DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
1.	Claims 1-23 are pending.

Response to Arguments
2.	Applicant's arguments filed 2/1/21 have been fully considered but they are not persuasive.
	Claims 1-7 remain rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  Claim 1 recites “data encryption and decryption system”, where the system comprises a network connection apparatus and a server. Specification discloses the network connection apparatus may be an operating device, or portable computer, etc. and the server may be a virtual device or cloud server. As such, the claimed data system suggests software and is not clear of proper hardware and/or components (e.g. a memory, processor).  Thus, the claimed system is directed to software per se.
	In response to the argument (pg.11-12), regarding Passichenko discloses 1 and 2:
	Examiner traverses the statement regarding the private/public key used to encrypt the information before sending it or to decrypt the encrypted information because the claim did not explicitly include a time reference to using the key to encrypt the information or that the encryption key used for encryption, and the issuance of public/private keys. The claims broadly recites:
“a server, wherein the server comprises a second public key, the second public key corresponds to the second private key, when the server receives the request message, the server checks the encryption data by using the second public key and obtains a sensitive data according to the request message after the encryption data is determined as valid, the server obtains the first public key from the request message and performs an encryption operation for the sensitive data and the first public key to generate a response message”
The claim broadly limit the server checks for encryption data and obtain sensitive data by a request message after encryption data is determined as valid which suggests the data was encrypted (e.g. encrypt the information before sending it) since the claim is referring encryption data. The claim also recite performing encryption operation on sensitive data where this do not limit any specific key used for encryption operation. Thus, the claim do not limit when the encryption occurred whether before or after, and/or used for decryption.
	In response to the argument (pg.12), regarding Passichenko does not disclose “sub program module generates a first asymmetric key group…are random”; the public/private key is not random:
	Passichenko discloses exchange information (e.g., connection request, connection-request acceptance, or acknowledgement of acceptance) using a public-key encryption protocol to confirm or authenticate the users or their devices [Passichenko: 0007]. As such, the process of encryption is associated to a key pair (public or private) that are generated in a random manner by using an algorithm as encryption uses random values, thus, encryption key (private or public) are random per se. Passichenko includes the example where a process may include device 2 encrypting some information (e.g., a random number, a name, a code or token, or the second user's .

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

3.	Claims 1-7 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because:
Claims 1-7 recites “data encryption and decryption system”, where the claimed system do not further include hardware and/or components (e.g. a memory, processor) to clearly claim the system is a device. Claim 1 recited the data encryption and decryption system comprises a network connection apparatus and a server. Specification discloses the network connection apparatus may be an operating device, or portable computer, etc. and the server may be a virtual device or cloud server. As such, the claimed data system suggests software and is not clear of proper hardware components.  Thus, the claimed system is directed to software per se.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the 
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.

4.	Claim(s) 1-23 is/are rejected under 35 U.S.C. 102a as being unpatentable by Passichenko [US 2016/0021192].
Claim 1:	Passichenko teaches a data encryption and decryption system, comprising: 
a network connection apparatus, wherein the network connection apparatus comprises a main program module and a sub program module [Passichenko: 0049; various program modules], the sub program module is provided with a second private key [Passichenko: 0027; connection request 10 broadcast by device 2 may include a social-networking identifier for the second user that is encrypted with the second user's private key or with another user's public key], the sub program module communicates through the main program module, the sub program module generates a first asymmetric key group, the first asymmetric key group comprises a first private key and a first public key [Passichenko: 0023; “asymmetric key group” can be in the form of public/private encryption keys], the first private key and the first public key are random [Passichenko: 0028, 0030], the sub program module generates a request message through the main program module, the request message comprises an encryption data, and the encryption data comprises the first public key and the second private key; and [Passichenko: 0019, 0028]
[Passichenko: 0027, 0041], the server obtains the first public key from the request message and performs an encryption operation for the sensitive data and the first public key to generate a response message; [Passichenko: 0030-0031, 0049; challenge-response authentication process includes encryption and decryption operations using private and public keys]
wherein the sub program module decrypts the response message by using the first private key to obtain the sensitive data. [Passichenko: 0029; a key (e.g., a public key or a private key) may refer to an encryption key used to encrypt information prior to sending the information or a decryption key used to decrypt information that is encrypted. In particular embodiments, devices 1 and 2 may exchange information using a public-key encryption protocol]
Claim 2:  Passichenko: 0027-0028; discussing the data encryption and decryption system as claimed in claim 1, wherein the sub program module generates a data content according to the first public key, processes the data content by using the second private key, combines the processed date content and the first public key to generate the encryption data and transmits the encryption data to the main program module, and the main program module generates the request message comprising the encryption data to the server. [Passichenko: 0049]
Claim 3:  Passichenko: 0029; discussing the data encryption and decryption system as claimed in claim 2, wherein the sub program module performs an algorithmic operation 
Claim 4:  Passichenko: 0030; discussing the data encryption and decryption system as claimed in claim 3, wherein the server further decrypts the digital signature code in the encryption data by using the second public key to generate a first comparison information, the server further performs a hash operation for the first public key in the encryption to generate a second comparison information, checks the first comparison information and the second comparison information, and the server obtains the sensitive data according to the request massage when the first comparison information and the second comparison information are the same. [Passichenko: 0027-0028]
Claim 5:  Passichenko: 0029; discussing the data encryption and decryption system as claimed in claim 3, wherein the sub program module combines the digital signature code and the first public key and multiplies the second private key and the digital signature code combined with the first public key, so as to generate the encryption data.
Claim 6:  Passichenko: 0029; discussing the data encryption and decryption system as claimed in claim 5, wherein the server further decrypts the encryption data by using the second public key to obtain the digital signature code and the first public key in the encryption data, the server then decrypts the digital signature code by using the second public key to generate a first comparison information, the server performs a hash operation for the first public key to generate a second comparison information [Passichenko: 0030], the server checks the first comparison information and the second comparison information, and the server obtains the sensitive data according to the  [Passichenko: 0027-0028]
Claim 7:  Passichenko: 0041; discussing the data encryption and decryption system as claimed in claim 1, wherein the main program module is a browser transmitted in a plain code format, and the sub program module is a plug-in.
Claim 8:	Passichenko teaches a data encryption and decryption method, comprising: 
	generating a first asymmetric key group by a sub program module of a main program module of a network connection apparatus [Passichenko: 0049; various program modules], wherein the first asymmetric key group comprises a first private key and a first public key [Passichenko: 0023; “asymmetric key group” can be in the form of public/private encryption keys], the first private key and the first public key are random [Passichenko: 0028, 0030], and the sub program module is provided with a second private key; [Passichenko: 0027; connection request 10 broadcast by device 2 may include a social-networking identifier for the second user that is encrypted with the second user's private key or with another user's public key] 
generating an encryption data by the sub program module, and generating a request message comprising the encryption data to a server through the main program module, wherein the encryption data comprises the first public key and the second private key; [Passichenko: 0019, 0028]
checking the encryption data by using a second public key configured in the server and obtaining a sensitive data according to the request message after the encryption data is determined as valid through the server, wherein the second public key corresponds to the second private key; [Passichenko: 0027, 0035] 
[Passichenko: 0019, 0041]
encrypting the sensitive data and the first public key to generate a response message and transmitting the response message to the sub program module through the server; and [Passichenko: 0030-0031, 0049; challenge-response authentication process includes encryption and decryption operations using private and public keys]
decrypting the response message by using the first private key to obtain the sensitive data through the sub program module. [Passichenko: 0029; a key (e.g., a public key or a private key) may refer to an encryption key used to encrypt information prior to sending the information or a decryption key used to decrypt information that is encrypted. In particular embodiments, devices 1 and 2 may exchange information using a public-key encryption protocol]
Claim 9:  Passichenko: 0019, 0028; discussing the data encryption and decryption method as claimed in claim 8, wherein the step of generating the encryption data by the sub program module comprises: generating a data content according to the first public key, processing the data content by using the second private key, combining the processed date content and the first public key to generate the encryption data and transmitting the encryption data to the main program module through the sub program module. 
Claim 10:  Passichenko: 0029; discussing the data encryption and decryption method as claimed in claim 9, wherein the step of generating a data content according to the first public key, processing the data content by using the second private key, combining the processed date content and the first public key to generate the encryption data comprises: performing an algorithmic operation for the first public key to obtain the data 
Claim 11:  Passichenko: 0030; discussing the data encryption and decryption method as claimed in claim 6, wherein the step of checking the encryption data by using the second public key configured in the server and obtaining the sensitive data according to the request message after the encryption data is determined as valid through the server comprises: decrypting the digital signature code in the encryption data by using the second public key to generate a first comparison information; performing a hash operation for the first public key in the encryption to generate a second comparison information; checking the first comparison information and the second comparison information; and obtaining the sensitive data according to the request massage through the server when the first comparison information and the second comparison information are the same. [Passichenko: 0027-0028]
Claim 12:  Passichenko: 0027, 0029; discussing the data encryption and decryption method as claimed in claim 10, wherein after the step of combining the digital signature code and the first public key further comprises multiplying the second private key and the digital signature code combined with the first public key to generate the encryption data.
Claim 13:  Passichenko: 0029; discussing the data encryption and decryption method as claimed in claim 12, wherein the step of checking the encryption data by using the second public key configured in the server and obtaining the sensitive data according to the request message after the encryption data is determined as valid through the server  [Passichenko: 0027-0028]
Claim 14:	Passichenko teaches a network connection apparatus, performing a data transmission through an internet and a server, and the networking connection apparatus comprising: 
a network module, connected to the internet and communicating with the server; [Passichenko: 0041]
a main program module, connected to the network module and transmitting messages through the internet; and  [Passichenko: 0038]
a sub program module, provided with a second private key, the sub program module communicating with the main program module [Passichenko: 0049; various program modules], and the sub program module generating a first asymmetric key group, wherein the first asymmetric key group comprises a first private key and a first public key [Passichenko: 0023; “asymmetric key group” can be in the form of public/private encryption keys], the first private key and the first public key are random [Passichenko: 0028, 0030], the sub program module generates a request message to the server [Passichenko: 0034; can also be third party] through the main program module, and the sub program module [Passichenko: 0019, 0029] 
wherein the request message comprises an encryption data, the encryption data comprises the first public key and the second private key, the second private key corresponds to a second public key [Passichenko: 0027; connection request 10 broadcast by device 2 may include a social-networking identifier for the second user that is encrypted with the second user's private key or with another user's public key], and the response message is generated after the server checks the encryption data by using the second public key [Passichenko: 0030-0031, 0049; challenge-response authentication process includes encryption and decryption operations using private and public keys] and obtains the sensitive data according to the request message when the encryption data is determined as valid and the server then encrypts the sensitive data and the first public key obtained from the request message. [Passichenko: 0027, 0035] 
Claim 15:  Passichenko: 0027-0028; discussing the network connection apparatus as claimed in claim 14, wherein the sub program module generates a data content according to the first public key, processes the data content by using the second private key, combines the processed date content and the first public key to generate the encryption data and transmits the encryption data to the main program module, and the main program module generates the request message comprising the encryption data to the server.
Claim 16:  Passichenko: 0029; discussing the network connection apparatus as claimed in claim 15, wherein the sub program module performs an algorithmic operation for the first public key to obtain the data content, performing an algorithmic operation for the data content and the second private key to generate a digital signature code, and 
Claim 17:  Passichenko: 0029; discussing the network connection apparatus as claimed in claim 16, wherein the sub program module combines the digital signature code and the first public key and multiplies the second private key and the digital signature code combined with the first public key, so as to generate the encryption data.
Claim 18:  Passichenko: 0041; discussing the network connection apparatus as claimed in claim 14, wherein the main program module is a browser transmitted in a plain code format, and the sub program module is a plug-in.
Claim 19:	Passichenko teaches a data encryption and decryption method of a network connection apparatus, performing a data transmission through an internet and a server, and the data encryption and decryption method of the networking connection apparatus comprising: 
generating a first asymmetric key group by a sub program module of a main program module of the network connection apparatus [Passichenko: 0049; various program modules], wherein the first asymmetric key group comprises a first private key and a first public key [Passichenko: 0023; “asymmetric key group” can be in the form of public/private encryption keys], the first private key and the first public key are random [Passichenko: 0028, 0030], the sub program module is provided with a second private key, and the sub program module communicates through the main program module; [Passichenko: 0027; connection request 10 broadcast by device 2 may include a social-networking identifier for the second user that is encrypted with the second user's private key or with another user's public key] 
[Passichenko: 0019, 0028]
encrypting a response message from the server by using the first private key through the sub program module, wherein the response message is generated after the server [Passichenko: 0034; can also be third party] checks the encryption data by using the second public key and obtains the sensitive data according to the request message [Passichenko: 0030-0031, 0049; challenge-response authentication process includes encryption and decryption operations using private and public keys] when the encryption data is determined as valid and the server then encrypts the sensitive data and the first public key obtained from the request message; [Passichenko: 0027, 0035] 
wherein the second public key corresponds to the second private key. [Passichenko: 0030]
Claim 20:  Passichenko: 0027; discussing the data encryption and decryption method of the networking connection apparatus as claimed in claim 19, wherein the step of generating the encryption data by the sub program module comprises: generating a data content according to the first public key, processing the data content by using the second private key, combining the processed date content and the first public key to generate the encryption data and transmitting the encryption data to the main program module through the sub program module.
Claim 21:  Passichenko: 0029; discussing the data encryption and decryption method of the networking connection apparatus as claimed in claim 20, wherein the step of generating the data content according to the first public key, processing the data 
Claim 22:  Passichenko: 0029; discussing the data encryption and decryption method of the networking connection apparatus as claimed in claim 21, wherein after the step of combining the digital signature code and the first public key further comprises multiplying the second private key and the digital signature key combined with the first public key to generate the encryption data.
Claim 23:  Passichenko: 0041; discussing the data encryption and decryption method of the networking connection apparatus as claimed in claim 19, wherein the main program module is a browser transmitted in a plain code format, and the sub program module is a plug-in.

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to LEYNNA TRUVAN whose telephone number is (571)272-3851.  The examiner can normally be reached on Monday-Friday 8:00AM-5:00PM, EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph Hirl can be reached on 571-272-3685.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


LEYNNA T TRUVAN

Art Unit 2435



/L.TT/Examiner, Art Unit 2435

/JOSEPH P HIRL/Supervisory Patent Examiner, Art Unit 2435