673Notice of Pre-AIA  or AIA  Status
1.	The present application is being examined under the pre-AIA  first to invent provisions. 

Continued Examination Under 37 CFR 1.114
2.	A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 06/03/2021 has been entered.

Response to Arguments
3.	Applicant’s arguments filed on 06/03/2021, with respect to the pre-AIA  35 U.S.C 103 rejection of claims 21, 23, 26, 27, and 30-32 as allegedly being unpatentable over U.S. Pre-Grant Publication No. 2012/0131354, by French (hereinafter “French”) in view of U.S. Pre-Grant Publication No. 2012/0331293, by Ma, et al. (hereinafter “Ma”), and further in view of U.S. Patent No. 7,400,733, issued to Cam-Winget, et al. (hereinafter “Cam”), claims 22 and 29 stand rejected as allegedly being unpatentable over French in view of Ma and Tanaka and further in view of U.S. Pre-Grant Publication No. 2003/0110376, by Wiener, et al. (hereinafter “Wiener”), claims 24, 25 and 28 stand rejected as allegedly being unpatentable over French in view of Ma and Tanaka and further in view of U.S. Patent No. 8,370,648, issued to Natanzon (hereinafter 


Double Patenting
4.	The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp. 

Claims 21-40 are provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over claims Patent no. 10,467,422. Although the claims at issue are not identical, they are not patentably distinct from each other because both the instant application claim 21 and Patent No. claim 1 are almost the same in scope.

Instant claim and associated claims 22-40
U.S. Patent No. ‘422 claim 1 and associated claims 2-14
25. (Currently Amended) A system for generating a cryptographic key for data 







Claim Rejections - 35 USC § 103
The following is a quotation of pre-AIA  35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:
(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under pre-AIA  35 U.S.C. 103(a) are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.

4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
5.	Claims 21, 23, 26, 27, and 30-32 are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over U.S. Publication No. 20120131354 hereinafter French in view of U.S. Publication No. 20120331293 hereinafter Ma, and further in view of U.S. Publication No. 20120243685 hereinafter Tanaka.

As per claim 21, French discloses:
A computer-implemented method (Fig. 7, para 0429 “The entities described herein, such as the CS, KS, API, CSP and calling applications, may be implemented by computer systems such as computer system 1000 as shown in FIG. 7.”), comprising:
obtaining, at a cryptography service that manages cryptographic keys for a plurality of customers of a computing resource service provider, calls to an application programming interface provided by the cryptography service to perform cryptographic operations (para 0049 “By employing a high level API that separates the calling applications and any details of the encryption mechanism, such as key management and cryptographic providers, the centralized cryptographic service system allows calling applications to request a cryptographic function by using a simple sentence construct with information regarding the origin, the target and what needs to be done with the data.” Para 0056 “One or more users (e.g. applications) may call a Cryptographic Server 

French does not disclose:
obtaining, at the cryptography service, information including at least a request to generate a cryptographic key, a time to retire to be associated with the cryptographic key, and policy to cause an old cryptographic key to be retired after an amount of use;
generating the cryptographic key and associating, for the cryptographic key, the time to retire with the cryptographic key;
as a result of the policy being satisfied, causing, at the cryptography service, at least a subset of a plurality of computing devices associated with the cryptography service to replace the old cryptographic key with the cryptographic key and monitoring a time interval related to an amount of time the cryptographic key has been in use by at least the subset of the plurality of computing devices associated with the cryptography service;

associating, for the new cryptographic key, the time to retire with the new cryptographic key;
and as a result of the time interval reaching a length greater than the time to retire, causing at least the subset of the plurality of computing devices
associated with the cryptography service to replace the cryptographic key with the new cryptographic key

Ma discloses:
obtaining, at the cryptography service, information including at least a request to generate a cryptographic key, a time to retire to be associated with the cryptographic key (para 0017 “The WFM 102 receives an ingestion request from the content management system (CMS) 112. The request specifies a security profile. In one embodiment, the security profile includes content encryption information, including cipher specification and content encryption key expiration policies.”),
generating the cryptographic key (para 0007 “In one embodiment, the content encryption keys may be generated using weak sources of entropy (e.g., processor or wall clock time, /dev/urandom, etc.). In another embodiment, the content encryption keys may be generated using strong sources of entropy (e.g., hardware sources which rely on electrical static or radioactive Para 0017 “The WFM 102 generates an initial content encryption key and assigns it a content encryption key identifier. In one embodiment, the content encryption key identifier is initially set to zero and all future content encryption key identifiers are based on a relative offset to the initial content encryption key identifier. In one embodiment, the content encryption key identifiers are based off a next sequential integer value, offset from the previous content encryption key identifier. In another embodiment, the content encryption key identifiers are based off the wall clock time offset from the time the initial content encryption key identifier was generated.” para 0034 “In one embodiment, the encryption algorithm initialization vector (IV) is reinitialized when the content encryption key is expired. In another embodiment, when content encryption key is expired, the client 110 continues to use the existing IV stream.”)
and associating, for the cryptographic key, the time to retire with the cryptographic key (para 0017 “The WFM 102 generates an initial content encryption key and assigns it a content encryption key identifier. In one embodiment, the content encryption key identifier is initially set to zero and all future content encryption key identifiers are based on a relative offset to the initial content encryption key identifier. In one embodiment, the content encryption key identifiers are based off a next sequential integer value, offset from the previous content encryption key identifier. In another embodiment, the content encryption 
monitoring a time interval related to an amount of time the cryptographic key has been in use by at least a subset of a plurality of computing devices associated with the cryptography service (para 0019 “In one embodiment, the license server 106 registers client devices 110 and verifies the right of each client device 110 to view the content. If the client 110 has the right to view the content, the license server 106 provides the content encryption key, content encryption key lifespan (or expiration), and the location of the encrypted content.”);
associating, for the new cryptographic key, the time to retire with the new cryptographic key (para 0017 “In one embodiment, the content encryption key identifiers are based off a next sequential integer value, offset from the previous content encryption key identifier. In another embodiment, the content encryption key identifiers are based off the wall clock time offset from the time the initial content encryption key identifier was generated.” para 0018 “In one embodiment, before the content encryption key expires, the packager 104 requests a new key from the WFM 102. In one embodiment, the new content encryption key has the same lifespan as the previous content encryption key. The new content encryption key is made available by the WFM 102 to the packager 104 before the previous content encryption key has expired to allow for uninterrupted encryption.”);
(para 0028 “If the current content encryption key needs to be expired and a replacement content encryption key is available, processing proceeds to step 212 where the current content encryption key is expired and replaced with the pending content encryption key. The key expiration time from the WFM 102 may be viewed as a "suggested" expiration time, as the packager 104 may not be able to expire the key at the exact specified time. In one embodiment, the packager 104 notifies the WFM 102 of the exact time (segment number) at which a new key took effect (i.e., began to be used to encrypt content segments). In this case, the WFM 102 may wait to push the new key to the license server 106 only after receiving confirmation from the packager 104 that the new key has taken effect. In one embodiment, the IV is reinitialized when the content encryption key is expired.”),
causing at least the subset of the plurality of computing devices (para 0007 “The license server is responsible for distributing content encryption keys to clients. In one embodiment, the license server also distributes fixed duration lifespan information to clients. In one embodiment, when initiating playback of the stream, the client requests the current content encryption key, the next future content encryption key, and the fixed duration lifespan of the keys. The client uses the content encryption keys to decrypt the associated content.” Para 0015 “The license server 106 is responsible for storing encryption keys and providing them to the clients 110 for use during playback, as described in more detail below.”)
(para 0028 “If the current content encryption key needs to be expired and a replacement content encryption key is available, processing proceeds to step 212 where the current content encryption key is expired and replaced with the pending content encryption key. The key expiration time from the WFM 102 may be viewed as a "suggested" expiration time, as the packager 104 may not be able to expire the key at the exact specified time. In one embodiment, the packager 104 notifies the WFM 102 of the exact time (segment number) at which a new key took effect (i.e., began to be used to encrypt content segments). In this case, the WFM 102 may wait to push the new key to the license server 106 only after receiving confirmation from the packager 104 that the new key has taken effect. In one embodiment, the IV is reinitialized when the content encryption key is expired.” Each client who has received the replacement encryption key from the license server has the ability to replace the key. The claims do not state the clients replace their respective keys at the same time)
Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was made to modify the system of cryptography services of French to include the method of monitoring and replacing cryptographic keys, as taught by Ma.
The motivation would have been to monitor an expiration time of an encryption key in order to properly replace the key to provide an uninterrupted encryption and content consumption.
French in view of Ma does not disclose:
a policy to cause an old cryptographic key to be retired after an amount of use;
as a result of the policy being satisfied, causing, at the cryptography service, at least a subset of a plurality of computing devices associated with the cryptography service to replace the old cryptographic key with the cryptographic key 

Tanaka discloses:
a policy to cause an old cryptographic key to be retired after an amount of use, as a result of the policy being satisfied, causing, at the cryptography service, at least a subset of a plurality of computing devices associated with the cryptography service to replace the old cryptographic key with the cryptographic key; as a result of the policy being satisfied, causing, at the cryptography service, at least a subset of a plurality of computing devices associated with the cryptography service to replace the old cryptographic key with the cryptographic key (para 0005 and 0047 “The group key has a lifetime. Accordingly, the root node needs to update the group key (being used) before expiring the lifetime, and send a new group key (after updating) to each node in the wireless mesh network. Because it is maintained that each node in the wireless mesh network always preserves effective group key. A message including the new group key (after updating) also needs to be notified with encryption. Because this encryption prevents leakage of the group key outside the wireless mesh Para 0037 “For example, a device key X.sub.2 is assigned to a node 101B, a lifetime of the device key X.sub.2 is valid, the node 101B is joining at present, and the lifetime expires in October, 2012.”)
Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was made to modify the system of cryptography services of French in view of Ma to include the method of monitoring and replacing cryptographic key, as taught by Tanaka.
The motivation would have been to monitor an expiration time of an encryption key in order to properly replace the key to provide an uninterrupted encryption and content consumption.

As per claim 23, French in view of Ma and Tanaka discloses:
The computer-implemented method of claim 21, the cryptographic key is associated with a key identifier; and causing at least the subset of the plurality of computing devices to replace the cryptographic key with a new cryptographic key includes causing at least one of the computing devices to persist the replaced cryptographic key in association with the key identifier (Ma para 0017 and 0018).

As per claim 26, the implementation of the computer-implemented method of claim 21 would execute the computer system of claim 26 including the language encrypt using the cryptographic key, decrypt using the cryptographic key; remove the cryptographic key; update the cryptographic key; and rotate the cryptographic key with a new cryptographic key (French para 0032-0037 “The Cryptographic Providers layer is based on a stable, managed and configurable set of hardware and software components. The cryptographic providers layers is hardware vendor agnostic and provides: operation and usage of a provider governed by policy; communication via defined APIs to all the supporting services e.g. Client API, Key Server (KS), credential management, audit; modular cryptographic services and utilities implemented in hardware and/or software; a scalable solution; simple deployment and management of hardware and software based cryptographic devices.” para 0049 “By employing a high level API that separates the calling applications and any details of the encryption mechanism, such as key management and cryptographic providers, the centralized cryptographic service system allows calling applications to request a cryptographic function by using a simple sentence construct with information regarding the origin, the target and what needs to be done with the data.” Para 0051 “If the determined policy specifies that the data is managed, then the encrypted data block, or cryptogram, contains the information required to decrypt the data; for example, the encryption key identity and cryptographic mechanism are wrapped with all the data processed, in order to de-couple the key management and cryptographic controls from the application.” Para 0329-0335 “The KS has the ability to request that a specific instance of a base key can be changed. In order to eliminate any disruption to the CS, baseline keys use the concept of an old, current and new key. This requires that there is a pre-distribution of the new baseline keys before the key activation period. The use of this method allows for variances in CS clocks. The method includes: 1. KS generates the next specific base key instance based on the Key Metadata 2. KS can use the Query commands for end point and key residency to determine the crypto engines and loaded keys on each server. 3. Based on the findings of the Query commands the KS can issue a base key roll over command to each crypto engine on a server. 4. On receipt of a base key roll over command the CS loads the new key into the new key slot. 5. The CS marks the old key for deletion, moves the current key to the old key slot and the new key to the current key slot. 6. If all the key movers are successful then the old key marked for deletion is discarded; otherwise the value is rolled back to their original positions.”). Automatic rotation policy to cause an old cryptographic key to be retired after an amount of use (Tanaka para 0005 and 0047). The claim is analyzed with respect to claim 21. 

As per claim 27, French in view of Ma and Tanaka discloses:
The computer system of claim 26, wherein: a new time to retire is generated by the cryptography service of the computing resource service provider for the new cryptographic key identified by the new key identifier; a new time associated with the new cryptographic key is monitored; and as a result of the new time associated with the cryptographic key exceeding the new time to retire, generate a third cryptographic key identified by a third key identifier 

As per claim 30, French in view of Ma and Tanaka discloses:
The computer system of claim 26, wherein monitoring the time associated with the cryptographic key includes tracking a duration the cryptographic key has been in use to perform cryptographic operations (Ma Figs. 2 and 3, 0017, 0018, and 0030-0037).

As per claim 31, French in view of Ma and Tanaka discloses:
The computer system of claim 26, wherein generating the new cryptographic key identified by the new key identifier includes notifying another computer system of the new cryptographic key and new key identifier (Ma para 0017-0019).

As per claim 32, French in view of Ma and Tanaka discloses:
The computer system of claim 26, wherein the new cryptographic key identified by the new key identifier is used in future cryptographic operations until a new time associated with the new cryptographic key has exceeded a new time to retire (French para 0032-0037, 0049, 0056 and 0329-0335) and (Ma para 0008, 0017, 0018 and 0028).

s 22 and 29 are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over French in view of Ma, and further in view of Tanaka, and further in view of U.S Publication No. 20030110376 hereinafter Wiener.

As per claim 22, French in view of Ma and Tanaka discloses:
The computer-implemented method of claim 21, further comprising: obtaining, through the application programming interface (French para 0056)

French in view of Ma and Tanaka does not disclose:
a time to retire where the time to retire is further determined based at least in part on a cryptographic algorithm used to generate the cryptographic key

Wiener discloses:
a time to retire where the time to retire is further determined based at least in part on a cryptographic algorithm used to generate the cryptographic key (para 0019 “The multi-client manager 12 provides selectable expiry data such as public key expiry data and selectable private key expiry data that is selectable on a per client basis. A graphic user interface on the multi-client manager unit is used to facilitate setting of the selectable expiry data to a desired state on a per client basis. The selectable expiry data may be digital signature certificate lifetime data for variably setting a lifetime end date for a digital signature certificate associated with a given client. The selectable expiry data may also include public encryption key expiry data or other suitable expiry Para 0020 “Using the user interface, a security officer or other authorized user of the multi-client manager unit 12, selects a certificate lifetime and private key lifetime for each selected client on a per client basis so that the cryptographic system 10 can adapt to changes to any client in the system. For example in the case of a contractor or temporary employee, the manager unit 12 provides a security officer with the ability to select a certificate lifetime and private key lifetime as desired.”)
Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was made to modify the system of cryptography services of French in view of Ma and Tanaka to include a first time to retire where
the first time to retire is further determined based at least in part on a user-specified time to retire, as taught by Wiener.
The motivation would have been to allow for selectable variation of expiry periods on a per user basis for an encryption keys thereby to provide user specific key usage.

As per claim 29, the claim is analyzed with respect to claim 22.

12.	Claims 24, 25, and 28 are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over French in view of Ma, and further in view of Cam, and further in view of U.S. Patent No. 8,370,648 hereinafter Natazon.

As per claim 24, French in view of Ma and Tanaka discloses:


French in view of Ma and Tanaka does not discloses:
a replaced cryptographic key is available for future decryption operations

Natazon discloses:
a replaced cryptographic key is available for future decryption operations (Col. 3 Lines 60-67 “If the key is not the newest key, for example, the encryption key is outdated based on a policy (e.g., keys older than a month are updated), then the key is updated on a read request based on the policy, the data is decrypted using the old key then re-encrypted with the latest encryption key (e.g., a newer encryption key than an outdated encryption key) (234), the new encrypted data is stored back to the LUN 50 (244) and the key ID is updated to reference the new encryption key (254).”)
Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was made to modify method to quickly switch to a new public key after invalidation of the current public key of French in view of Ma 
The motivation would have been properly secure update content and keys to properly manage content and updated keys.

As per claim 25, French in view of Ma, Tanaka and Natazon discloses:
The computer-implemented method of claim 24, further comprising: obtaining, a request to perform a cryptographic operation using a key identified by the key identifier; selecting, based at least in part on the received
request, between at least the replaced cryptographic key and the new cryptographic key to perform the cryptographic operation; and performing the cryptographic operation (Ma Figs. 2 and 3, 0017, 0018, and 0030-0037) and (Natazon Col. 3 Lines 60-67).

As per claim 28, French in view of Ma and Tanaka discloses:
The computer system of claim 26, further comprising: as a result of the time associated with the cryptographic key exceeding the time to retire (Ma Figs. 2 and 3, 0017, 0018, and 0030-0037).

French in view of Ma and Tanaka does not disclose:


Natazon discloses:
marking a cryptographic key as retired; and using the retired cryptographic key for operations of another particular type (Fig. 2b, Col. 2 Lines 48-56 “Referring to FIG. 2B, in one example, the data in data block 0 (52a) is updated with encrypted data W' in the first portion 54a. In one example, the old key, key 1, is expired and no longer useable. In other examples, the old key, key 1, is not expired (e.g., the key 1 may be valid to read encrypted data), but it is not the newest key. The encrypted data W' is encrypted with a new key, for example, key 4. The ID of key 4, Key ID 4, is stored in the second portion 58a of data block 0 (52a) to identify the key that encrypted the data in data block 0 (52a).”)
Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was made to modify method to quickly switch to a new public key after invalidation of the current public key of French in view of Ma and Tanaka to include marking a cryptographic key as retired; and using the retired cryptographic key for operations of another particular type, as taught by Natazon.
The motivation would have been properly secure update content and keys to properly manage content and updated keys.

s 33-40 are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over U.S. Publication No. 2003/0163701 hereinafter Ochi further in view of U.S. Patent No. 8,370,648 hereinafter Natazon and further in view of Cam.

As per claim 33, Ochi discloses:
One or more computer-readable storage media having collectively stored thereon instructions that, when executed by one or more processors of a computer system (para 0011), cause the computer system to:
track a time of retirement of a key repeatedly used in cryptographic operations involved in responding to requests specifying a key identifier that identifies the key (para 0050 "One difference is that a key-usage counter 112 is created at the user device when the auxiliary key pair is activated, e.g., upon receiving the registration certification for the new keys (s410). The counter 112 keeps track of the number of times the new key pair is used by the user.”)
detect when one or more conditions related to the time of retirement require retirement of the key (para 0048 "FIGS. 6A-6C illustrates a cryptosystem having a risk determination program 110 according to one embodiment of the present invention." para 0052 "The program 110 determines whether or not the incremented counter is greater than or equal to a predetermined number N1 (s456). This predetermined number is a number of times that the user's key pair may be used with relative security." Para 0054 "If the counter is greater than or equal to the predetermined number, than an alert is displayed to the user on the user terminal 102 informing him or her that the use of the current key pair has Para 0054 "If the counter is greater than or equal to the predetermined number, than an alert is displayed to the user on the user terminal 102 informing him or her that the use of the current key pair has become unacceptably high, so that the user may initiate creation of a new auxiliary key pair to replace the current key pair (s458). In one embodiment, at s458, the program 110 initiates creation of an auxiliary key pair by itself and inform the user of creation thereof)

Ochi does not disclose:
a time of retirement determined based, at least in part, on a cryptographic algorithm used to generate the key
as a result of detecting the one or more conditions indicating that the key is to be retired, because a different key to be used in cryptographic operations involved in responding to requests that specify the key identifier

Natazon discloses:
as a result of detecting the one or more conditions indicating that the key is to be retired, cause a different key to be used in cryptographic operations involved in responding to requests that specify the key identifier (Col. 3 Lines 60-67 “If the key is not the newest key, for example, the encryption key is outdated based on a policy (e.g., keys older than a month are updated), then the key is updated on a read request based on the policy, the data is decrypted using the old key then re-encrypted with the latest encryption key (e.g., a newer encryption key than an outdated encryption key) (234), the new encrypted data is stored back to the LUN 50 (244) and the key ID is updated to reference the new encryption key (254).)
Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was made to modify method to quickly switch to a new public key after invalidation of the current public key of Ochi to include as a result of detecting the one or more conditions indicating that the key is to be retired, cause a different key to be used in cryptographic operations involved in responding to requests that specify the key identifier, as taught by Natazon. 
The motivation would have been properly secure update content and keys to properly manage content and updated keys.

Ochi in view of Natazon and Cam does not disclose:
a time of retirement determined based, at least in part, on a cryptographic algorithm used to generate the key

Cam discloses:
a time of retirement determined based, at least in part, on a cryptographic algorithm used to generate the key (Col. 3 Line 56- Col. 4 Line 14 “For 350 determines whether another key is needed because the key space is about to be exhausted. The key space is a function of the nonce, the packet size, and the communication rate. Thus, for a 3 byte nonce (i.e. 24 bits), a packet size of 2.sup. 10 bytes, and a communications rate of 8 Mbits/sec, the key space is exhausted every 2,144 seconds (about 36 minutes). Consequently, in this
example, step 350 can determine whether something close to 2,144 seconds
have elapsed or whether close to 2.sup.24 (about 16 million) packets have been
transmitted and received. If so, then another key is needed and a synchronized
key exchange can be initiated in step 360.” Col. 4 Lines 15-25 “Of importance, this synchronized key exchange must be initiated sufficiently early to allow 1) for the key exchange to occur and 2) for the new encryption key to be generated before the key space has been exhausted. The key exchange is described as being synchronized because the station that initiates the key exchange sends during the key exchange, an exchange threshold indicative of when the new encryption key is to be used in encrypting communications. In one embodiment, the synchronized key exchange can also be an authenticated key exchange.” Col. 4 Lines 57-67 “The request to initiate a new encryption key 
Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was made to modify the system of cryptography services of Ochi in view of Natazon to include a time of retirement determined
based, at least in part, on a cryptographic algorithm used to generate the key, as taught by Cam.
The motivation would have been to monitor an expiration time of an encryption key in order to properly replace the key to provide an uninterrupted encryption and content consumption.

As per claim 34, Ochi in view of Natazon and Cam discloses:
The one or more computer-readable storage media of claim 33, wherein tracking the time of retirement of the key includes tracking a duration the key has been in use to perform cryptographic operations (Ochi para 0050-0054).

As per claim 35, Ochi in view of Natazon and Cam discloses:


As per claim 36, Ochi in view of Natazon and Cam discloses:
The one or more computer-readable storage media of claim 33, wherein when the one or more conditions related to the time of retirement requiring retirement of the key are fulfilled (Ochi para 0050-0054),
the instructions further cause the computer system to use the key for decrypting at least one ciphertext generated based at least in part on the key (Natazon Col. 3 Lines 60-67).

As per claim 37, Ochi in view of Natazon and Cam discloses:
The one or more computer-readable storage media of claim 33, wherein the key is one of a plurality of keys for which the instructions cause the computer system to track time of retirement (Ochi para 0050-0054).

As per claim 38, Ochi in view of Natazon and Cam discloses:
The one or more computer-readable storage media of claim 33, wherein the key is managed by the computer system on behalf of a customer of a computing resource provider and the key is one of a plurality of keys including at 

As per claim 39, Ochi in view of Natazon and Cam discloses:
The one or more computer-readable storage media of claim 38, wherein the time of retirement is specified by a customer through an application programming interface for a cryptography service provided by the computing resource service provider (Ochi para 0050-0054) and (Natazon Figs. 4 and 5, Col. 2 Lines 6-32).

As per claim 40, Ochi in view of Natazon and Cam discloses:
The one or more computer-readable storage media of claim 33, wherein the time to retirement is based at least in part on an algorithm used to generate the key (Ochi para 0011 and 0050) and (Natazon Figs. 4 and 5, Col. 2 Lines 6-32).


Conclusion 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GARY S GRACIA whose telephone number is (571)270-5192.  The examiner can normally be reached on Monday-Friday 9am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 5712723972.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/GARY S GRACIA/Primary Examiner, Art Unit 2491