is therefore carried out by stopping and subsequently restarting the pipeline process without having to reexecute the machine instruction from the beginning as taught by Kitamura et al. [Kitamura et al.: col. 3, lines 7-10].

Claims 31 and 42 are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over Callaghan (US 2005/0283566 A1), Sibert (US 2012/0317344 A1), Arava (US 2011/0085660 A1), Anderson et al. (US 10,372,528 B1), O’Connor et al. (US 2009/0006886 A1) as applied to claim 24-28, 30, 33-41 and 43-46 above, and further in view of Gueron et al. (US 2014/0223197 A1).
Regarding claim 31, the rejection of claim 24 is incorporated.
Callaghan and Sibert discloses the processor the processor is to generate the first MAC and the second MAC.
They do not teach the processor is to rekey the first MAC and the second MAC in response to expiration of a predetermined period of time.
However, Gueron teaches the processor is to rekey the first MAC and the second MAC in response to expiration of a predetermined period of time [par. 0105, “After a shutdown, the system is initialized with a new random key to generate MACs”].
At the time of the invention, it would have been obvious to a person having ordinary skill in the art to incorporate the teaching of Gueron into the teaching of Callaghan (US 2005/0283566 A1), Sibert (US 2012/0317344 A1), Arava (US 2011/0085660 A1), Anderson et al. (US 10,372,528 B1), O’Connor et al. (US 2009/0006886 A1) with the motivation to provide cryptographic integrity checks and replay protection to protect against hardware attacks on system memory as taught by Gueron [Gueron: abs.].
Regarding claim 42, it recites limitations similar to claim 31. The reason for the rejection of claim 31 is incorporated herein.


 
Conclusion
The prior art made of record and not relied upon is considered pertinent to Applicant’s disclosure:
US 6845449 B1	System and method for fast nested message authentication codes and error correction codes
US 20120311239 A1	DATA INTERLEAVING SCHEME FOR AN EXTERNAL MEMORY OF A SECURE MICROCONTROLLER
US 20070033417 A1	Apparatus and method for protecting the integrity of data
US 20110041039 A1	Controller and Method for Interfacing Between a Host Controller in a Host and a Flash Memory Device
US 20090147947 A1	DIGITAL-ENCRYPTION HARDWARE ACCELERATOR
US 9405920 B1	Data integrity verification
US 9496897 B1	Methods and apparatus for generating authenticated error correcting codes

Any inquiry concerning this communication or earlier communications from the examiner should be directed to JASON CHIANG whose telephone number is (571)270-3393.  The examiner can normally be reached on 9 AM to 6 PM.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/JASON CHIANG/Primary Examiner, Art Unit 2431