DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The amendment filed 3/30/2021 has been placed of record in the file.
Claims 1, 11, and 14 have been amended.
Claims 1-4, 6-8, 10-17, and 19-23 are pending.
The applicant’s arguments with respect to claims 1-4, 6-8, 10-17, and 19-23 have been considered but are moot in view of the following new grounds of rejection.
The IDS filed 4/5/2021 has been considered.

Response to Amendment
Claims have been amended to show further use of the application identifier.  The amendment proves a change in scope to the independent claims as the independent claims now explicitly state recovering the encrypted symmetric key and the first unique identifier using the application identifier, etc.  However, none of the amended claims show a patentable distinction over the prior art as evidenced by the following new grounds of rejection.

Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person 

Claims 1-4, 6-8, 10-17, and 19-23 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement.  The claims contain subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention.
The independent claims recite “recovering, by the first device and using an application identifier associated with an application executing on the first device, the encrypted symmetric key and the first unique identifier from the encrypted peer-to-peer communication.”  It is unclear how the invention operates to utilize the application identifier in this way and no support for such a limitation could be found in the specification.  The specification appears to only address use of the application identifier in the deriving of the key-encrypting key.

Claim Rejections - 35 USC § 103
11.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
12.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

13.	Claims 1-4, 6-8, 10-17, and 19-22 are rejected under 35 U.S.C. 103 as being unpatentable over Abbott (U.S. Patent Application Publication Number 2016/0149899) in view of Yang et al. (U.S. Patent Application Publication Number 2017/0093565), hereinafter referred to as Yang, in view of Broustis et al. (U.S. Patent Application Publication Number 2013/0290696), hereinafter referred to as Broustis, further in view of Statica (U.S. Patent Number 9,083,529) listed on the Notice of References Cited dated 2/21/2019.
Abbott disclosed techniques for transmitting public keys to be used in secure communications between devices.  In an analogous art, Yang disclosed techniques for provisioning electronic Subscriber Identity Modules.  Also in an analogous art, Broustits disclosed techniques for provisioning keys to be used in secure communications between devices.  Also in an analogous art, Statica disclosed techniques for issuing public keys to be used in secure communications between devices.  All of these systems deal directly with the provision of sensitive data for use in secure communications.
Regarding claim 1, Abbott discloses a method comprising: generating, by a first device, a first asymmetric key pair (paragraph 30, generates identity keys); assigning, by the first device, a unique identifier to each pair of the first asymmetric key pair (paragraph 30, key pair specific to device and user); storing the first private key and their associated unique identifiers in a memory of the first device (paragraph 30, private identity key is private, and paragraph 36, storage of own key pair); transmitting, from the first device, the first public key and their associated unique identifiers to a first server (paragraph 30, entrusts public identity key to server); generating, by the first device, a second asymmetric key pair (paragraph 35, generates session keys); assigning, by the first device, a unique identifier to each pair of the second asymmetric key pair (paragraph 35, key pair specific to device and user); storing the second 
Abbott does not explicitly state that each asymmetric key pair is a plurality of asymmetric key pairs, where each private key and public key is thereby a plurality of private keys and a plurality of public keys, respectively.  However, generating groups of asymmetric key pairs was well known in the art as evidenced by Yang.  Since the inventions encompass the same field of endeavor, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Abbott by adding the ability that each asymmetric key pair is a plurality of asymmetric key pairs, where each private key and public key is thereby a plurality of private keys and a plurality of public keys as provided by Yang (see paragraph 73, multiple ephemeral key pairs).  One of ordinary skill in the art would have recognized the benefit that using keys in such a way would assist in encrypting sensitive data prior to provisioning sessions with targets (see Yang, paragraph 6).
Abbott does not explicitly state wherein the encrypted peer-to-peer communication comprises an encrypted symmetric key, a public key associated with the second device, and a 
The combination of Abbott and Yang does not explicitly state the key agreement protocol using an application identifier associated with the first device.  However, using application-specific keys in such a fashion was well known in the art as evidenced by Broustis.  Since the inventions encompass the same field of endeavor, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Abbott and Yang by adding the ability for the key agreement protocol using an application identifier associated with the first device as provided by Broustis (see paragraph 53, derives application-specific key using shared key material and particular application identifier).  One of ordinary skill in the art would have recognized the benefit that using keys in such a way would assist in establishing secure communications between computing devices (see Broustis, paragraph 5).
The combination of Abbott, Yang, and Broustis does not explicitly state the recovering using an application identifier associated with an application executing on the first device.  However, using application identifiers in message binding was well known in the art as evidenced by Statica.  Since the inventions encompass the same field of endeavor, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Abbott, Yang, and Broustis by adding the ability for the recovering using an application identifier associated with an application executing on the first device as provided by Statica (see column 5, lines 44-50, encapsulation uses recipient’s appID for message binding).  One of ordinary skill in the art would have recognized the benefit that 
Regarding claim 2, the combination of Abbott, Yang, Broustis, and Statica discloses generating, by the first device, a signature for each of the public keys of the first plurality of asymmetric keys; encrypting, by the first device, the first plurality of public keys, their assigned unique identifiers, and the signature for each of the public keys using a public key of the first server; transmitting, from the first device, the first plurality of encrypted public keys, the encrypted unique identifiers, and the encrypted signature for each of the public keys to the first server (Abbott, paragraph 32, digital certificate is signed, and paragraph 30, entrusts public identity key to server, where it would have been obvious to use the public key of the recipient to encrypt data when using PKI in order to further secure the communication of the data).
Regarding claim 3, the combination of Abbott, Yang, Broustis, and Statica discloses encrypting, by the first device and prior to being stored in the memory, each of the first plurality of private keys and their associated unique identifiers using a local storage key (Abbott, paragraph 36, storage of own key pair, where it would have been obvious to encrypt a stored key in order to further secure the storage).
Regarding claim 4, the combination of Abbott, Yang, Broustis, and Statica discloses generating, by the first device, a signature for each of the public keys of the second plurality of asymmetric keys; calculating, by the first device, a first encryption key, wherein the first encryption key is calculated by inputting a first set of pseudorandom bytes into a key derivation function; encrypting, by the first device, the second plurality of public keys, their assigned unique identifiers, and the signature for each of the public keys using the first encryption key; transmitting, from the first device, the second plurality of encrypted public keys, the encrypted 
Regarding claim 6, the combination of Abbott, Yang, Broustis, and Statica discloses encrypting, by the first device, the first encryption key (Yang, paragraph 58, encrypts symmetric key with KEK).
Regarding claim 7, the combination of Abbott, Yang, Broustis, and Statica discloses transmitting, from the first device, the encrypted first encryption key with the second plurality of encrypted public keys, the encrypted unique identifiers, and the encrypted signature for each of the public keys (Abbott, paragraph 34, key exchange message contains public session key and signed digital certificate, and Yang, paragraph 58, provides encrypted package).
Regarding claim 8, the combination of Abbott, Yang, Broustis, and Statica discloses encrypting, by the first device and prior to being stored in the memory, each of the second plurality of private keys and their associated unique identifiers using a local storage key (Abbott, paragraph 36, storage of own key pair, where it would have been obvious to encrypt a stored key in order to further secure the storage).
Regarding claim 10, the combination of Abbott, Yang, Broustis, and Statica discloses receiving, at the first device, a third plurality of public keys, a unique identifier for each of public key in the third plurality of public keys, and a signature for each of the third plurality of public keys from the second device; validating, at the first device, the signature for each public key in the third plurality of public keys; and storing, at the first device, the third plurality of public keys and the unique identifier for each public key in the third plurality of public keys when the 
Regarding claim 11, Abbott discloses a computing device comprising: one or more processors: and memory comprising instructions that, when executed by the one or more processors, cause the computing device to: generate a first asymmetric key pair (paragraph 30, generates identity keys); assign each pair of the first asymmetric key pair a unique identifier (paragraph 30, key pair specific to device and user); store the first private key and their associated unique identifiers (paragraph 30, private identity key is private, and paragraph 36, storage of own key pair); transmit, to a first server, the first public key and their associated unique identifiers (paragraph 30, entrusts public identity key to server); generate a second asymmetric key pair (paragraph 35, generates session keys); assign each pair of the second asymmetric key pair a unique identifier (paragraph 35, key pair specific to device and user); store the second private key and their associated unique identifiers (paragraph 35, private session key is private, and paragraph 36, storage of own key pair); transmit, to a second device, the second public key and their associated unique identifiers (paragraphs 34 and 45, key exchange message); receive, and from the second device, an encrypted peer-to-peer communication (paragraph 37, peer-to-peer communication, and paragraph 38, message encrypted with public session key); retrieve a private key associated with the public key and decrypt, using the private key, the encrypted peer-to-peer communication (paragraph 38, message decrypted with matching private session key); and delete, based on decrypting the encrypted peer-to-peer communication, the private key (paragraph 41, destroys session keys).
plurality of asymmetric key pairs, where each private key and public key is thereby a plurality of private keys and a plurality of public keys, respectively.  However, generating groups of asymmetric key pairs was well known in the art as evidenced by Yang.  Since the inventions encompass the same field of endeavor, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Abbott by adding the ability that each asymmetric key pair is a plurality of asymmetric key pairs, where each private key and public key is thereby a plurality of private keys and a plurality of public keys as provided by Yang (see paragraph 73, multiple ephemeral key pairs).  One of ordinary skill in the art would have recognized the benefit that using keys in such a way would assist in encrypting sensitive data prior to provisioning sessions with targets (see Yang, paragraph 6).
Abbott does not explicitly state wherein the encrypted peer-to-peer communication comprises an encrypted symmetric key, a public key associated with the second device, and a first unique identifier corresponding to the public key; and the computing device to: recover the encrypted symmetric key and the first unique identifier from the encrypted peer-to-peer communication; retrieve, based on the first unique identifier, a private key associated with the public key; derive a key-encrypting key, wherein the key-encrypting key is derived according to a key agreement protocol using the private key associated with the public key and a public key of the second device; decrypt, using the key-encrypting key, the encrypted symmetric key; and decrypt, using the symmetric key, the encrypted peer-to-peer communication.  However, using symmetric keys in such a fashion was well known in the art as evidenced by Yang.  Since the inventions encompass the same field of endeavor, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system of 
The combination of Abbott and Yang does not explicitly state the key agreement protocol using an application identifier associated with the first device.  However, using application-specific keys in such a fashion was well known in the art as evidenced by Broustis.  Since the inventions encompass the same field of endeavor, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Abbott and Yang by adding the ability for the key agreement protocol using an application identifier associated with the first device as provided by Broustis (see paragraph 53, derives 
The combination of Abbott, Yang, and Broustis does not explicitly state the recovering using an application identifier associated with an application executing on the first device.  However, using application identifiers in message binding was well known in the art as evidenced by Statica.  Since the inventions encompass the same field of endeavor, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Abbott, Yang, and Broustis by adding the ability for the recovering using an application identifier associated with an application executing on the first device as provided by Statica (see column 5, lines 44-50, encapsulation uses recipient’s appID for message binding).  One of ordinary skill in the art would have recognized the benefit that encapsulating messages in such a way would assist in providing users of electronic devices with private and secure communications (see Statica, column 1, lines 25-30).
Regarding claim 12, the combination of Abbott, Yang, Broustis, and Statica discloses wherein the instructions, when executed by the one or more processors, cause the computing device to: sign each public key in the first plurality of public keys prior to transmitting the first plurality of public keys and their associated identifiers to the first server (Abbott, paragraph 32, digital certificate is signed).
Regarding claim 13, the combination of Abbott, Yang, Broustis, and Statica discloses wherein the instructions, when executed by the one or more processors, cause the computing device to: sign each public key in the second plurality of public keys prior to transmitting the 
Regarding claim 14, Abbott discloses a non-transitory computer-readable medium comprising instructions that when, executed by a least one processor, perform the steps of: generating a first asymmetric key pair (paragraph 30, generates identity keys); assigning a unique identifier to each pair of the first asymmetric key pair (paragraph 30, key pair specific to device and user); storing the first private key and their associated unique identifiers in a memory of the first device (paragraph 30, private identity key is private, and paragraph 36, storage of own key pair); transmitting the first public key and their associated unique identifiers to a first server (paragraph 30, entrusts public identity key to server); generating a second asymmetric key pair (paragraph 35, generates session keys); assigning a unique identifier to each pair of the second asymmetric key pair (paragraph 35, key pair specific to device and user); storing the second private key and their associated unique identifiers in the memory (paragraph 35, private session key is private, and paragraph 36, storage of own key pair); transmitting the second public key and their associated unique identifiers to a second device (paragraphs 34 and 45, key exchange message); receiving, from the second device, an encrypted peer-to-peer communication (paragraph 37, peer-to-peer communication, and paragraph 38, message encrypted with public session key); retrieving a private key associated with the public key and decrypting, using the private key, the encrypted peer-to-peer communication (paragraph 38, message decrypted with matching private session key); and deleting, from the memory and based on the decrypting the encrypted peer-to-peer communication, the private key (paragraph 41, destroys session keys).
Abbott does not explicitly state that each asymmetric key pair is a plurality of asymmetric key pairs, where each private key and public key is thereby a plurality of private keys and a plurality of public keys, respectively.  However, generating groups of asymmetric key pairs was well known in the art as evidenced by Yang.  Since the inventions encompass the same field of endeavor, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Abbott by adding the ability that each asymmetric key pair is a plurality of asymmetric key pairs, where each private key and public key is thereby a plurality of private keys and a plurality of public keys as provided by Yang (see paragraph 73, multiple ephemeral key pairs).  One of ordinary skill in the art would have recognized the benefit that using keys in such a way would assist in encrypting sensitive data prior to provisioning sessions with targets (see Yang, paragraph 6).
Abbott does not explicitly state wherein the encrypted peer-to-peer communication comprises an encrypted symmetric key, a public key associated with the second device, and a first unique identifier corresponding to the public key; recovering the encrypted symmetric key and the first unique identifier from the encrypted peer-to-peer communication; retrieving, based on the first unique identifier, a private key associated with the public key; deriving a key-encrypting key, wherein the key-encrypting key is derived according to a key agreement protocol using the private key associated with the public key and a public key of the second device; decrypting, using the key-encrypting key, the encrypted symmetric key; and decrypting, using the symmetric key, the encrypted peer-to-peer communication.  However, using symmetric keys in such a fashion was well known in the art as evidenced by Yang.  Since the inventions encompass the same field of endeavor, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Abbott by adding the ability that the encrypted peer-to-peer communication comprises an encrypted symmetric key, a public key associated with the second device, and a first unique identifier 
The combination of Abbott and Yang does not explicitly state the key agreement protocol using an application identifier associated with the first device.  However, using application-specific keys in such a fashion was well known in the art as evidenced by Broustis.  Since the inventions encompass the same field of endeavor, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Abbott and Yang by adding the ability for the key agreement protocol using an application identifier associated with the first device as provided by Broustis (see paragraph 53, derives application-specific key using shared key material and particular application identifier).  One of ordinary skill in the art would have recognized the benefit that using keys in such a way would 
The combination of Abbott, Yang, and Broustis does not explicitly state the recovering using an application identifier associated with an application configured to be executed by the at least one processor.  However, using application identifiers in message binding was well known in the art as evidenced by Statica.  Since the inventions encompass the same field of endeavor, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Abbott, Yang, and Broustis by adding the ability for the recovering using an application identifier associated with an application configured to be executed by the at least one processor as provided by Statica (see column 5, lines 44-50, encapsulation uses recipient’s appID for message binding).  One of ordinary skill in the art would have recognized the benefit that encapsulating messages in such a way would assist in providing users of electronic devices with private and secure communications (see Statica, column 1, lines 25-30).
Regarding claim 15, the combination of Abbott, Yang, Broustis, and Statica discloses instructions for: generating a signature for each of the public keys of the first plurality of asymmetric keys; encrypting the first plurality of public keys, their assigned unique identifiers, and the signature for each of the public keys using a public key of the first server; transmitting the first plurality of encrypted public keys, the encrypted unique identifiers, and the encrypted signature for each of the public keys to the first server (Abbott, paragraph 32, digital certificate is signed, and paragraph 30, entrusts public identity key to server, where it would have been obvious to use the public key of the recipient to encrypt data when using PKI in order to further secure the communication of the data).
Regarding claim 16, the combination of Abbott, Yang, Broustis, and Statica discloses instructions for: encrypting, prior to being stored in the memory, each of the first plurality of private keys and their associated unique identifiers using a local storage key (Abbott, paragraph 36, storage of own key pair, where it would have been obvious to encrypt a stored key in order to further secure the storage).
Regarding claim 17, the combination of Abbott, Yang, Broustis, and Statica discloses instructions for: generating a signature for each of the public keys of the second plurality of asymmetric keys; calculating a first encryption key, wherein the first encryption key is calculated by inputting a first set of pseudorandom bytes into a key derivation function; encrypting the second plurality of public keys, their assigned unique identifiers, and the signature for each of the public keys using the first encryption key; transmitting the second plurality of encrypted public keys, the encrypted unique identifiers, and the encrypted signature for each of the public keys to the second device (Abbott, paragraph 34, key exchange message contains public session key and signed digital certificate, where it would have been obvious to use an encryption key to encrypt data when using PKI in order to further secure the communication of the data).
Regarding claim 19, the combination of Abbott, Yang, Broustis, and Statica discloses instructions for: encrypting the first encryption key (Yang, paragraph 58, encrypts symmetric key with KEK).
Regarding claim 20, the combination of Abbott, Yang, Broustis, and Statica discloses instructions for: transmitting the encrypted first encryption key with the second plurality of encrypted public keys, the encrypted unique identifiers, and the encrypted signature for each of the public keys (Abbott, paragraph 34, key exchange message contains public session key and signed digital certificate, and Yang, paragraph 58, provides encrypted package).
Regarding claim 21, the combination of Abbott, Yang, Broustis, and Statica discloses instructions for: encrypting, prior to being stored in memory, each of the second plurality of private keys and their associated unique identifiers using a local storage key (Abbott, paragraph 36, storage of own key pair, where it would have been obvious to encrypt a stored key in order to further secure the storage).
Regarding claim 22, the combination of Abbott, Yang, Broustis, and Statica discloses instructions for: retrieving, based on an identifier included in the peer-to-peer communication, a private key from the memory; and decrypting the peer-to-peer communication using, in part, the private key (Abbott, paragraph 38, message decrypted with matching private session key).

14.	Claim 23 is rejected under 35 U.S.C. 103 as being unpatentable over Abbott in view of Yang, in view of Broustis, in view of Statica, further in view of Gero et al. (U.S. Patent Application Publication Number 2015/0067338), hereinafter referred to as Gero.
The combination of Abbott, Yang, Broustis, and Statica disclosed techniques for transmitting public keys to be used in secure communications between devices.  In an analogous art, Gero disclosed techniques for using Ephemeral Diffie-Hellman key exchange.  Both systems deal directly with the provision of sensitive data for use in secure communications.
Regarding claim 23, the combination of Abbott, Yang, Broustis, and Statica does not explicitly state wherein the signature for each public key in the third plurality of public keys comprises a signature chain.  However, using trust chains in such a fashion was well known in the art as evidenced by Gero.  Since the inventions encompass the same field of endeavor, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Abbott, Yang, Broustis, and Statica by adding .

Conclusion
15.	Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
16.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to Victor Lesniewski whose telephone number is (571)272-2812.  The examiner can normally be reached on Monday thru Friday, 9am to 5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on 571-272-3862.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/Victor Lesniewski/Primary Examiner, Art Unit 2493