DETAILED ACTION
Response to Amendment
This action is in response to amendment filed March 12, 2021 for the application # 16/228,222 filed on December 20, 2018. Claims 1-20 are pending and are directed toward SCALABLE MULTI-KEY TOTAL MEMORY ENCRYPTION ENGINE.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.


 Claims 1, 3, 4, 6-9 and 12-19 are rejected under 35 U.S.C. 102(a)(1) as being unpatentable over Fujimoto et al. (US 2003/0033537, Pub. Date: Feb. 13, 2003), hereinafter referred to as Fujimoto.
As per claim 1, Fujimoto teaches a processor (100 – MICROPROCESSOR, Fujimoto, FIG. 1) comprising:
103 – CALCULATION PROCESSING UNIT, Fujimoto, FIG. 1);
a key attribute table (KAT) register to store a plurality of key identifiers (Key IDs) associated with the application (203, Fujimoto, FIG. 4), wherein a Key ID of the plurality of Key IDs identifies an encryption key (The key register group 102b has an execution key register RKx for storing information (key ID) indicating a region at which an execution key (decryption key) of the currently executed tamper resistant program is stored, Fujimoto, [0048]);
a selection circuit coupled to the KAT register (SELECTOR, Fujimoto, FIG. 2), the selection circuit to select the Key ID from the KAT register based on a Key ID selector (KSEL), wherein the KSEL is associated with a block of memory to which access is performed (In the case where the data of the address to be accessed by the processor is stored in the cache 101 (the case where the cache 101 is hit), the cache controller 101b compares the content of the tag storage region 101c of the cache line that is hit with the access key ID. When they coincide, the content of that cache line is used as it is. Fujimoto, [0208]);
a cache coupled to the processor core, the cache to store a physical address, data, and the Key ID of the block of memory on which access has been performed, wherein the Key ID is an attribute associated with the block of memory (Fujimoto, [0112]); and
a memory controller coupled to the cache to encrypt, based on the encryption key identified by the Key ID, the data of the block of memory stored in the cache as it is evicted from the cache to main memory (FIG. 4 is a diagram showing an exemplary format of an encrypted context to be saved into an external memory by the microprocessor of FIG. 1. Fujimoto, [0035]).
As per claim 3, Fujimoto teaches the processor of claim I further comprising:
Now, the capacity of the above described key table 106 is finite so that this microprocessor 100 is also capable of saving the content of the key data storage section 106b along with the context. By saving the content of the key data storage section 106b in this way, it becomes possible to release the key ID that corresponds to the key data storage section 106b whose content has been saved. Fujimoto, [0085]).
As per claim 4, Fujimoto teaches the processor of claim 1 wherein the cache comprises: a data cache to store the data of the block of memory; and a Key ID cache to store the Key ID of the block of memory (Fujimoto, [0044]).
As per claim 6, Fujimoto teaches the processor of claim 1 wherein the KSEL is embedded in a linear address comprising a pointer to the physical address of the block of memory (Fujimoto, [0154]).
As per claim 7, Fujimoto teaches the processor of claim 1 wherein the KSEL is stored in a page table as an attribute associated with a physical page of memory, wherein the block of memory resides within the physical page of memory, and wherein the physical address of the physical page of memory is determined from a linear address provided by the application (Fujimoto, [0154]).
As per claim 8, Fujimoto teaches the processor of claim 1 wherein the memory controller comprises a total memory encryption engine (Also, this microprocessor 100 is capable of carrying out the memory protection according to the privileged levels (general mode, privileged mode, etc.) of the processes. Fujimoto, [0089]).
As per claim 9, Fujimoto teaches a system comprising:
main memory (1 – EXTERNAL MEMORY, Fujimoto, FIG. 1);
a processor coupled to the main memory (100 – MICROPROCESSOR, Fujimoto, FIG. 1), wherein the processor comprises: a processor core to execute an application (103 – CALCULATION PROCESSING UNIT, Fujimoto, FIG. 1);
a key attribute table (KAT) register to store a plurality of key identifiers (Key IDs) associated with the application (203, Fujimoto, FIG. 4), wherein a Key ID of the plurality of Key IDs identifies an encryption key (The key register group 102b has an execution key register RKx for storing information (key ID) indicating a region at which an execution key (decryption key) of the currently executed tamper resistant program is stored, Fujimoto, [0048]);
a selection circuit coupled to the KAT register (SELECTOR, Fujimoto, FIG. 2), the selection circuit to select the KeyID from the KAT register based on a KeyID selector (KSEL), wherein the KSEL is associated with a page of memory to which access is performed (In the case where the data of the address to be accessed by the processor is stored in the cache 101 (the case where the cache 101 is hit), the cache controller 101b compares the content of the tag storage region 101c of the cache line that is hit with the access key ID. When they coincide, the content of that cache line is used as it is. Fujimoto, [0208]);
a cache coupled to the processor core, the cache to store a physical address, data, and the Key ID of the page of memory on which access has been performed, wherein the Key ID is an attribute associated with the page of memory (Fujimoto, [0112]); and
FIG. 4 is a diagram showing an exemplary format of an encrypted context to be saved into an external memory by the microprocessor of FIG. 1. Fujimoto, [0035]).
As per claim 12, Fujimoto teaches the system of claim 9 further comprising a mode selection multiplexor to select a legacy mode or a scalable multi-key encryption mode, and wherein the memory controller resides on the processor (Fujimoto, [0092]).
As per claim 13, Fujimoto teaches the system of claim 9 further comprising:
an encryption key cache coupled to the memory controller, the encryption key cache to store encryption keys associated with active Key IDs, wherein the processor core is to offload encryption keys associated with inactive Key IDs from the encryption key cache to a reserved region of system memory, and wherein the encryption keys are encrypted by the memory controller upon being offloaded to the reserved region of system memory (Now, the capacity of the above described key table 106 is finite so that this microprocessor 100 is also capable of saving the content of the key data storage section 106b along with the context. By saving the content of the key data storage section 106b in this way, it becomes possible to release the key ID that corresponds to the key data storage section 106b whose content has been saved. Fujimoto, [0085]).
As per claim 14, Fujimoto teaches the system of claim 13 wherein the encryption key cache is managed by hardware to offload inactive encryption keys to the reserved region and load from system memory encryption keys associated with KeyIDs loaded in the KAT register (For this reason, this microprocessor 100 manages the decryption key (the secret key of the public key cryptosystem) for each individual tamper resistant program. As described above, the keys are specified by storing the key IDs in the execution key register RKx and the data key registers RKd0, . . . , RKdn of the above described key register group 102b. Fujimoto, [0083]).
As per claim 15, Fujimoto teaches the system of claim 13 wherein the encryption key cache is managed by software that loads and offloads encryption keys based on usage of the encryption keys (There are cases where the key is stored by the other program into the key data storage section 106b for which the key ID is released in this way. In such cases, this program may not release that key ID at a time of the context saving. Fujimoto, [0086]).
As per claim 16, Fujimoto teaches a method of operation comprising:
loading a key attribute table (KAT) register with one or more key identifiers (KeyIDs) that identify encryption keys to encrypt memory used by an application, wherein the one or more KeyIDs is a subset of all Key IDs accessible by a system (Fujimoto, [0156]);
requesting, by a processing device, a block of memory to be used by the application (Fujimoto, [0159]);
selecting, from the KAT register, a KeyID associated with a memory request, wherein the Key ID is selected from the KAT register using a selection circuit and a key identifier selector (KSEL) (Fujimoto, [0157]); and
storing the Key ID in a KeyID cache (KIC), the KIC to store KeyIDs for each block of memory cached by the system (Fujimoto, [0161]).
As per claim 17, Fujimoto teaches the method of claim 16 further comprising:
determining, based on a physical address of the block of memory, that the block of memory is cached by the system (Fujimoto, [0119]);
determining that the block of memory cached by the system is not associated with the KeyID selected from the KAT register (Fujimoto, [0156]);
Fujimoto, [0157]); and
retrieving the block of memory from main memory, caching the block of memory, and storing the KeyID selected from the KAT register in the KIC as associated with the block of memory (Fujimoto, [0154]).
As per claim 18, Fujimoto teaches the method of claim 16 further comprising: determining, based on a physical address of the block of memory, that the block of memory is cached by the system; determining that the block of memory cached by the system is associated with the KeyID selected from the KAT register; and completing the memory request by retrieving the block of memory cached by the system (Fujimoto, [0154]).
As per claim 19, Fujimoto teaches the method of claim 16 further comprising: offloading encryption keys, from an encryption key cache, associated with inactive Key IDs to a reserved region of main memory; and encrypting the encryption keys upon offloading the encryption keys to the reserved region of main memory (Fujimoto, [0150]).

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:

A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 2, 5, 10 and 11 are rejected under 35 U.S.C. 103 as being unpatentable over Fujimoto et al. (US 2003/0033537, Pub. Date: Feb. 13, 2003) in view of Hashimoto (US 2005/0105738, Pub. Date: May 19, 2005), hereinafter referred to as Fujimoto and Hashimoto respectively.
As per claim 2, Fujimoto teaches the processor of claim 1, further teaches wherein the processor core executes one or Fujimoto, [0112]), but does not teach “more”, Hashimoto however teaches one or more logical processers (the reading result is sent to the request source processor according to a processor number in the writing request signal for each memory referring request sent at the step S503 or S509. By using this signal format which has a key identifier formed by the ECU number and the type, and the processor number of the request source, it becomes possible to realize the encryption key selection and the sending of the memory referring result to the request source, even in the on-chip multi-core type tamper resistant processor. Hashimoto, [0076]).
Fujimoto in view of Hashimoto are analogous art to the claimed invention, because they are from a similar field of endeavor of systems, components and methodologies for providing secure communication between computer systems. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Fujimoto in view of Hashimoto. This would have been desirable because it is possible to provide a tamper resistant microprocessor in the multi-processor configuration that can realize the improved processing performance by hardware of a given size compared with the case of providing the key table and the ciphering processing function distributedly (Hashimoto, ABSTRACT).

As per claim 5, Fujimoto teaches the processor of claim 4 further comprising a first memory device, wherein the Key ID cache resides on the first memory device and a second memory device, wherein a second Key ID cache resides on the second memory device (In FIG. 1, only one register group 102 is provided, but it is also possible to provide a plurality of register groups 102 in correspondence to the execution authorities (privileged levels) in the operation of the microprocessor 100, for example. Fujimoto, [0045]), but does not teach: a first logical processor, and a second logical processor. Hashimoto however teaches one or more logical processers (the reading result is sent to the request source processor according to a processor number in the writing request signal for each memory referring request sent at the step S503 or S509. By using this signal format which has a key identifier formed by the ECU number and the type, and the processor number of the request source, it becomes possible to realize the encryption key selection and the sending of the memory referring result to the request source, even in the on-chip multi-core type tamper resistant processor. Hashimoto, [0076]).
Fujimoto in view of Hashimoto are analogous art to the claimed invention, because they are from a similar field of endeavor of systems, components and methodologies for providing secure communication between computer systems. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Fujimoto in view of Hashimoto. This would have been desirable because it is possible to provide a tamper resistant microprocessor in the multi-processor configuration that can realize the improved processing performance by hardware of a given size compared with the case of providing the key table and the ciphering processing function distributedly (Hashimoto, ABSTRACT).

Claims 10 and 11 have limitations similar to those treated in the above rejection, and are met by the references as discussed above, and are rejected for the same reasons of obviousness as used above.
Claim 20 is rejected under 35 U.S.C. 103 as being unpatentable over Fujimoto et al. (US 2003/0033537, Pub. Date: Feb. 13, 2003) in view of MAINO et al. (US 2011/0293097, Pub. Date: Dec. 1, 2011), hereinafter referred to as Fujimoto and MAINO respectively.
As per claim 20, Fujimoto teaches the method of claim 16, but does not teach a virtual machine, MAINO however teaches wherein the application is a virtual machine (Further, the trust anchor 258 may generate (or obtain) a memory session key for each given VM 230 and use it to encrypt/decrypt information read from and written to the cache 255 while a VM executes on one of the execution cores 256. In one embodiment, the trust anchor 258 may generate a memory session key as part of loading a given VM instance. The trust anchor 258 may be configured to swap memory session keys whenever the execution context on one of the execution cores 256 on CPU 253 is changed, e.g., a context-switch between different VMs 2301 _3 or between a VM 2301 _3 and the hypervisor 240 itself. MAINO, [0031]).
Fujimoto in view of MAINO are analogous art to the claimed invention, because they are from a similar field of endeavor of systems, components and methodologies for providing secure communication between computer systems. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Fujimoto in view of MAINO. This would have been desirable because the cache 255 provides a high-speed memory accessed by the execution cores 256 on the CPU 253. While memory 252 can be segmented across virtual machines 230, cache 255 is often shared by different VMs 2301_3 . For example, as shown, CPU 253 may include one or more execution cores 256. When distinct VMs 2301_3 are executed on different execution cores 256, the VMs 2301_3 may share access to the cache 255. In one embodiment, the trust anchor 258 may use a distinct memory session key for each VM 230 to encrypt/decrypt each read/write to the cache 255. Doing so prevents a VM 230 executing on one execution core 256 from accessing data in the cache 255 belonging to another VM 230 executing on a different execution core 256. Further, doing so also prevents the hypervisor 240 from accessing data in the cache 255 belonging to a given VM 2301_3 , despite the hypervisor 240 having a generally higher privilege level (MAINO, [0032]).

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-20 are provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over claims 26-50 of copending Application No. 15/635548 and over claims 1-11, 19-23 and 26-34 of copending Application No. 15/705562. Although the claims at issue are not identical, they are not patentably distinct from each other because although the all elements of claims 1-20 of the instant application correspond to elements of claims 26-50 of copending Application No. 15/635548 and over claims 1-11, 19-23 and 26-34 of copending Application No. 15/705562.
This is a provisional nonstatutory double patenting rejection because the patentably indistinct claims have not in fact been patented.
Response to Arguments
Applicant’s arguments with regards to claims 1-20 have been fully considered, but they are not persuasive.
“would not be understood” argument – Applicant argues that Fujimoto does not at least describe "a key attribute table (KAT) register to store a plurality of key identifiers (KeylDs) associated with the application, wherein a KeylD of the plurality of KeylDs identifies an encryption key." The Office Action cites data 203 as allegedly being this register. This data 203 is a part of an "encrypted context" which stores the "data 203 of the registers of register group 102." An encrypted context would not be understood by a PHOSITA as being a register (REMARKS, page 9).
Response: an "encrypted context" which stores the "data 203 of the registers of register group 102" simply means that registers of register group 102 store encrypted context, which reads on Applicant’s encryption key.
“not a register” argument – Applicant argues that the key register group 102 b includes an "execution key register RKx for storing information (key ID) indicating a region at which an execution key (decryption key) of the currently executed tamper resistant program is stored ... 
Response: Fujimoto teaches “application” -> “the currently executed tamper resistant program”, he further teaches a plurality of key IDs stored in data key registers RKd0 to RKdn for storing information (key ID) indication regions, he further teaches an encryption key -> “an execution key (decryption key)”, and finally he teaches a key attribute table (KAT) register -> DATA OF KEY REGISTER GROUP, as shown at 203, FIG.4. Examiner also points Applicant’s attention to “Also, on the key table 106, entries (key IDs) more numerous than the number of registers inside the key register group 102b mentioned above are defined, and each entry contains a key data storage section 106b for storing the key for each key ID and a register look up counter 106a for indicating the number of times for which the key stored in the corresponding key data storage section 106b has been used..” (Fujimoto, [0058]). Therefore all cited by Applicant limitations are clearly anticipated by Fujimoto.
“not appear to be accurate” argument – Applicant argues that Fujimoto does not at least describe "a selection circuit coupled to the KAT register, the selection circuit to select the KeylD from the KAT register based on a KeylD selector (KSEL), wherein the KSEL is associated with a block of memory to which access is performed." The Office Action cites the "selector" of FIG. 2, but that is not coupled to data 203 from FIG. 4. As such, this view of Fujimoto does not appear to be accurate. Moreover, the cited text in the rejection is not related to the selector. (REMARKS, page 9).
Response: Examiner points Applicant’s attention to arrow (FROM 102a, ETC) of FIG. 2, which is REGISTER GROUP on FIG.1. Further KSEL was defined in Specification as “The KSEL 225 may be a set of bits stripped from the linear address associated with the memory access request.”, however no specific structure for KSEL is currently claimed. Examiner points Applicant’s attention to “The key data storage section 106b corresponding to each key ID is uniquely determined for the key ID, for example. For example, addresses are defined for a prescribed memory region in advance, and the encryption key corresponding to an address according to the key ID is stored into that address, such that there is no need to provide a separate region for storing the key ID.” (Fujimoto, [0059]).
“nor use the word” argument – Applicant argues that Fujimoto does not at least describe "a cache coupled to the processor core, the cache to store a physical address, data, and the KeylD of the block of memory on which access has been performed, wherein the KeylD is an attribute associated with the block of memory." The Office Action cites paragraph [0112] which does not describe, nor use the word, cache, but describes the key table 106. (REMARKS, page 9).
Response: The reference for cache was provided by citing Fujimoto, [0208]. And Fujimoto, [0112], was cited as anticipating the wherein clause “wherein the Key ID is an attribute associated with the block of memory”.
“not a memory controller” argument – Applicant argues that Fujimoto does not at least describe "a memory controller coupled to the cache to encrypt, based on the encryption key identified by the KeylD, the data of the block of memory stored in the cache as it is evicted from the cache to main memory." The Office Action cites FIG. 4 (the context) to be saved. A context is not a 
Response: Examiner points Applicant’s attention to “When the activation of the tamper resistant program is commanded, the cache controller 101b reads out that tamper resistant program from the external memory 1, supplies it to the encryption processing unit 109 in order to decrypt it, and stores the decrypted tamper resistant program into the cache 101, for example. This decryption is carried out by using the key stored in the key data storage section 106b with the value of the key ID greater than or equal to "2" in the key table 106 as described above.” (Fujimoto, [0078]).
“this rationale” argument – Applicant argues that Fujimoto does not describe claim 1. Claims that are dependent upon claim 1 are allowable for at least this rationale. Independent claims 9, and its dependents, are allowable for at least similar rationale. (REMARKS, page 10).
Response: as shown in provided responses Applicant’s arguments are based on deficient assumptions. Further Applicant’s remarks in regards to independent and dependent claims are same or similar to already considered by examiner and are not persuasive for the reasons provided.
Conclusion -Therefore, in view of the above reasons, Examiner maintains rejections.
Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  

Any inquiry concerning this communication or earlier communications from the examiner should be directed to OLEG KORSAK whose telephone number is (571)270-1938.  The examiner can normally be reached on Monday-Friday 7:30am - 5:00pm EST.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571)272-4006.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/OLEG KORSAK/
Primary Examiner, Art Unit 2492