Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Examiner’s Note
	Examiner called Applicant and proposed amending independent claims 1, 7 & 8 incorporating limitations of claims 3 & 4. Examiner further stated that if the Applicant amends the claims as proposed by Examiner the case will be placed in allowable condition. The Applicant agreed to consider the proposal and get back with a response asap. Subsequently, the Applicant emailed the proposed amendment as recommended by the Examiner (please see the attached “Email from the Applicant” for details).. 
The case has now been placed in allowable condition.
	EXAMINER’S AMENDMENT
An examiner's amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner's amendment was given via email from Tiep Nguyen  (Reg. No.44465) on 05/10/2021.. 
AMENDMENTS TO THE CLAIMS:
          The following listing of claims will replace all prior versions and listings of claims in this application.
LISTING OF CLAIMS
1. (Currently Amended) A key generation apparatus comprising:
	a memory configured to store a first private key corresponding to a first 
	a communication interface configured to communicate with a peer apparatus that stores the first public key; and
	a processor configured to generate a second public key and a second private key in response to a key update request from the peer apparatus, generate a digital signature by encrypting data including the second public key with the first private key, send a message including the data and the digital signature to the peer apparatus via the communication interface, and switch the first private key to the second private key; and
	when the peer apparatus authenticates the key generation apparatus, the processor sends the message via the communication interface in response to a challenge message from the peer apparatus, the challenge message includes key specification information that specifies a private key to be used, 
     	wherein when the key specification information specifies the first private key, the processor sends the message via the communication interface, and
	when the key specification information specifies the second private key, the processor generates a different digital signature by encrypting the challenge message with the second private key and sends a different message including the different digital signature to the peer apparatus via the communication interface.
2. (original) The key generation apparatus according to claim 1, wherein the digital signature is verified by the peer apparatus by using the first public key, and the first public key stored in the peer apparatus is switched to the second public key.
3. (Canceled) 
4. (Canceled) 

	
5. (original) The key generation apparatus according to claim 1, wherein the processor generates proof information indicating that the first private key and the second private key are stored in a single apparatus and inserts the proof information into the data.
6.(original) The key generation apparatus according to claim 1,
	wherein the peer apparatus is an access point that performs wireless communication, and
	wherein the communication interface is a wireless interface that wirelessly connects to the peer apparatus.
7. (Currently Amended) A key update method comprising:
	generating, by a processor included in a computer, a second public key and a second private key in response to a key update request from a peer apparatus storing a first public key corresponding to a first private key stored in the computer;
	generating, by the processor, a digital signature by encrypting data including the second public key with the first private key and sending a message including the data and the digital signature to the peer apparatus; [[and]]
	switching, by the processor, the first private key to the second private key;
	when the peer apparatus authenticates the key generation apparatus, sending, by the processor, the message in response to a challenge message from the peer apparatus, the challenge message includes key specification information that specifies a private key to be used, wherein when the key specification information specifies the first private key, sending by the processor the message via the communication interface, and
	when the key specification information specifies the second private key, generating by the processor a different digital signature by encrypting the challenge message with the second private key and sending a different message including the different digital signature to the peer apparatus.
8. (Currently Amended) A non-transitory computer-readable recording medium storing therein a computer program that causes a computer to execute a process comprising:
	generating a second public key and a second private key in response to a key update request from a peer apparatus storing a first public key corresponding to a first private key stored in the computer;
	generating a digital signature by encrypting data including the second public key with the first private key and sending a message including the data and the digital signature to the peer apparatus; [[and]]
	switching the first private key to the second private key;
	when the peer apparatus authenticates the key generation apparatus, sending, by the processor, the message in response to a challenge message from the peer apparatus, the challenge message includes key specification information that specifies a private key to be used, wherein when the key specification information specifies the first private key, sending by the processor the message via the communication interface, and
	when the key specification information specifies the second private key, generating by the processor a different digital signature by encrypting the challenge message with the second private key and sending a different message including the different digital signature to the peer apparatus.

Allowable Subject Matter
Claims 1-2 and 5-8 are allowed.

	The following is an examiner’s statement of reasons for allowance:
Regarding claims 1, 7 & 8, although the prior art of record teaches (such as, Blanchard (US 20140380055) a processor configured to generate a second public key and a second private key in response to a key update request from the peer apparatus, generate a digital signature by encrypting data including the second public key with the first private key, none of the prior art, alone or in combination teaches when the peer apparatus authenticates the key generation apparatus, sending, by the processor, the message in response to a challenge message from the peer apparatus, the challenge message includes key specification information that specifies a private key to be used, wherein when the key specification information specifies the first private key, sending by the processor the message via the communication interface, and
when the key specification information specifies the second private key, generating by the processor a different digital signature by encrypting the challenge message with the second private key and sending a different message including the different digital signature to the peer apparatus; in view of other limitations of claims 1, 7 & 8.
	The closest prior art (patent publications) made of records are: 
Blanchard (US20140380055) teaches embodiments relate to updating key pairs based on digital signature states. In example embodiments, first credentials that are generated using a first private key may be sent to a user computing device, where the first private key is associated with a first public key. At some stage, second credentials that are generated using the first private key and a second private key are sent to the user computing device, where the second credentials specify that the first private key is deprecated, and where the user computing device authenticates the second credentials using the first public key. In response to receiving confirmation that a firmware upgrade is installed a number of user computing devices such that an upgrade threshold is satisfied, the first private key may be deactivated. The firmware upgrade may be provided in response to receiving a firmware upgrade request from the user computing device. 
Abbott (US20160149899) teaches systems, methods, and non-transitory computer-readable storage media for a non-replayable communication system are disclosed. A first device associated with a first user may have a public identity key and a corresponding private identity. The first device may register the first user with an authenticator by posting the public identity key to the authenticator. The first device may perform a key exchange with a second device associated with a second user, whereby the public identity key and a public session key are transmitted to the second device. During a communication session, the second device may transmit to the first device messages encrypted with the public identity key and/or the public session key. The first device can decrypt the messages with the private identity key and the private session key. The session keys may expire during or upon completion of the communication session. 
Fu (US 20170249456) disclose embodiments of the present disclosure disclose an application program integrity verification method and a network device. The method includes: performing eigenvalue calculation on data of an application program when the application program starts, to obtain a first digest of the application program (101); decrypting a stored digital signature of the application program according to a public key in an embedded key pair to obtain a second digest of the application program, where the digital signature is obtained, according to a private key in the key pair, by signing data of the application program each time the application program is updated (102), and the key pair is a manufacturer key pair corresponding to the application program; and determining that integrity verification of the application program passes if the first digest and the second digest are the same, otherwise, determining that integrity verification of the application program does not pass (103). 
 Lewis (US6240187) teaches improved key management is provided by a public key replacement apparatus and method for operating over insecure networks. An active public key and the mask of a replacement public key are provided by a key server to nodes where the active key is used to encrypt and verify messages. To replace the active public key with the replacement public key, a key replacement message is sent to the node. The key replacement message contains the replacement public key and contains the mask of the next replacement key. The mask of the replacement public key may be generated by hashing or encrypting. The key replacement message is signed by the active public key and the replacement public key. Nodes are implemented by a computer, a smart card, a stored data card in combination with a publicly accessible node machine, or other apparatus for sending and/or receiving messages. In a particular application, a financial transaction network, nodes are consumer nodes, merchant nodes, or both, and transactions are securely sent over a possible insecure network 
Sharifi Mehr (US10454689) teaches that a client maintains a pinned collection of trusted digital certificates. An original digital certificate in the collection may be updated by sending a request to the certificate authority that issued the original digital certificate. The certificate authority generates an updated certificate, signs the updated certificate with a private key of the updated certificate, and also signs the updated certificate with the private key of the original digital certificate. The server provides the updated certificate to the client. The client can validate the signature created with the updated private key using the updated public key of the certificate authority, and the signature created with the original private key can be validated using the original public key of the certificate authority. If both signatures are valid, a continuity of trust may be established, and the updated certificate added to the collection of trusted digital certificates. 
 Yang (US20150363607) teaches that describe embodiments relate to methods, systems, and products for providing data protection and encryption on a plurality of devices configured for electronic communication with a server. Specifically, the methods, systems, and products can automatically and securely synchronize a user's file encryption/decryption keys across a plurality of devices, authenticating the user on each device before receiving and processing information from the server necessary to recreate the user's file encryption/decryption keys. 
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance”.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHER KHAN whose telephone number is (571)272-8574.  The examiner can normally be reached on Monday-Friday-8:00am - 5:00pm (EST).If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on 571-272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SHER A KHAN/           Primary Examiner, Art Unit 2497