Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

This action is in response to the remarks filed 4/12/2021.  Claims 1-10, 12-16, 18, and 19 are pending with claims 1-7 are withdrawn due to a restriction requirement.  Claims 8-10, 12-16, 18, and 19 are under examination.  Claims 8 (a method) and 14 (a method) are independent.

Response to Arguments
Applicant's arguments filed 4/21/2021 have been fully considered but they are not persuasive. 
On page 7, ¶ 2, of the remarks, Applicant asserts that Pei does not disclose “that the second encryption key is received in an encoded format.  Pei simply states that the second key is derived based upon the token.  There is nothing about encoding the second key.”  
In other words, Applicant asserts that the token, which is used to derive a key in Pei, is not an encoding of the key.  This argument is not persuasive.
	Such that the token is used to compute a key, it is reasonably interpreted to be an encoding of said key.  Notably, none of the claims further elaborate on how the encoding or decoding of the “symmetric key” is accomplished.  As Applicant declines to specify how the “encoded symmetric key Enc(K)” is used, Applicant cannot exclude the 
	The term “encoding” is defined by the Merriam-Webster online dictionary as the act of converting (information) from one system of communication into another.  For example: “binary coding”, “ASCII encoded.”  Encoding does not require encryption or any particular transformation of data.  The “having been derived by the device based on the token” of Pei col. 3, ln. 59 describes a “token” that is a type of encoding of key data, as it is used to ‘derive’ said data.  See also Pei col. 7 ll. 25-39 describing how the keys are derived from the token.
	Examiner notes that Applicant’s encoding mechanism (Applicant’s specification ¶ 37 as originally filed) is distinct from the cited references; however, such features are not presented in the claims.
	
	On page 7, ¶ 3, of the remarks, Applicant asserts “Examiner does not address ‘receiving . . . a white-box implementation of a function’”, emphasis Applicant’s.  This argument is not persuasive. 
	As Applicant bolds the term “receiving” it is important to assess the scope of this term as claimed: “receiving, by a processor, …, a white-box implementation of a function f (K, c3).”
	Applicant’s specification defines a “processor” in ¶ 50, as originally filed, as: “The processor 420 may be any hardware device capable of executing instructions stored in memory 430 or storage 460 or otherwise processing data. As such, the processor may include a microprocessor, field programmable gate array (FPGA), application-specific 
	A CPU “receives” all data that it processes, e.g. from memory.  Thus, As recited in claims 8 and 14, “receiving, by a processor” is analogous to “processing by a processor”.  
	As described in Pei, the processing is a derivation based on the second encryption key: (“the credential may have been encrypted using the second encryption key in that the credential may have been encrypted using a session key derived from the second encryption key and the nonce.” Pei col. 8, ln. 16.  The derivation function being the claimed “f”.) 
	For context, it is important to note that elsewhere in the originally filed claims the act of receiving is defined: 
	Claim 14: “receiving, by the processor, a value c3 from another device;”
	Claim 12: “wherein, a white-box implementation of a function f( K, c3) is received form an original equipment manufacturer.”
	
	Therefore, Applicant’s claims have been carefully drafted to avoid any requirement that the “receiving” argued above is anything beyond obtaining data for processing such as from memory or other derivation by the processor.  In other words, receiving, by a processor, merely requires that the processor have the data available to it and does not require that the device containing the processor “receive” any data.
Applicant’s argument is not persuasive.


	As previously stated: “It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Pei with Medvinsky in order to provide a secure white-box interface with a crypto token so as to provide verifiable messages to authenticating servers that the white-box software and the token are legitimate. (Medvinsky cols. 2-3, bridging paragraph.)”
	As such, the prior action noted that white-box cryptography is utile in verifying that software and tokens are legitimate, i.e. not tampered with or spoofed.  Applicant’s argument is not persuasive.

	On page 8 of the remarks, Applicant asserts “Pei uses the second key to encrypt data and Pei does not teach receiving the encoded symmetric key Enc(K) as discussed above.”
	As noted above with respect to the “receiving” argument, data processed or obtained by a processor is received.  As cited: (“the second encryption key having been derived by the device based on the token.” Pei col. 3, ln. 59).  A processor deriving the second encryption key also “receives” the token used to derive said second encryption key, as it must to perform the derivation.  Applicant’s argument is not persuasive.

. 
	
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 8, 9, 14, and 15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Pei US 8,799,646 (filed 2011-12), in view of Medvinsky et al., US 10,812,269 (filed 2017-11).
With respect to claim 8, Pei discloses a method comprising: 
A method of generating a shared secret for use in a symmetric cipher, comprising: 
randomly selecting, by a processor, a valued c3; (“device 410 may generate a nonce 412 and a timestamp 414.” Pei col. 7, ln. 48)
receiving, by the processor, an encoded symmetric key Enc(K) (“the second encryption key having been derived by the device based on the token.” Pei col. 3, ln. 59), … of the symmetric cipher using the symmetric key K (“the second encryption key having been derived by the device based on the token.” Pei col. 3, ln. 59. The second encryption key being symmetric because it is not asymmetric), and … of a function f (K, c3) wherein the encoded symmetric key Enc(K) is used in …; (“the a session key derived from the second encryption key and the nonce.” Pei col. 8, ln. 16.  The derivation function being f.)
calculating the shared secret K' as K' = f(K, c3); (“session key derived from the second encryption key and the nonce.” Pei col. 8, ln. 18)
transmitting, by the processor, C3 to another device; and (“the request may include a nonce generated by the device.” Pei col. 8, ln. 14)
encrypting data using the shared secret (“credential may have been encrypted using a session key derived from the second encryption key and the nonce.” Pei col. 8, ln. 17)
…

Pei does not disclose:
a white-box implementation
a white-box implementation
the white-box implementation
by the processor … and the white-box implementation; and 
transmitting, by the processor, the encrypted data to the other device. 


Medvinsky discloses:
a white-box implementation (“An application 203 executing within a computing system 202 can employ a white box 204 to validate itself to the crypto token 205.” 
a white-box implementation (“An application 203 executing within a computing system 202 can employ a white box 204 to validate itself to the crypto token 205. White box 204 can comprise a software-based cryptographic construct providing mathematical transformation for both software implementing a cryptographic function, and, a cryptographic key.” Medvinsky col. 4, ln. 45)
the white-box implementation (“The decryption of WBK at computer 551 white box to obtain K can be described as a transformation.” Medvinsky col. 12, ln. 59)
by the processor … and the white-box implementation; and (“provide the symmetric session key K that can be employed in securing a secure communications channel, to both crypto token 552 and computer 551.” Medvinsky cols. 12-13, bridging paragraph. The computer executing software that is white-box)
 transmitting, by the processor, the encrypted data to the other device. (“provide the symmetric session key K that can be employed in securing a secure communications channel, to both crypto token 552 and computer 551.” Medvinsky cols. 12-13, bridging paragraph.)

A person of ordinary skill in the art would have combined the authentication system of Pei with the authentication system of Medvisnky by utilizing the white-box application of Medvinsky as the application of Pei and providing encrypted communications between said white-box application and a token validating the white-

With respect to claim 14, Pei discloses a method comprising: 
A method of generating a shared secret for use in a symmetric cipher, comprising: 
… a value c3 (“device 410 may generate a nonce 412 and a timestamp 414.” Pei col. 7, ln. 48)
receiving, by the processor, an encoded symmetric key Enc(K), (“the second encryption key having been derived by the device based on the token.” Pei col. 3, ln. 59) … of the symmetric cipher using the symmetric key K (“the second encryption key having been derived by the device based on the token.” Pei col. 3, ln. 59), and … of a function f (K, c3) wherein the encoded symmetric key Enc(K) is used in …; (“the credential may have been encrypted using the second encryption key in that the credential may have been encrypted using a session key derived from the second encryption key and the nonce.” Pei col. 8, ln. 16)
calculating the shared secret K' as K' = f(K, C3); and  (“session key derived from the second encryption key and the nonce.” Pei col. 8, ln. 18)


Pei does not disclose:
receiving, by a processor, … from another device;
a white-box implementation
a white-box implementation
the white-box implementation
by the processor … and the white-box implementation; and
transmitting, by the processor, the encrypted data to the other device.

Medvinsky discloses: 
receiving, by a processor, … from another device; (“Crypto token 552 generates NT, a random nonce corresponding to the crypto token 552…. crypto token 552 provides TID, NT, WBK and MACK(TID|NC|NT) to the computer 503 application.” Medvinsky col. 10, ll. 25-35)
a white-box implementation (“An application 203 executing within a computing system 202 can employ a white box 204 to validate itself to the crypto token 205.” Medvinsky col. 4, ln. 45. “provide the symmetric session key K that can be employed in securing a secure communications channel, to both crypto token 552 and computer 551.” Medvinsky cols. 12-13, bridging paragraph.)

the white-box implementation (“The decryption of WBK at computer 551 white box to obtain K can be described as a transformation.” Medvinsky col. 12, ln. 59)
by the processor … and the white-box implementation; and (“provide the symmetric session key K that can be employed in securing a secure communications channel, to both crypto token 552 and computer 551.” Medvinsky cols. 12-13, bridging paragraph. The computer executing software that is white-box)
transmitting, by the processor, the encrypted data to the other device. (“provide the symmetric session key K that can be employed in securing a secure communications channel, to both crypto token 552 and computer 551.” Medvinsky cols. 12-13, bridging paragraph.)

A person of ordinary skill in the art would have combined the authentication system of Pei with the authentication system of Medvisnky by utilizing the white-box application of Medvinsky as the application of Pei and providing encrypted communications between said white-box application and a token that provides a random nonce and validates the white-box application.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Pei with Medvinsky by additionally providing the nonce from the token in order 

	With respect to claims 9 and 15, Pei in view of Medvinsky discloses the method/method of claims 8 and 14 and further discloses:
wherein the other device is a secure element. (“provide the symmetric session key K that can be employed in securing a secure communications channel, to both crypto token 552 and computer 551.” Medvinsky cols. 12-13, bridging paragraph. Tokens are secure elements, see Medvinsky background.)

Claims 10 and 16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Pei US 8799646 (filed 2011-12), in view of Medvinsky et al., US 10,812,269 (filed 2017-11), and Negi et al., US 2016/0099814 (filed 2013-06).
With respect to claims 10 and 16, Pei in view of Medvinsky discloses the method/method of claims 8 and 14 but does not disclose:
Wherein the function f(K, c3) is a hash function.

Negi discloses: 
Wherein the function f(K, c3) is a hash function.


A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Pei in view of Medvinsky with Negi by deriving the session key of Pei (col. 8, ln. 18) in view of Medvinsky (cols. 12-13, bridging paragraph) using the hash function of Negi (¶ 35).  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Pei in view of Medvinsky with Negi in order to derive a session key using the hash function of Negi in order to obtain session keys using a deterministic but irreversible function, thereby preventing compromise of a session key from compromising the underlying key derivation information.

Claims 12 and 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Pei US 8799646 (filed 2011-12), in view of Medvinsky et al., US 10,812,269 (filed 2017-11), and Futral et al., US 2014/0040605  (filed 2012-08).
With respect to claims 12 and 18, Pei in view of Medvinsky discloses the method/method of claims 8 and 14 and further discloses:
wherein the encoded key Enc(K) (“the second encryption key having been derived by the device based on the token.” Pei col. 3, ln. 59), the white-box implementation of the symmetric cipher (“An application 203 executing within a 

Pei in view of Medvinsky does not disclose:
is received from an original equipment manufacturer.

Futral discloses:
is received from an original equipment manufacturer.
(“The OEM may use any suitable technique to obtain the public keys from the IPV and the IBV. When the OEM is manufacturing or configuring the data processing system for delivery to the customer, the OEM may store the IBV's public key 74 in the TPM.” Futral ¶ 28. “During the build process, the OEM may also store software (e.g., the ACM) from the IPV in the data processing system.” Futral ¶ 29).

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Pei in view of Medvinsky with Futral by providing the software and key material from an OEM, as done in Futral ¶¶ 28 and 29.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention for an OEM to provide the keys and programs because the manufacturing chain has a plurality of production entities ending in an OEM and .

Claims 13 and 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Pei US 8799646 (filed 2011-12), in view of Medvinsky et al., US 10,812,269 (filed 2017-11), and Rix, US 2019/0372759 (filed 2018-05).
With respect to claims 13 and 19, Pei in view of Medvinsky discloses the method/method of claims 8 and 14 and further discloses:
wherein the encoded key Enc(K) (“the second encryption key having been derived by the device based on the token.” Pei col. 3, ln. 59), the white-box implementation of the symmetric cipher (“An application 203 executing within a computing system 202 can employ a white box 204 to validate itself to the crypto token 205. White box 204 can comprise a software-based cryptographic construct providing mathematical transformation for both software implementing a cryptographic function, and, a cryptographic key.” Medvinsky col. 4, ln. 45), and a white-box implementation of a function f (K, c3) (Medvinsky col. 4, ln. 45) 

Pei in view of Medvinsky does not disclose:
is produced by a white-box service that receives an unencoded copy of the key K. 

Rix discloses: 
is produced by a white-box service (“obtain software modules directly from the library database” Rix ¶ 113. “white-box” Rix ¶ 87. “the first entity 210 provides, or makes available, the protected item of software 240 to the second entity 260” Rix ¶ 125. See also Rix ¶ 118) that receives an unencoded copy of the key K. (“the ephemeral key pair generation module 211 is arranged to generate an ephemeral asymmetric key pair for the first entity 210, i.e. a public key Kpu,1” Rix ¶ 81. Receiving by generating).

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Pei in view of Medvinsky with Rix by utilizing a white-box service to generate the application of Pei (col. 4, ln. 66) in view of Medvinsky (col. 4, ln. 45).  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Pei in view of Medvinsky with Rix in order to generate a customized protected item of software that is resistant to attack (Rix ¶ 84); thereby increasing the difficulty of attacking any individual software installation.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See PTO-892, particularly:

Murray, US 2021/0056546, discloses a system using white box encryption for communicating between a secured element and a mobile phone.

THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

                                                                                                                                                               
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL W CHAO whose telephone number is (571)272-5165.  The examiner can normally be reached on M, W-F 8-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571) 272-4006.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/MICHAEL W CHAO/Examiner, Art Unit 2492