Notice of Pre-AIA  or AIA  Status
The present application is being examined under the pre-AIA  first to invent provisions. 
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 25-41 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The claim(s) recite(s) an abstract idea of performing various mathematical operations to create a “lightweight signature”, such as “forming a formatted data element” and “applying an encryption algorithm to the formatted data element” . This judicial exception is not integrated into a practical application because the recited mathematical operations aren’t integrated within, or utilized by, a specific system. The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because claims 25-32 are directed to a “method” without any recitation of specific components of a computer device or computing environment that would constitute as significantly more than the mathematical operations claimed. Further, claims 33-41 are directed to a “system”, with claim 33 reciting a system to carry out the method steps above. Particularly, the system recited within claim 33 includes “a memory device” and “a processor”, which are well-known computing components to implement the mathematical “sign” and “encrypt” operations when considered alone and in combination. This assertion is supported by paragraphs 30 and 31 of “Mao” (US 2005/0240762) which outlines general purpose processors (computers) configured to 
The dependent claims that further limit claims 25 and 33 fail to recite any further limitation that would overcome the identified abstract idea of mathematical operations, and thus also are not integrated into a practical application and do not amount to significantly more than the abstract idea itself.

Claim Rejections - 35 USC § 103
The following is a quotation of pre-AIA  35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:
(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the manner in which the invention was made.

Claim 25, 27, 32, 33, 35, and 40 is/are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over “Young” (US 2006/0140399) in view of “Mao” (US 2005/0240762).

Regarding Claim 25:
Young teaches:
A method for creation of a lightweight signature (¶0026, “… generates an authentication signature”), the method comprising: 
“Once the hash has been created it is added to the low order … of a bit field … with the remainder of the bit field having pre-defined “padding” values”) according to a signature format (Fig. 3, step 310), wherein the signature format comprises: 
a representation of data (¶0027, “… the hash … is added to the low order (e.g., lower 160 bits) of a bit field (e.g., 248 bits)…”); and 
a padding field to store a padding value (¶0027, “… with the remainder of the bit field having pre-defined “padding” values”), …
applying an encryption algorithm to the formatted data element using the private key (¶0027, “Subsequently, SU 107 uses a private key to encrypt the padded hash value into an encrypted result. Thus, the RSA signature has been completed”).
Young does not disclose:
… wherein the formatted data element inclusive of the padding field has a numerical value that is less than a numerical value of an encryption modulus of a private key; and 
Mao teaches:
… wherein the formatted data element inclusive of the padding field has a numerical value (Figure 2, step 23 results in the output value ‘s’ which is a signature string; ¶0041, “Once the unique message string m has been formed, it is then signed by the entity A using a signing algorithm that comprises a first part (block 22) in which a message-recoverable encoding R() is applied to the message string m to produce a unique data string p, and a second part (block 23) in which the private signature function S() is applied to the data string p to produce a signature string … R() can… be any suitable padding scheme”; i.e., produce a signature string ‘s’ that includes padding) that is less than a numerical value of an encryption modulus of a private key (Figure 2, step 26; Figure 4, step 54; ¶0064, “Because the output space of the signature function S() and the input space E() are both the numbers up to k bits, it is significantly probably that a number output from S() is greater than which E() can take as input. This is tested for in step 54 and if s is found to be greater than NB, the most significant bit … of s is simply removed …”. Here, Mao discloses determining whether the signature value ‘s’ is less than the value for the encryption operation E(). The operation E() is further detailed at Figure 5, step 56, where E() includes an modulus of private key NB); and 
	At the time of the invention it would have been obvious to one with ordinary skill in the art to modify Young’s RSA signature method by enhancing Young’s method of forming a signature to perform a check on whether a padded signature string would be larger than the input of an encryption algorithm that utilizes a modulus of a private key, as taught by Mao, in order to perform an arbitrary shrinking operation of the padded signature prior to encryption to avoid unintentional mismatching signatures.
	The motivation is to determine whether a signature output needs to be quickly shrunk prior to an encryption method being performed on the output. This determination can be based on the bit size of the signature output when compared to the modulus of a private key within the encryption method itself, which enables a RSA signature-based system to avoid conflicts when encrypting a signature output larger than the encryption input. Such conflicts would include mismatched signature values when decrypted at a receiver device of the system and which would occur if the encryption unintentionally 

Regarding Claim 27:
The method of claim 25, wherein Young in view of Mao further teaches applying the encryption algorithm further comprises applying an RSA encryption algorithm (Young, ¶0027, “Subsequently, SU 107 uses a private key to encrypt the padded hash value into an encrypted result. Thus, the RSA signature has been completed”).

Regarding Claim 32:
The method of claim 25, wherein Young in view of Mao further teaches the padding field is located as most significant bits of a numerical interpretation of the formatted data element (Young, ¶0027, “… the hash … is added to the low order (e.g., lower 160 bits) of a bit field (e.g., 248 bits), with the remainder of the bit field having pre-defined “padding” values”; i.e., the least significant bits (the lower 160 bits) contains the hash of the document whereas the remainder 88 bits constitute the most significant bits and also contain the padding values).

Regarding Claim 33:
Young teaches:
A system (Fig. 2) comprising:
“Main system memory 2154 stores data and sequences of instructions  that are executed by CPU 202 or any other device included in system 200”);  and
	a processor (Fig. 2, element 202) coupled to the memory device, wherein the processor is configured to form a formatted data element (¶0027, “Once the hash has been created it is added to the low order … of a bit field … with the remainder of the bit field having pre-defined “padding” values”) according to a signature format (Fig. 3, step 310), wherein the signature format comprises: 
a representation of data (¶0027, “… the hash … is added to the low order (e.g., lower 160 bits) of a bit field (e.g., 248 bits)…”); and 
a padding field to store a padding value (¶0027, “… with the remainder of the bit field having pre-defined “padding” values”), …
wherein the processor is further configured to encrypt the formatted data element using the private key (¶0027, “Subsequently, SU 107 uses a private key to encrypt the padded hash value into an encrypted result. Thus, the RSA signature has been completed”).
Young does not disclose:
… wherein the formatted data element inclusive of the padding field has a numerical value that is less than a numerical value of an encryption modulus of a private key; and 
Mao teaches:
… wherein the formatted data element inclusive of the padding field has a numerical value (Figure 2, step 23 results in the output value ‘s’ which is a signature “Once the unique message string m has been formed, it is then signed by the entity A using a signing algorithm that comprises a first part (block 22) in which a message-recoverable encoding R() is applied to the message string m to produce a unique data string p, and a second part (block 23) in which the private signature function S() is applied to the data string p to produce a signature string … R() can… be any suitable padding scheme”; i.e., produce a signature string ‘s’ that includes padding) that is less than a numerical value of an encryption modulus of a private key (Figure 2, step 26; Figure 4, step 54; ¶0064, “Because the output space of the signature function S() and the input space E() are both the numbers up to k bits, it is significantly probably that a number output from S() is greater than which E() can take as input. This is tested for in step 54 and if s is found to be greater than NB, the most significant bit … of s is simply removed …”. Here, Mao discloses determining whether the signature value ‘s’ is less than the value for the encryption operation E(). The operation E() is further detailed at Figure 5, step 56, where E() includes an modulus of private key NB); and 
	At the time of the invention it would have been obvious to one with ordinary skill in the art to modify Young’s RSA signature method by enhancing Young’s method of forming a signature to perform a check on whether a padded signature string would be larger than the input of an encryption algorithm that utilizes a modulus of a private key, as taught by Mao, in order to perform an arbitrary shrinking operation of the padded signature prior to encryption to avoid unintentional mismatching signatures.
	The motivation is to determine whether a signature output needs to be quickly shrunk prior to an encryption method being performed on the output. This determination can be based on the bit size of the signature output when compared to the modulus of a 

Regarding Claim 35 and 40:
System claims 35 and 40 correspond to respective method claims 27 and 32 and contain no further limitations. Therefore claims 35 and 40 are each rejected by applying the same rationale used to reject claims 27 and 32 above, respectively.

Claims 26 and 34 is/are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over “Young” (US 2006/0140399) in view of “Mao” (US 2005/0240762) in further view of “Joye” (US 2011/0085659).

Regarding Claim 26:
Young in view of Mao teaches:
The method of claim 25,
Young in view of Mao does not disclose:
… further comprising applying the encryption algorithm directly to the formatted data element in the absence of applying a hash function to the formatted data element.
Joye teaches:
“A method of generating a signature … for a message m … An advantage of the method is that it may be performed without hashing”).	
At the time of the invention it would have been obvious to one with ordinary skill in the art to modify Young in view of Mao’s RSA signature method by enhancing Young in view of Mao’s method of generating a signature to be hashless, as taught by Joye, in order to reduce the processing requirements of generating an RSA signature.
	The motivation is to generate a RSA-based signature without the usage of a hash function, thus reducing the overall processing requirements needed to generate the signature.

Regarding Claim 34:
System claim 34 corresponds to method claim 26 and contains no further limitations. Thus claim 34 is rejected by applying the same rationale used to reject claim 26 above.

Claim 28, 29, 31, 36, 37, 39, and 41 is/are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over “Young” (US 2006/0140399) in view of “Mao” (US 2005/0240762) in further view of “Schneier” (US 5956404).

Regarding Claim 28:
Young in view of Mao teaches:
The method  of claim 25, …
Young in view of Mao does not disclose:
…wherein the signature format further comprises at least two fields for at least one redundantly encoded element.
Schneier teaches:
…wherein the signature format further comprises at least two fields for at least one redundantly encoded element (Fig. 2 discloses two fields of a signature packet, Auditing Bits element 254 and Redundancy Bits element 256, that each include a redundantly encoded element).
At the time of the invention it would have been obvious to one with ordinary skill in the art to modify Young in view of Mao’s RSA signature method by enhancing Young in view of Mao’s signature to include two fields for at least one redundantly encoded element, such as an Auditing Bits element or a Redundancy Bits element, as taught by Schneier, in order to prevent a malicious entity from modifying any signatures previously generated.
	The motivation is to include fields within a signature that provide for redundancy and auditing checks. This ensures a complete chain of past signatures by tracing every signature to get its prior signature, and thus provides tamper resistance to an RSA signature method by preventing an attacker from altering any previous transactions with signatures (Schneier, Col. 4, lines 27-31; Col. 7, lines 10-15).

Regarding Claim 29:
The method of claim 28, wherein Young in view of Mao in further view of Schneier further teaches the at least one redundantly encoded element comprises a redundantly 
The motivation to reject claim 29 is the same motivation used to combine Schneier above in rejecting claim 28.

Regarding Claim 31:
Young in view of Mao teaches:
The method  of claim 25, …
Young in view of Mao does not disclose:
… wherein the signature format further comprises at least one field for at least one constant element.
Schneier teaches:
… wherein the signature format further comprises at least one field for at least one constant element (Schneier, Fig. 3 details the Auditing Bits containing constant ID bits element 277 and 279, where the Auditing Bits is shown as a field of a signature within Fig. 2).
At the time of the invention it would have been obvious to one with ordinary skill in the art to modify Young in view of Mao’s RSA signature method by enhancing Young in view of Mao’s signature to include an Auditing Bits element, containing constant ID bits, as taught by Schneier, in order to prevent a malicious entity from modifying any signatures previously generated.


Regarding Claims 36, 37, and 39:
System claims 36, 37, and 39 correspond to respective method claims 28, 29, and 31 and contain no further limitations. Therefore claims 36, 37, and 39 are each rejected by applying the same rationale used to reject claims 28, 29, and 31 above, respectively.

Regarding Claim 41:
Young in view of Mao teaches:
The system of claim 33,  …
Young in view of Mao does not disclose:
… wherein the process is further configured to include configuration parameters in a fully recoverable message portion of an authentication payload.
Schneier teaches:
… wherein the process is further configured to include configuration parameters (Fig. 3, elements 275-287 make up configuration parameters) in a fully recoverable message portion of an authentication payload (Fig. 3, elements 275-287 are contained within Auditing Bits element 254, shown further in Fig. 2 as a portion of an authentication payload of a message).

	The motivation is to include fields within a signature that provide for redundancy and auditing checks. This ensures a complete chain of past signatures by tracing every signature to get its prior signature, and thus provides tamper resistance to an RSA signature method by preventing an attacker from altering any previous transactions with signatures (Schneier, Col. 4, lines 27-31; Col. 7, lines 10-15).

Claim 30 and 38 is/are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over “Young” (US 2006/0140399) in view of “Mao” (US 2005/0240762) in view of “Schneier” (US 5956404) in further view of “Hayashi” (US 2004/0003261).

Regarding Claim 30:
Young in view of Mao in further view of Schneier teaches:
The method of claim 28,
Young in view of Mao in further view of Schneier does not disclose:
… wherein an entropy of the at least one redundantly encoded element is at or above an entropy threshold.
Hayashi teaches:
“… it is also possible to not perform the entropy coding for a lower bit plane. In general, an upper bit plane has a relatively high redundancy, whereas a lower bit plane has a relatively low redundancy … Moreover, since the entropy coding processing is processing requiring a relatively long processing time, it is possible to obtain a compression effect of a relative same degree and, at the same time, reduce the processing time by not executing the entropy coding of the lower bit plane”; i.e., only encode the entropy of a bit-plane having a high redundancy as opposed to a lower redundancy. Here, the examiner interprets the difference between a “high” redundancy and a “low” redundancy to be the “entropy threshold” as claimed).
At the time of the invention it would have been obvious to one with ordinary skill in the art to modify Young in view of Mao in further view of Schneier’s RSA signature method by enhancing Young in view of Mao in further view of Schneier’s redundantly encoded element to contain an entropy value above an entropy threshold, as taught by Hayashi, in order to compress redundancy values at a similar degree while not increasing the processing time used to perform entropy coding.
	The motivation is to effectively performing entropy coding only the higher redundancy bit planes rather than the lower bit planes of a signature message. Such selective performing allows a signature system to apply compression rates that would be similar if encoding all bit planes, but while reducing the overall processing time needed to perform entropy coding (Hayashi, ¶0127).


Regarding Claim 38:
System claim 38 corresponds to method claim 30 and contains no further limitations. Therefore claim 38 is rejected by applying the same rationale used to reject claim 30 above.

Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DANIEL B POTRATZ whose telephone number is (571)270-5329.  The examiner can normally be reached on M-F 10 A.M. - 6 P.M. CST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 571-272-3972.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/DANIEL B POTRATZ/Primary Examiner, Art Unit 2491