DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  
Status of Claims
The amendment filed 2/12/2021 has been entered. Claims 1-12 are originally cancelled claims. Claims 13, 15, 20, 22-24 are currently amended. Claim 21 is previously cancelled claim. Claims 25-33 are newly added. Claims 13-20, 22-33 are pending in the application.
The objection of claims 13, 19, 23-24 due to informalities has been withdrawn in light of applicant’s amendment to the claims. However objection to claims 13, 23-24 is maintained. See Claim Objection section below.
The rejection of claim 20 under 35 USC 112(b) has been withdrawn in light of applicant’s amendment to the claim. 
Response to Arguments
Applicant’s argument, see pages 11-15 of the Remarks filed 2/12/2021 regarding rejections on independent claim 13 and its dependent claims under 35 USC 103 over reference 
Examiner acknowledges applicant has amended independent claim 13 of step d) reciting “transmitting and storing the one or several exchange keys generated in step c) on the production server into the subscriber identity module, in such a manner that the subscriber identity module is put into a state as though the subscriber identity module had generated the exchange keys itself,” (inter alia). In light of applicant’s argument regarding the intended use and review of the specification of the instant application, the claimed limitations “in such a manner that the subscriber identity module is put into a state as though the subscriber identity module had generated the exchange keys itself” is interpreted as: the SIM is put in to situation to perform operation (i.e. communicating with the provisioning server on key exchange) even though the SIM does not generate the exchange keys and relies on other server to generate the asymmetric keys since the SIM does not has power or resource to perform the asymmetric cryptographic operation. Upon updated search, the examiner found reference Hibshoosh (US20160352710A1) that appears to teach the above features. See the office action presented below for details.
Applicant’s further argument on the dependent claims is also moot since the argument is based on the assumption that independent claim 13 is patentable.
Claim Objections
Claims 15, 20, 23-24, 26-29 are objected to because of the following informalities:  
Claim 15 line 2, “… is performed either on …” may read as “… is performed 
Claim 20 line 10, “and step i) comprises the partial steps of:” may read as “and step i) comprises
Claim 23 line 2, “The transmission method according to claim 13” should read as “The 
Claim 24 lines 1-2, “wherein the asymmetric key pairs are provided as Diffie-Hellman key pairs are provided,…” should read as “wherein the asymmetric key pairs are provided as Diffie-Hellman key pairs 
Claim 26 line 1, “wherein no mater key …” should read as “wherein no master key …”.
Claims 27-29 line 2, “between the between the …” should read as “between the 
Claim 31 recites the limitation "the trusted provisioning server" in lines 2-3.  There is insufficient antecedent basis for this limitation in the claim. Examiner notes claim 13 (which claim 31 depends upon) recites “provisioning server”, but not “trusted provisioning server”.
Applicant is suggested to check the claim language above and clarify the claim language.
Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person 

Claims 13-20, 22-33 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention.
Claim 13 is a method claim which recites various acts including "d) transmitting and storing the one or several exchange keys generated in step c) on the production server into the subscriber identity module, in such a manner that the subscriber identity module is put into a state as though the subscriber identity module had generated the exchange keys itself;" The clause "in such a manner that the subscriber identity module is put into a state as though the subscriber identity module had generated the exchange keys itself" is a result-based or result-oriented claim limitation, and thus encompassing all the ways to achieve the result. In fact, it is not clear how the act of "transmitting and storing" of the keys by the production server into the SIM is limited by this result, or how this result is achieved. The scope of this claim is thus the genus of claiming all the ways of transmitting and storing the exchange keys from the production server to the SIM that achieve the result. However, applicant's specification does not provide ample written description support, without undue experimentation, to achieve this results for all the ways of transmitting and storing "so that the SIM is [put into a state] as 
Claims 14-20, 22-33 depend on claim 13 and fail to cure the deficiencies of claim 13, therefore also rejected with same reason as discussed above to claim 13.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the 
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 13-14, 16-20, 23-25, 30, 32-33 are rejected under 35 U.S.C. 103 as being unpatentable over Nix (US20150163056A1, hereinafter, "Nix"), in view of Hibshoosh et al (US20160352710A1, hereinafter, “Hibshoosh”), further in view of Le Saint et al (US20150372811A1, hereinafter, “Le Saint”).
Regarding claim 13, Nix teaches:
A method for setting up a subscriber identity module for an agreement of one or several exchange keys, between the subscriber identity module and a provisioning server (Nix, [Abstract] A module with an embedded universal integrated circuit card (eUICC) (i.e. subscriber identity module, SIM) can include a profile for the eUICC.  The profile can include a first and second shared secret key K (i.e. several exchange keys) for authenticating with a wireless network. See Fig. 1a, Mobile network operator server 105 (i.e. provisioning server)), proceeding from asymmetric key data, the asymmetric key data comprising an individual static asymmetric key pair of the subscriber identity module, comprising a private key and a public key of the subscriber identity module (Nix, See Fig. 2d for eUICC private key 215 and public key 214), and a static asymmetric key pair of the provisioning server, comprising a private key and a public key of the provisioning server (Nix, See Fig. 5a and Fig. 5b for MNO private key 501 and public key 502), the method comprising the steps of: 
a) generating the asymmetric key pair for the subscriber identity module, comprising the public key and the private key (Nix, [0157] A manufacturer of module 101 or an eUICC subscription manager 109 could also derive the eUICC private key 215 and eUICC public key 214 in a server); 
b) generating the asymmetric key pair of the provisioning server, comprising the public key and the private key (Nix, [0245] The mobile network operator 104 could also be associated with an MNO private key 501 and an MNO public key 502, which could comprise a PKI key pair for the mobile network operator.  The mobile network operator 104 could process or derive the PKI key pair using steps and algorithms); 
c) generating said one or several exchange keys employing the private key of the subscriber identity module and the public key of the provisioning server (Nix, [0250] a module 101 with an eUICC 107 could input the eUICC private key 215 and the mobile network operator public key 502 into a key derivation algorithm 503… The key derivation algorithm 503 in an eUICC key exchange algorithm 505 could accept the input and output the second key K 204 (i.e. exchange keys, also shown in Fig. 2c and Fig. 5b)); 
wherein step a) and step c) are performed on a production server (Nix, [0053] System 100 can include an eUICC subscription manager 109, where an eUICC subscription manager 109 can manage the recording and secure distribution of eUICC profiles 107c to a module 101.  Example entities that could operate or control an eUICC subscription manager 109 include a manufacturer of module 101 (i.e. production server)), and the method further comprises: Atty. Docket: 19838.4026/10 
d) transmitting and storing the one or several exchange keys generated in step c) on the production server into the subscriber identity module (Nix, [0119] A second portion of profile 107c can include ciphertext 208b, where ciphertext 208b can include a second key K 204a (i.e. exchange key generated at step c) and a second network module identity 209a. And See Fig. 3 and Fig. 5c which shows eUICC Profile 107c is sent from eUICC Subscription Manager 109 to Network Application and then eUICC 107 where eUICC uses the exchange key at later step such as at step 311), [in such a manner that the subscriber identity module is put into a state as though the subscriber identity module had generated the exchange keys itself] (see Hibshoosh below for limitation in bracket);
While Nix teaches transmitting and storing the one or several exchange keys generated on the production server into the subscriber identity module, but does not explicitly teach, however in the same field of endeavor Hibshoosh teaches the following limitation(s):
[transmitting and storing the one or several exchange keys generated in step c) on the production server into the subscriber identity module] (see Nix above for limitation(s) in in such a manner that the subscriber identity module is put into a state as though the subscriber identity module had generated the exchange keys itself (Hibshoosh, disclose in [Title] and [Abstract] server-assisted secure exponentiation to perform a modular exponentiation per request from secure element (i.e. subscriber identity module or SIM). And [0014] This task is, therefore, computationally challenging for secure elements with limited computing power, such as a low-cost SIM... without a hardware-based crypto-accelerator).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Hibshoosh in the eUICC authentication of Nix by performing modular exponentiation operation using server instead of using the low cost SIM that is not capable to perform the modular exponentiation operation. This would have been obvious because the person having ordinary skill in the art would have been motivated to take advantage of server-assisted secure exponentiation operation instead of having the SIM to perform the computing power demanding operation (Hibshoosh, [Abstract], [0014]).
While the combination of Nix-Hibshoosh does not explicitly teach the following limitation(s), in the same field of endeavor Le Saint teaches:
wherein the asymmetric key data are destroyed, by being deleted from the production server, after the one or several exchange keys are generated (Le Saint, [0050] a first computing device can generate a second session key (i.e. exchange key) using an ephemeral first device private key, a blinded static second device public key, a static first device private key, and an ephemeral second device public key… even if the blinded static second device public key and the ephemeral second device public key are observed in transit by an eavesdropper, and the static first device private key is later compromised, the second session key cannot be re-generated by an attacker because the ephemeral first device private key would have already been deleted from the first computing device (i.e. production server in view of Nix’s eUICC Subscription Manager)).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Le Saint in the eUICC authentication of Nix-Hibshoosh by deleting the asymmetric key from the first computing device. This would have been obvious because the person having ordinary skill in the art would have been motivated to have the private key deleted from the first computing device where the shared secrets are created to protect the encrypted data because the session key cannot be re generated without the asymmetric keys (Le Saint, [Abstract], [0050]).

Regarding claim 14, Nix-Hibshoosh-Le Saint combination further teaches:
The method according to claim 13, wherein step c) further comprises: c1) generating a secret employing the private key of the subscriber identity module and the public key of the provisioning server (Nix, [Abstract] The profile can include a first and second shared secret key K for authenticating with a wireless network. And [0264] the module 101 can input an MNO public key 502, an eUICC private key 215, and the key exchange token 506 into a key derivation algorithm 503 in order to output the second key K 204); 
c2) generating or supplying a random nonce (Nix, [0116] The second key K 204 can comprise a random number that is 128 bits in length in order to support 4G networks such as LTE that are widely deployed…); 
(Nix, [0147] The second key K 204 could represent a random number, such as, but not limited to, an exemplary 128 random number currently used as a shared secret key K in standard LTE networks).  

Regarding claim 16, Nix-Hibshoosh-Le Saint further teaches:
The method according to claim 13, wherein step d) further comprises: Atty. Docket: 19838.4027/10 transmitting and storing the public key of the subscriber identity module into the subscriber identity module (Nix, [0162] The eUICC key ciphering algorithm 216 can use an asymmetric ciphering algorithm 219 with an input of (i) an eUICC public key 214 as a cipher key and (ii) the eUICC profile key 107b as plaintext in order to output ciphertext of an encrypted eUICC key 218. Also see Fig. 3 step 302b where eUICC key 218 and eUICC Profile 107c sent from eUICC Subscription Manager 109 to eUICC 107).  

Regarding claim 17, Nix-Hibshoosh-Le Saint further teaches:
The method according to claim 16, wherein step d) comprises: transmitting and storing the public key of the subscriber identity module by directly transmitting and storing the public key of the subscriber identity module, and optionally transmitting and storing additional authentication information which permits an authentication of the public key stored in the subscriber identity module (Nix, [0197] for a first authentication step 304, (i) module 101 could send (i) the first network module identity 202 a digital signature processed using a digital signature algorithm 221 and the eUICC private key 215, and (ii) MNO 104 could verify the digital signature using a digital signature algorithm 221 and the eUICC public key 214).  

Regarding claim 18, Nix-Hibshoosh-Le Saint further teaches:
The method according to claim 16, further comprising: generating a certificate over the public key of the subscriber identity module by signing the public key of the subscriber identity module; wherein step d) comprises: transmitting and storing the public key by transmitting and storing the certificate (Nix, [0155] eUICC public key 214 can comprise a key recorded in an X.509 certificate that also includes a module identity 110 and/or eUICC identity 107a, although the use of an X.509 certificate with an eUICC public key 214 is not required.  The eUICC public key 214 in the form of an X.509 certificate can optionally be signed by a certificate authority).  

Regarding claim 19, Nix-Hibshoosh-Le Saint further teaches:
The method according to claim 16, wherein for the agreement of one or several exchange keys, between the subscriber identity module and the provisioning server, proceeding from the asymmetric key data, the method further comprising: 
e) supplying a subscriber identity module set up and establishing a communication connection between the subscriber identity module and the provisioning server (Nix, [0104] The mobile network operator 104 can communicate with the module 101 using a wireless network 102, and the wireless network 102 could comprise the radio access portion of the mobile network operator 104, such as a collection of base stations 103 using licensed radio spectrum such as, but not limited to, the 700 Mhz band for LTE, and other possibilities exist as well for the wireless network 102); Atty. Docket: 19838.4028/10 
f) transferring the public key of the subscriber identity module from the subscriber identity module to the provisioning server (Nix, [0025] The module can record an eUICC private key, and the MNO can have access to the eUICC public key. Also [0183] the eUICC subscription manager 109 could send … the eUICC public key 214 to the MNO 104… the MNO 104 could also use the key ciphering algorithm 216 depicted and described in connection with FIG. 2e above in order to encrypt the first key K 203 with the eUICC public key 214. Also [0259] A MNO 104 could receive the eUICC public key 214 for an MNO key exchange algorithm 504 from either (i) the module 101 or eUICC 107 directly); 
g) in the provisioning server receiving the public key of the subscriber identity module and identifying the subscriber identity module by means of the received public key (Nix, [0197] (ii) MNO 104 could verify the digital signature using a digital signature algorithm 221 and the eUICC public key 214); 
h) in the provisioning server supplying the private key of the provisioning server (Nix, [0248] For a MNO key exchange algorithm 504, a mobile network operator 104 using a server 105 could input the mobile network operator private key 501, the eUICC public key 214, and a key exchange token 506 into a key derivation algorithm 503 in order to output the second key K 204); 
i) in the provisioning server generating the one or several exchange keys employing the public key of the subscriber identity module and the private key of the provisioning server (Nix, [0260] For a MNO key exchange algorithm 504 in FIG. 5c, the MNO 104 could also input a key exchange token 506 and a MNO private key 501, in addition to the eUICC public key 214, as illustrated in FIG. 5b above).  

Regarding claim 20, Nix-Hibshoosh-Le Saint further teaches:
The method according to claim 19, wherein: step c) comprises: 
c1) generating a secret employing the private key of the subscriber identity module and the public key of the provisioning server (Nix, [0097] The calculation and processing of a RES 119 using a RAND 118 and a secret key K is also depicted and described in connection with steps 306 and 311 of FIG. 3. And [0250] a module 101 with an eUICC 107 could input the eUICC private key 215 and the mobile network operator public key 502 into a key derivation algorithm 503.); 
c2) generating or supplying a random nonce (Nix, [0092] 0092] As illustrated in FIG. 1 c, module 101 may also contain a random number generator 128.); 
c3) generating the exchange keys proceeding from the secret and the nonce, where applicable (Nix, [0121] The use of a second key K 204a (in an unencrypted form of second key K 204) can be equivalent to a first key k 203, but comprise a different random number.  The second key K 204 can comprise a random number); 
wherein when a nonce is used, step f) further comprises: transferring said nonce from the subscriber identity module to the provisioning server (Nix, [0150] The symmetric key K 127 could also be derived by a module 101 and an MNO 104 using a key exchange, where the symmetric key K 127 could be derived using a RAND 118 value received by the module 101 after authenticating with the first key K 203, where the module 101 and/or eUICC 107 derives the symmetric key K 127 using the RAND 118 value and the first key K 203); Atty. Docket: 19838.4029/10 
and step i) comprises the partial steps of: 
i1) generating the secret employing the public key of the subscriber identity module and the private key of the provisioning server (Nix, See Fig. 5b MNO key exchange algorithm. And [0248] For a MNO key exchange algorithm 504, a mobile network operator 104 using a server 105 could input the mobile network operator private key 501, the eUICC public key 214, and a key exchange token 506 into a key derivation algorithm 503 in order to output the second key K 204); 
i2) generating the exchange key proceeding from the secret and the nonce, where applicable (Nix, Fig. 5c, step 311, calculate 2nd RES 119 using 2nd Key K 204).  

Regarding claim 23, Nix-Hibshoosh-Le Saint further teaches:
The transmission method according to claim 13, further comprising encrypting data with the one or several exchange keys, and transmitting the encrypted data between the subscriber identity module and the provisioning server (Nix, [0184] In this manner, the MNO 104 can retain control over the release of an encrypted first key K 203, such that the first key K 203 in a ciphertext 208c is only received by an eUICC subscription manager 109 in a step 302 or a eUICC 107 in a step 205 after a user 113 (associated with the module 101 with the eUICC 107) authenticates with the MNO 104).  

Regarding claim 24, Nix-Hibshoosh-Le Saint further teaches:
the asymmetric key pairs are provided as Diffie-Hellman key pairs are provided, including a Diffie-Hellman key pair of the subscriber identity module (Nix, [0138] The eUICC profile key 107b could also be derived by a module 101 and an eUICC subscription manager 109 (or another server performing the steps in a profile ciphering algorithm 210) using a key exchange such as, but not limited to, a Diffie-Hellman key exchange or an Elliptic Curve Diffie-Hellman key exchange) and another Diffie Hellman key pair of the provisioning server (Nix, [0249] For embodiments where key derivation algorithm 503 comprises a Diffie-Hellman key exchange, the key exchange token 506 can comprise integer values of p and g. Or, with a Diffie-Hellman key exchange the security key exchange token 506 sent from a MNO 104 could comprise a value equal to g a mod p where (x) the values or p and g have been previously shared between MNO 104 and eUICC 107…).

Regarding claim 25, Nix-Hibshoosh-Le Saint further teaches:
The method according to claim 13, wherein step b) is performed on the provisioning server, and wherein at least the public key generated in step b) is supplied to the production server (Nix, [0245] The MNO 104 could send the MNO public key 502 to the eUICC subscription manager 109 in a step 302a or 302b depicted and described in FIG. 3,…).  

Regarding claim 30, Nix-Hibshoosh-Le Saint further teaches:
(Le Saint, [0028] The private key will typically be kept in a secure storage medium and will usually only be known to the entity).  

Regarding claim 32, Nix-Hibshoosh-Le Saint further teaches:
The method according to claim 13, wherein in the subscriber identity module no asymmetric cryptography is required or performed (Hibshoosh, [Abstract] discloses server-assisted secure exponentiation to perform a modular exponentiation per request from secure element (i.e. subscriber identity module). And [0014] this task is, therefore, computationally challenging for secure elements with limited computing power, such as a low-cost SIM... without a hardware-based crypto-accelerator).  

Regarding claim 33, Nix-Hibshoosh-Le Saint further teaches:
The method according to claim 13, wherein the subscriber identity module does not have sufficient computing power or storage capacity for asymmetric cryptography or for deriving the one or several exchange keys (Hibshoosh, [Abstract] discloses server-assisted secure exponentiation to perform a modular exponentiation per request from secure element (i.e. subscriber identity module). And [0014] this task is, therefore, computationally challenging for secure elements with limited computing power, such as a low-cost SIM... without a hardware-based crypto-accelerator).

Claim 15 is rejected under 35 U.S.C. 103 as being unpatentable over Nix-Hibshoosh-Le Saint as applied above to claim 13, further in view of Sutton et al (US20060013402A1, hereinafter, “Sutton”).
Regarding claim 15, Nix-Hibshoosh-Le Saint combination teaches:
The method according to claim 13, 
While Nix-Hibshoosh-Le Saint combination does not explicitly teach the following limitation, Sutton from the same field of endeavor teaches:
wherein step b) is performed either on the production server, and wherein at least the private key generated in step b) is supplied to the provisioning server (Sutton, referring to Fig. 5, and [0046] At block 702, a device manufacturer (i.e. production server) establishes a protected server 522 (i.e. provisioning server) to support key retrieval requests... For improved security, the protected server should not be the same processing system used in the manufacturing protected system or the manufacturing production system.  At block 704, the device manufacturer generates a key service public/private key pair that will be used for the key retrieval service provided by the protected server… the key service public/private key pair may be stored in the protected server).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Sutton in the eUICC authentication of Nix-Hibshoosh-Le Saint by having manufacturing device generates public key pair and provides to protected server which is used (as provisioning server) for key retrieval service. This would have been obvious because the person having ordinary skill in the .

Claim 22 is rejected under 35 U.S.C. 103 as being unpatentable over Nix-Hibshoosh-Le Saint as applied above to claim 14, further in view of Lambert et al (US20150124961A1, hereinafter, “Lambert”).
Regarding claim 22, Nix-Hibshoosh-Le Saint teaches:
The method according to claim 14, 
While Nix-Hibshoosh-Le Saint combination does not explicitly teach the following limitation, Lambert from the same field of endeavor teaches:
wherein the secret is destroyed by being deleted after the one or several exchange keys are generated (Lambert, [0011] The shared secret can be transported, the shared secret can be established by key agreement (e.g., Diffie-Hellman or another key agreement protocol), the shared secret can a random string (e.g., generated by a random number generator or another system), or the shared secret can be derived in another manner.  The one-way function can be used to generate a series of secret keys from the shared secret, and each secret key can be deleted after it is used).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Lambert in the eUICC authentication of Nix-Hibshoosh-Le Saint by deleting the secret key after it is used in hard lock file encryption using public key encryption algorithm. This would have been obvious because the person having ordinary skill in the art would have been motivated to generate next .

Claim 26 is rejected under 35 U.S.C. 103 as being unpatentable over Nix-Hibshoosh-Le Saint as applied above to claim 13, further in view of Chastain et al (US20150149776A1, hereinafter, “Chastain”).
Regarding claim 26, Nix-Hibshoosh-Le Saint teaches:
The method according to claim 13, 
Although the combination of Nix-Hibshoosh-Le Saint does not explicitly teach the following limitation, however in the same field of endeavor Chastain teaches:
wherein no mater key is employed (Chastain, [0014] master keys can be distributed to the secure element, such as from a remote management server utilizing a mutual authentication process, so that the secure element can store the master keys without providing the master keys to the secure device processor (i.e. employed). And [0024] The secure element 108 can be various types of smart cards including a Subscriber Identification Module (SIM) card or other types of secure element). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Chastain in the eUICC authentication of Nix-Hibshoosh-Le Saint by having secure element not providing the master keys to the secure device processor. This would have been obvious because the person having ordinary skill in the art would have been motivated to upload transport key and .

Claims 27-29, 31 are rejected under 35 U.S.C. 103 as being unpatentable over Nix-Hibshoosh-Le Saint as applied above to claim 13, further in view of Bjorn et al (US7,698,565B1, hereinafter, “Bjorn”).
Regarding claim 27, Nix-Hibshoosh-Le Saint teaches:
The method according to claim 13, wherein in step d), in transmission processes between the between the subscriber identity module and the production server or the provisioning server (Nix, see e.g. Fig. 5c which shows eUICC Profile 107c is sent from eUICC Subscription Manager 109 to Network Application and then eUICC 107 where eUICC uses the exchange key at later step such as at step 311), 
The combination of Nix-Hibshoosh-Le Saint does not appear to explicitly teach the following limitation however in the same field of endeavor Bjorn teaches:
no secret keys are transmitted (Bjorn, discloses the well-known feature. See Col. 1 line 24-27, The need for sender and receiver to share secret information (keys) via some secure channel is eliminated--all communications involve only public keys, and no private key (i.e. secret key) needs to be transmitted or shared).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Bjorn in the eUICC authentication of Nix-Hibshoosh-Le Saint by showing it is known in the art that no secret keys are transmitted or shared between client and server while public keys are shared. This 

Regarding claim 28, Nix-Hibshoosh-Le Saint teaches:
The method according to claim 13, wherein in step d), in transmission processes between the between the subscriber identity module and the production server or the provisioning server (Nix, see e.g. Fig. 5c which shows eUICC Profile 107c is sent from eUICC Subscription Manager 109 to Network Application and then eUICC 107 where eUICC uses the exchange key at later step such as at step 311), 
The combination of Nix-Hibshoosh-Le Saint does not appear to explicitly teach the following limitation however in the same field of endeavor Bjorn teaches:
no private asymmetric keys are transmitted (Bjorn, discloses the well-known feature. See Col. 1 line 24-27, The need for sender and receiver to share secret information (keys) via some secure channel is eliminated--all communications involve only public keys, and no private key (i.e. secret key) needs to be transmitted or shared).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Bjorn in the eUICC authentication of Nix-Hibshoosh-Le Saint by showing it is known in the art that no secret keys are transmitted or shared between client and server while public keys are shared. This would have been obvious because the person having ordinary skill in the art would have been motivated to not transmit the secret keys in public key encryption (Bjorn, Col.1 lines 25-27).

Regarding claim 29, Nix-Hibshoosh-Le Saint teaches:
The method according to claim 13, wherein in step d), in transmission processes between the between the subscriber identity module and the production server or the provisioning server (Nix, see e.g. Fig. 5c which shows eUICC Profile 107c is sent from eUICC Subscription Manager 109 to Network Application and then eUICC 107 where eUICC uses the exchange key at later step such as at step 311), 
The combination of Nix-Hibshoosh-Le Saint does not appear to explicitly teach the following limitation however in the same field of endeavor Bjorn teaches:
only public or non-critical data are transmitted (Bjorn, discloses the well-known feature. See Col. 1 line 24-27, The need for sender and receiver to share secret information (keys) via some secure channel is eliminated--all communications involve only public keys, and no private key (i.e. secret key) needs to be transmitted or shared).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Bjorn in the eUICC authentication of Nix-Hibshoosh-Le Saint by showing it is known in the art that no secret keys are transmitted or shared between client and server while only public keys are shared. This would have been obvious because the person having ordinary skill in the art would have been motivated to not transmit the secret keys in public key encryption (Bjorn, Col.1 lines 25-27).  

Regarding claim 31, Nix-Hibshoosh-Le Saint teaches:
The method according to claim 13, 

wherein private asymmetric keys are kept available only in a production environment of the production server or on the trusted provisioning server (Bjorn, discloses the well-known feature. See Col.2 lines 45-57, Server-side crypto-proxying is a form of PKI where a user's private key is stored on a central server, and never released, even to the user... This permits the user to roam between machines, and prevents the user from accidentally revealing his or her key to others).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Bjorn in the eUICC authentication of Nix-Hibshoosh-Le Saint by implementing a crypto-server system where the user’s private key is stored in the trusted server. This would have been obvious because the person having ordinary skill in the art would have been motivated to protect the user’s private key from being accidentally lost to others (Bjorn, Title, Col.2 lines 45-57).  
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL M LEE whose telephone number is (571)272-1975.  The examiner can normally be reached on M-F: 8:30AM - 5:30PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/MICHAEL M LEE/Examiner, Art Unit 2436     

/SHEWAYE GELAGAY/Supervisory Patent Examiner, Art Unit 2436