DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to the Amendment filed on 02/22/2021.
In the instant Amendment, claims 21-22 have been added; claim 7 and 14 are cancelled; claims 1, 8, and 15 have been amended; and claims 1, 8, and 15 are independent claims.  Claims 1-6, 8-13, and 15-22 have been examined and are pending.  This Action is made Final.
Response to Arguments
The rejection of claims 1-5, 7-12, and 14-19 under 35 U.S.C. § 102(a)(1) and § 102(a)(2) is withdrawn as the claims have been amended.
Applicants’ arguments with respect to claims 1, 8, and 15 have been considered but are moot in view of the new ground(s) of rejection, which was necessitated by amendment.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Claim 1-5, 7-12, 14-19, and 21-22 are rejected under 35 U.S.C. 103 as being unpatentable over Roth et al. (US 2016/0197937; Hereinafter “Roth”) in view of Rivera et al. (US 2007/0014416; Hereinafter “Rivera”).
Regarding claim 1, Roth teaches a method, comprising: 
receiving, by a system, a request to access software utilizing password-based authentication (Roth: Fig. 2, Para. [0038], Similarly, the system 204 may be a mobile device, such as a tablet computing device and/or cellular telephone (smart phone) having a touchscreen, keyboard and/or other input device usable by the user 202 for providing input.  [system 204 = a system] Para. [0039], In an embodiment, the interface 206 enables communication with various components with system 204 to provide the user 202 access to a resource 208. The resource 208 may be any resource by which correct presentation of a passcode is a prerequisite for access. Para. [0040], As noted above, the user 202 interacts with the interface 206 for the purpose of accessing the resource 208. As illustrated by the lock symbol on the resource 208, the resource 208 may be protected by the system from unauthorized access through one or more access control mechanisms. In order to do this, the interface 206 may be configured to require that the user 202 provide a passcode. The interface 206 may receive the passcode from the user 202 and provide the passcode to a passcode verification system 210.); 
receiving, by the system, a password for the password-based authentication (Roth: Fig. 2, Para. [0040], As noted above, the user 202 interacts with the interface 206 for the purpose of accessing the resource 208. As illustrated by the lock symbol on the resource 208, the resource 208 may be protected by the system from unauthorized access through one or more access control mechanisms. In order to do this, the interface 206 may be configured to require that the user 202 provide a passcode. The interface 206 may receive the passcode from the user 202 and provide the passcode to a passcode verification system 210.); 
computing, by the system, a hash utilizing the password and the hardware-based authenticator associated with the hardware of the system (Roth: Para. [0041], As noted above, when the user 202 presents a passcode through the interface 206, the passcode verification system 210 may generate, or cause to have generated, a hash of the passcode based at least in part on the passcode and a hardware secret and then compare the generated hash with a hash stored in the passcode database 212.); and 
verifying, by the system, that the hash computed utilizing the password and the hardware-based authenticator is correct for accessing the software (Roth: Para. [0041], If the generated hash and the stored hash match, the user 202 may be provided access to the resource 208. If, however, the generated hash and the stored hash do not match, the user may be denied access to the resource 208, at least until the user is able to provide a correct passcode or otherwise authenticate.).
Roth does not explicitly teach responsive to receiving the password, computing, by the system, a hardware-based authenticator associated with hardware of the system.
In an analogous art, Rivera teaches a system and method wherein responsive to receiving the password, computing, by the system, a hardware-based authenticator associated with hardware of the system (Rivera: Para. [0018], Commencing at block 50, in response to a request, a user inputs a password (which also encompasses a passphrase) which is received. Para. [0019], Proceeding to block 52, a security key is generated in accordance with principles known in the art. In one non-limiting embodiment the security key is for use by the TPM 13 to, e.g., encrypt data prior to storing it, and it may be generated in software using RSA public key cryptography principles known in the art. Thus, in the non-limiting embodiment shown the security key may be referred to as a TPM key and/or an RSA key. [hardware based authenticator associated with TPM is generated] Para. [0019], Para. [0020], Para. [0021]);
It would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teachings of Rivera with the system and method of Roth to include responsive to receiving the password, computing, by the system, a hardware-based authenticator associated with hardware of the system because this functionality provides for protection of passwords to generate password derived keys associated and bound to secure device hardware such as a trusted platform module (Rivera: Para. [0006]). 
Regarding claim 2, Roth, in combination with Rivera, teaches the method of claim 1, wherein the hardware-based authenticator includes a hardware-backed secret generated utilizing one of: ARM TrustZone, Trusted Platform Module (TPM), or a smart card (Roth: Para. [0071], The cryptographic module 724, which may be a trusted platform module, includes a memory subsystem 730, including a main random access memory (RAM) 728 for storage of instructions and data during program execution and a read only memory (ROM) 726, in which fixed cryptographic information may be stored, such as a hardware secret. Para. [0105], [0034], [Under the BRI, cryptographic module includes a TPM]).
Regarding claim 3, Roth, in combination with Rivera, teaches the method of claim 1, wherein computing the hash utilizing the password and the hardware-based authenticator associated with hardware of the system includes binding password hash computation to the hardware of the system (Roth: Para. [0040], As discussed above in connection with FIG. 1, the passcodes may be generated based, at least in part, on a hardware secret, where the hardware secret may be maintained by the passcode verification system 210 or by another entity with which the passcode verification system 210 is able to communicate. Para. [0043], Para. [0048], For example, the process 400 may be performed by password verifier having access to a local or remote cryptographic module having a hardware secret, such as described above.).
Regarding claim 4, Roth, in combination with Rivera, teaches the method of claim 3, wherein binding the password hash computation to the hardware of the system includes: generating a high entropy secret in a hardware-backed storage (Roth: Para. [0048], For example, the process 400 may be performed by password verifier having access to a local or remote cryptographic module having a hardware secret, such as described above.); and adding a message authentication code (MAC) or a digital signature computation step to the password hash computation every iteration (Roth: Para. [0032], Generally, the hash of the passcode may be calculated, based at least in part, on output of one or more one-way functions. Example one-way functions include, but are not limited to secure hash functions, such as MD5, as those classified as secure hash algorithm two (SHA-2) such as SHA-224, SHA-256, SHA-384 and SHA 512. For example, the hash of the passcodes may be or otherwise may be based at least in part on a keyed-hashed message authentication code (HMAC) such as HMAC_MD5, HMAC-SHA-2 (where HMAC-SHA-2 denotes HMAC using a SHA-2 function). Other example password hashes include password based key derivation functions (PBKDFs) such as PBKDF2 and Bcrypt. It should be noted that the term "one-way" is used in the practical sense and is not necessarily limited to functions within the strict mathematical definition of one way functions. [use of an HMAC includes adding the MAC to the hash computation] Para. [0033], Further, the function may be configured to have an effect on the number of computations required to calculate the function. For example, in some instances the function is configured as a composite function, where computation of the function requires the output of one function to be used as the input to another function, possibly iteratively. The number of iterations of a sub-process involved in calculating the value of a function may be a tunable parameter. Para. [0050]-[0051]).
Regarding claim 5, Roth, in combination with Rivera, teaches the method of claim 4, wherein adding the MAC or digital signature computation step to the password hash computation includes a pseudorandom function used for the password hash computation relying on a hardware-backed MAC or a hardware-backed digital signature (Roth: Para. [0032], For example, the hash of the passcodes may be or otherwise may be based at least in part on a keyed-hashed message authentication code (HMAC) such as HMAC_MD5, HMAC-SHA-2 (where HMAC-SHA-2 denotes HMAC using a SHA-2 function). Other example password hashes include password based key derivation functions (PBKDFs) such as PBKDF2 and Bcrypt. It should be noted that the term "one-way" is used in the practical sense and is not necessarily limited to functions within the strict mathematical definition of one way functions. Generally, as used herein, one-way functions are functions satisfying one or more conditions on invertability. For example, the one or more conditions may be that the probability of a random input, generating a given output, is within some bound specified as acceptable or, generally, is believed to be (e.g., as a result of experimentation) within some bound specified as acceptable. In some instances, a function may be considered one-way if there is no known formula or algorithm or for the calculating the inverse. Para. [0071], The one or more cryptographic processors may be used to perform cryptographic operations in the device and may include a random number generator, SHA-2 or other hash generator and an encryption-decryption-signature engine. Generally, one or more components of the cryptographic module 724 may be configured to collectively perform various operations used in calculating hashes of passcodes, such as described above.).
Regarding claim 8-12, claims 8-12 are rejected under the same rational as claims 1-5, respectively.
Regarding claim 15-19, claims 15-19 are rejected under the same rational as claims 1-5, respectively.
Regarding claim 21, Roth, in combination with Rivera, teaches the method of claim 1, wherein the computation of the hardware-based authenticator is a hardware-backed operation that must be executed on the hardware of the system (Rivera: Para. [0019], Proceeding to block 52, a security key is generated in accordance with principles known in the art. In one non-limiting embodiment the security key is for use by the TPM 13 to, e.g., encrypt data prior to storing it, and it may be generated in software using RSA public key cryptography principles known in the art. Thus, in the non-limiting embodiment shown the security key may be referred to as a TPM key and/or an RSA key.).
Regarding claim 22, Roth, in combination with Rivera, teaches the method of claim 1, wherein the computation of the hardware-based authenticator generates the hardware-based authenticator in hardware-backed storage of the system (Rivera: Para. [0019], Para. [0020]-[0021], Para. [0014], The system 10 may also include a trusted platform module (TPM) 13 that may be implemented by a chip, for providing security functions in accordance with TPM principles known in the art, including the encryption, using a security key, data to be stored in the system 10. Para. [0017], Now referring to FIG. 2, a non-limiting example of the present logic can be seen, it being understood that the logic may be implemented by any of the processors shown above. Para. [0019], Proceeding to block 60, the security key is encrypted using the password-derived key and stored along with the number "M" of hash cycles apart from the TPM, e.g., in memory, such as the memory 18, HDD 40, etc. Then, at block 62 the security key in its unencrypted state is imported to the device that is to use it, e.g., to the TPM 13 shown in FIG. 1. When imported into the TPM 13, the security key may have the system's storage root key (SRK) as its parent.).

Claim(s) 6, 13, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Roth et al. (US 2016/0197937; Hereinafter “Roth”) in view of Rivera et al. (US 2007/0014416; Hereinafter “Rivera”) and in view of Lily Chen, (NIST Special Publication 800-108 Recommendation for Key Derivation Using Pseudorandom Functions, Oct. 2009, NIST Computer Security Division Information Technology Laboratory, pages 1-21. (Year: 2009); Hereinafter “Chen”).
Regarding claim 6, Roth, in combination with Rivera, teaches the method of claim 4, wherein adding the MAC or digital signature computation step to the password hash computation includes adding a hardware-backed MAC or a hardware-backed digital signature (Roth: Para. [0032], For example, the hash of the passcodes may be or otherwise may be based at least in part on a keyed-hashed message authentication code (HMAC) such as HMAC_MD5, HMAC-SHA-2 (where HMAC-SHA-2 denotes HMAC using a SHA-2 function). Other example password hashes include password based key derivation functions (PBKDFs) such as PBKDF2 and Bcrypt. It should be noted that the term "one-way" is used in the practical sense and is not necessarily limited to functions within the strict mathematical definition of one way functions. Generally, as used herein, one-way functions are functions satisfying one or more conditions on invertability. Para. [0071], The one or more cryptographic processors may be used to perform cryptographic operations in the device and may include a random number generator, SHA-2 or other hash generator and an encryption-decryption-signature engine. Generally, one or more components of the cryptographic module 724 may be configured to collectively perform various operations used in calculating hashes of passcodes, such as described above.)
Roth does not explicitly teach as a pseudorandom function used by the password hash computation.  In an analogous art, Chen teaches a system and method as a pseudorandom function used by the password hash computation (NIST: Page 9-10, Section 4. When a cryptographic key KI is regarded as the seed, that is, s = KI, the output of the pseudorandom function can be used as keying material. In Section 5, several families of PRF-based key derivation functions are defined without describing the internal structure of the PRF. For key derivation, this Recommendation approves the use of either the keyed hash Message Authentication Code (HMAC) specified in [8] or the cipher-based Message Authentication Code (CMAC) specified in [7] as the pseudorandom function. For a given KDF using HMAC or CMAC, the key KI is assumed to be computationally indistinguishable from one that has been selected uniformly at random from the set of all the binary strings with length of |KI|. Sec. 5, The KDFs specified in this Recommendation are constructed using PRFs (see Section 4).)
It would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teachings of Chen with the system and method of Roth and Rivera to include as a pseudorandom function used by the password hash computation because this functionality provides for utilization of pseudorandom functions in key derivation functions when calculating HMAC values to enhance security (Chen: Page 6, Sec. 1-2). 
Regarding claim 13, claim 13 is rejected under the same rational as claim 6. 
Regarding claim 20, claim 20 is rejected under the same rational as claim 6. 
Conclusion
Applicant’s amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP 
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Nelson Giddins whose telephone number is (571)272-7993.  The examiner can normally be reached on Monday - Friday, 9:00 AM - 5:00 PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on (571) 272-4063.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/NELSON S. GIDDINS/Primary Examiner, Art Unit 2437