DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Claims 1-5, 8-12, 14, 16-18 were amended, claims 1-18 are pending.
Priority
Acknowledgment is made of applicant’s claim for foreign priority under 35 U.S.C. 119 (a)-(d). The certified copy has been filed in parent Application No. 201710800850.3, filed on 09/06/2017.
Response to Arguments
Applicant’s arguments with respect to claims 1, 8, 17, 18 have been considered but they are not persuasive. On page 11 the applicant argued that Roth fails to teach or suggest encrypting the envelop key based on a public key of an object, associated with the cryptographic service, configured to decrypt the encrypted data object. Examiner respectfully disagrees. Para [0122] suggest the key is encrypted with public key. For clear prosecution purpose examiner introduce Wood to reject “encrypting the key based on a public key of a preset target object to obtain an encrypted key corresponding to the preset target object”. Rest of the arguments have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2, 5-6, 8-14, 17-18 are rejected under 35 U.S.C. 103 as being unpatentable over DILLENBERGER(US 20170177898 A1) in view of Roth et al(US 20140229737 A1) and in further view of Wood Et al(US 20100058053 A1) and Scheidt et al(US 20100169651 A1).

With regards to claim 1, 17 DILLENBERGER discloses, A data encryption method, comprising:
generating a block key and encrypting to-be-uploaded data based on the block key to obtain encrypted data (FIG 3 304 and associated text; ); 
generating upload data based on the encrypted data (FIG 3 306 and associated text; ) and uploading the upload data to a blockchain (FIG 3 308 and associated text; ).
an output interface coupled to the storage medium that uploads the upload data to a block chain ([0006] To read the additional data in a blockchain, a request is received at a computing node with a transaction identifier and a decryption key from a user system to access data journaled as part of the blockchain in the transaction database.)

DILLENBERGER does not but, Roth teaches, 
encrypting the block key based on a public key to obtain an encrypted block key (Roth FIG  8 818 and associated text; [0122]; In some embodiments, a suspend operation might include receiving a public key from a customer and encrypting the key specified by a given KeyID with the received public key); associated with a decryption terminal confiqured to decrypt the encrypted data (FIG 9, FIG 10 1012 to 1018 and associated text; Note: cryptography service as decryption terminal decrypt),  and 
generating upload data based on the encrypted data and the encrypted block key and the signature and uploading the upload data (FIG 8 818 and associated text; Roth FIG 8 818 and associated text; [0082] For example, referring to FIG. 7, the data service frontend may receive the envelope key and the KeylD for the master key used to encrypt the envelope key from the cryptography service with any other relevant information, such as authentication proof. Note: authentication   proof could be signature as per [0061])   
a storage medium coupled to the processor for storing the block key, the encrypted data, and upload data (FIG 8 818 and associated text;); and 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify DILLENBERGER’s method with teaching of ROTH in order to secure transaction(Roth Abstract)

DILLENBERGER in view of Roth do not but Wood teaches, 
encrypting the key based on a public key of a preset target object to obtain an encrypted key corresponding to the preset target object ( Wood ([0033]; generating at the target device a session key in response to the authorization request; encrypting the session key with a public key associated with the software tool;. FIG 5 510 , 515 and Note: software tool as target object, session key is encrypted with software tool’s public key) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify DILLENBERGER in view of Roth’s method with teaching of Wood in order to secure transaction of software in untrusted device(Wood [0001])

DILLENBERGER in view of Roth and Wood do not but Scheidt teaches, 
siqninq the encrypted data and the encrypted block key based on a pre- obtained private key of an encryption terminal to obtain a data signature; ([0029] An ephemeral public key is generated based on the ephemeral private key and the prime and base parameters. A shared encryption key is generated based on the ephemeral public key, the user public key, and the prime parameter. The cryptographic key is a shared encryption key. The ephemeral private key, the prime parameter, and at least a portion of the user public data are combined with the encrypted biometric signature block and the cryptographic key to produce the electronically signed transaction. [0152] Additionally, or alternatively, user authentication includes generating, based on the user password, a verification key, and verifiably decrypting, based on the verification key, at least one of a stored encrypted private signing key, a stored encrypted public signing key, at least one stored encrypted cryptographic parameter, a stored encrypted user cryptographic key, a stored encrypted electronic biometrics template, a stored encrypted graphical representation, and a stored encrypted at least a portion of a notary response, to provide an authentication result. ) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify 


With regards to claim 2, DILLEN BERGER in view of Roth, and Wood, Scheidt teaches, wherein the encrypting to-be-uploaded data based on the block key to obtain encrypted data comprises:
encrypting the to-be-uploaded data based on the block key through a symmetric cryptographic algorithm to obtain the encrypted data (Roth [0053] The cryptography service illustrated in FIG. 1 may utilize one or more cryptographically strong algorithms to encrypt data. Such cryptographically strong algorithms may include, for example, Advanced Encryption Standard (AES), Blowfish, Data Encryption Standard (DES), Triple DES, Serpent or Twofish, and depending on the specific implementation selected, may be either asymmetric or symmetric key systems. ), wherein the symmetric cryptographic algorithm is configured to be used by an encryption terminal and the decryption terminal to encrypt and decrypt with the same key (Roth FIG8/FIG 14 and associated text; Note: symmetric encryption/decryption uses same key). Motivation would be same as stated in claim 1.

With regards to claim 5. DILLENBERGER in view of Roth and Wood, Scheidt discloses, wherein the generating upload data based on the encrypted data and the encrypted block key comprises: wherein the data signature is configured to authenticate at the decryption terminal whether the upload data is data uploaded by the encryption terminal ( Roth FIG 8 80 with “yes”, 812-818 and associated text). Motivation would be same as stated in claim 1. 

With regards to claim 6, DILLENBERGER in view of Roth and Wood, Scheidt discloses, wherein before the encrypting to-be-uploaded data based on the block key to obtain encrypted data, the method further comprises: 
receiving a request to upload information to a blockchain, wherein the request to upload information to a blockchain comprises the to-be-uploaded data (DILLENBERGER FIG 3 306 and associated text; or Roth FIG 8 802 and associated text;  ); 
inspecting, according to a preset condition, whether the to-be-uploaded data is correct (Roth FIG 8 808 and associated text;); and 
encrypting the to-be-uploaded data based on the block key if an inspection result is correct (Roth FIG 8 818 and associated text; ).  Motivation would be same as stated in claim 1.

With regards to claim 8, 18 DILLENBERGER discloses, A data decryption method, comprising:
obtaining upload data uploaded by an encryption terminal to a blockchain (FIG 4 404  and associated text;); 
decrypting encrypted data in the upload data with the block key to obtain to-be- uploaded data encrypted by the encryption terminal (FIG 4 408 and associated text; ).

DILLENBERGER does not but, Roth teaches, wherein the encrypted block key corresponds to the block key encrypted based on a public key of the decryption terminal confiqured to decrypt the encrypted data; ( FIG 10 1014-1018 and associated text; ) 
decrypting an encrypted block key in the upload data with a key of a decryption terminal to obtain a block key generated by the encryption terminal (Roth [0053]; In an example configuration the cryptographic service can be used to encrypt/decrypt keys and these keys can be used to encrypt/decrypt data, such as data stored in a data storage service. ); and  
a storage medium coupled to the processor for stores the upload data and the encrypted block key(FIG 10 1012 and associated text;); and  It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify DILLENBERGER’s method with teaching of ROTH in order to secure transaction(Roth Abstract)

DILLENBERGER in view of Roth do not but, Wood teaches, wherein the encrypted key corresponds to the key encrypted based on a public key of the decryption terminal (Wood ([0033]; generating at the target device a session key in response to the authorization request; encrypting the session key with a public key associated with the software tool;. FIG 5 510 , 515 and associated text; Note: software tool as target object, session key is encrypted with software tool’s public key) decrypting an encrypted key in the upload data with a pre-stored private key (Wood [0073] the private key for tool 

DILLENBERGER in view of Roth and Wood do not but Scheidt teaches, 
obtaininq an encrypted block key and encrypted data from the upload data usinq a data signature([0152] Additionally, or alternatively, user authentication includes generating, based on the user password, a verification key, and verifiably decrypting, based on the verification key, at least one of a stored encrypted private signing key, a stored encrypted public signing key, at least one stored encrypted cryptographic parameter, a stored encrypted user cryptographic key, a stored encrypted electronic biometrics template, a stored encrypted graphical representation, and a stored encrypted at least a portion of a notary response, to provide an authentication result.), wherein the data signature is obtained by signinq the encrypted data and the encrypted block key based on a pre-obtained private key of the encryption terminal ([0029] An ephemeral public key is generated based on the ephemeral private key and the prime and base parameters. A shared encryption key is generated based on the ephemeral public key, the user public key, and the prime parameter. The cryptographic key is a shared encryption key. The ephemeral private key, the prime parameter, and at least a portion of the user public data are combined with the encrypted biometric signature block and the cryptographic key to produce the electronically signed transaction. ) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed 

With regards to claim 9, DILLENBERGER in view of Roth and Wood, Scheidt discloses,  wherein before the decrypting the encrypted block key in the upload data with a pre-stored private key of a decryption terminal, the method further comprises:
obtaining a data signature in the upload data; determining whether the data signature is a signature of the upload data uploaded by the encryption terminal (Wood [0045] In one embodiment, to determine whether the key servers are working properly, the key signatures of the "encryption keys" received from the key servers are validated against a known key signature received at encryption group configuration time (when the encryption key is requested to be created) or system initialization time.); decrypting the encrypted block key in the upload data if a determining result is positive (Wood [0045]); and suspending processing of the upload data if the determining result is negative (Wood [0045]; If a key server does not successfully serve the keys to the storage encryption key manager 14, an error is logged and the customer is notified so he can correct the situation.  ). Motivation would be same as stated in claim 8.

With regards claim 10, DILLENBERGER in view of Roth and Wood, Scheidt discloses,, wherein the decrypting the encrypted block key in the upload data with a pre-stored private key of a decryption terminal to obtain a block key generated by the encryption terminal comprises: 
decrypting the encrypted block key based on the private key through an asymmetric cryptographic algorithm to obtain the block key generated by the encryption terminal (Wood [0022] The public key (Js) is used to encrypt the encryption key (EK) sent by the key server so that it can be transferred securely to the storage subsystem which can then decrypt the encrypted encryption key with its private key (Ks.). Motivation would be same as stated in claim 8.

With regards claim 11, DILLENBERGER in view of Roth and Wood, Scheidt discloses, wherein the asymmetric cryptographic algorithm is configured to be used by the encryption terminal to encrypt the uploaded data with the public key of the decryption terminal, and by the decryption terminal to decrypt the encrypted data with a private key of the decryption terminal (Wood [0022] The public key (Js) is used to encrypt the encryption key (EK) sent by the key server so that it can be transferred securely to the storage subsystem which can then decrypt the encrypted encryption key with its private key (Ks.). Motivation would be same as stated in claim 8.

With regards claim 12, DILLENBERGER in view of Roth and Wood, Scheidt discloses, wherein the decrypting the encrypted data in the upload data with the block key to obtain to-be-uploaded data encrypted by the encryption terminal comprises: 
decrypting the encrypted data based on the block key through a symmetric cryptographic algorithm to obtain the to-be-uploaded data encrypted by the encryption terminal (Roth [0053]; The cryptography service illustrated in FIG. 1 may utilize one or more cryptographically strong algorithms to encrypt data. Such symmetric key systems. Generally, the cryptography service may utilize any encryption and/or decryption algorithm (cipher) or combination of algorithms that utilizes data managed by the cryptography service.). Motivation would be same as stated in claim 8.

With regards claim 13, DILLENBERGER in view of Roth and Wood, Scheidt discloses, wherein the symmetric cryptographic algorithm is configured to be used by the encryption terminal and the decryption terminal to encrypt and decrypt with the same key ((Roth [0053]; The cryptography service illustrated in FIG. 1 may utilize one or more cryptographically strong algorithms to encrypt data. Such cryptographically strong algorithms may include, for example, Advanced Encryption Standard (AES), Blowfish, Data Encryption Standard (DES), Triple DES, Serpent or Twofish, and depending on the specific implementation selected, may be either asymmetric or symmetric key systems. Generally, the cryptography service may utilize any encryption and/or decryption algorithm (cipher) or combination of algorithms that utilizes data managed by the cryptography service.). Motivation would be same as stated in claim 8.



receiving a data service request (Roth FIG 10 1002 and associated text;); 
returning user data service information and requirement information according to the data service request (Roth FIG 10 1004 and associated text;[0056]); 
receiving user information returned based on the user data service information and requirement information and authenticating the user information (Roth FIG 10 1006 and associated text;[0056]); 
sending a user data request message to the encryption terminal if an authentication result is that the user information is incomplete (Roth FIG 4 408 and associated text;[0069]  For example, denying 410, the PUT request may include transmitting a message to a user that submitted the PUT request. The message may indicate that the request was denied. Denying the request may also include providing information about why the request was denied, such as an electronic signature not being correct or other reasons that may be used for determining how to resolve any issues that resulted in the PUT request not being authentic or authorized ); and 
receiving the user information sent by the encryption terminal ([0056]; For example, the authentication service may provide a token that another service can analyze to verify the authenticity of the request. Electronic signatures and/or tokens may have validity that is limited in various ways. ).

Claims 7, 15-16 are rejected under 35 U.S.C. 103 as being unpatentable over DILLENBERGER(US 20170177898 A1) in view of Roth et al(US 20140229737 A1) and in further view of Wood, Scheidt and Hong et al(US 20190386940 A1).

With regards claim 7, DILLENBERGER in view of Roth and Wood, Scheidt discloses, wherein the encrypting to-be-uploaded data based on the block key to obtain encrypted data comprises : 
DILLENBERGER in view of Roth and Wood, Scheidt do not but Hong teaches, encrypting digest data in the to-be-uploaded data with the block key to obtain the encrypted data ([0079] If the encrypted message digest is determined as valid, the server 100 may generate or support another device to generate (i) the hash value of the encrypted record data generated by encrypting the record data in sequence with the private key of said at least one of the chat participants and the private key of the server, or (ii) the hash value of the encrypted message digest generated by encrypting the message digest of the record data in sequence with the private key of said at least one of the chat participants and the private key of the server.  And, the server may register or support another device to register the hash value generated as such in the database. Herein, data is registered in the database 200 in a form of hash values as such in order to reduce sizes of the data due to a limit on storage, etc. of the database 200. Herein, the database 200 may be the blockchain.).  It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify 


With regards to claim 15, DILLENBERGER in view of Roth, Wood, Scheidt and Hong teaches, wherein the obtaining upload data uploaded by an encryption terminal to a blockchain comprises: obtaining digest data in the upload data of the blockchain (Hong  [0078] Also, at the step of SB1, if the encrypted message digest generated by encrypting the message digest with the private key of at least one of the chat participants is acquired, the server 100 may verify the encrypted message digest by using at least one public key corresponding to the private key of said at least one of the chat participants.). Motivation would be same as stated in claim 7.

With regards to claim 16, DILLENBERGER in view of Roth, Wood , Scheidt and Hong teaches, wherein after the obtaining upload data uploaded by the encryption terminal, the method further comprises: 
authenticating the digest data and the to-be-uploaded data; and providing corresponding services after successful authentication of the digest data and the to-be-uploaded data according to a preset condition (Hong [0078] Also, at the step of SB1, if the encrypted message digest generated by encrypting the message digest with the private key of at least one of the chat participants is acquired, the server 100 may verify the encrypted message digest by using at least one public key corresponding to the .

Claims 3 is rejected under 35 U.S.C. 103 as being unpatentable over DILLENBERGER in view of Roth and in further view of Wood, Scheidt and Ginter et al(US 7095854 B1).

With regards to claim 3, DILLENBERGER in view of ROTH and Wood, Scheidt Discloses, wherein the encrypting the block key based on a public key of a preset target object to obtain an encrypted block key corresponding to the preset target object comprises:
encrypting the block key based on the public key through an asymmetric cryptographic algorithm to obtain the encrypted block key (Roth [0122]; In some embodiments, a suspend operation might include receiving a public key from a customer and encrypting the key specified by a given KeyID with the received public key), wherein the asymmetric cryptographic algorithm is configured to be used by the encryption terminal to encrypt uploaded data with the public key of the decryption terminal (Roth [0053] The cryptography service illustrated in FIG. 1 may utilize one or more cryptographically strong algorithms to encrypt data. Such cryptographically strong algorithms may include, for example, Advanced Encryption Standard (AES), Blowfish, Data Encryption Standard (DES), Triple DES, Serpent or Twofish, and depending on the specific implementation selected, may be either asymmetric or symmetric key systems.), and by the decryption terminal to decrypt the encrypted data with a private key of the decryption terminal ([0004]; The key server would then send to the storage 
DILLENBERGER in view of ROTH and Wood, Scheidt do not Ginter discloses,
extracting the public key of the preset target object through a pre-obtained digital certificate (Ginter col 210 line 25-45;  To perform this installation, the installer retrieves the destination site's identity certificate(s) 2823, and from that extracts the site public key(s) 2815.); and  It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify DILLENBERGER in view of Roth and Wood, Scheidt’s method with teaching of Ginter in order to for secure transaction management and electronic rights protection.  (Ginter abstract)

Allowable Subject Matter

Claim 4 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMMED WALIULLAH whose telephone number is (571)270-7987.  The examiner can normally be reached on 8.30 to 430 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 1-571-272-8878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-






/MOHAMMED WALIULLAH/Primary Examiner, Art Unit 2498