DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to application 16/511,274 filed on 7/15/2019.
The examiner notes the IDS filed on 7/15/2019 and 10/11/2019 has been considered. 

Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:

(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do 
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitation(s) is/are: “holding unit”, “determination unit”, “authentication unit”, “verification unit”, “a unit”, “calculation unit” and “transmission unit” in claims 4-8, 12-16 and 19.
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.



Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claim(s) 1-19 is rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more – i.e., the claim recites authentication system/device/target device/image forming apparatus that performs authentication, more specifically:
Claim 3 and similarly Claim 1, recites: 

the authentication 
the authentication target 

Claim 5 and similarly Claim 4 and 12, recites: 
An authentication 
a holding unit configured to hold a first secret data corresponding to a selected authentication key selected from a plurality of first authentication keys and second secret data corresponding to a second authentication key; 
a determination unit configured to communicate with an authentication target 
an authentication unit configured to authenticate the authentication target 
a verification unit configured to verify signature data held by the authentication target 
when the authentication target 
when verification of the signature data by the verification unit is successful, the authentication unit performs authentication of the authentication target 
Claim 15 and 14, recites: 
An authentication target 
a holding unit configured to hold a plurality pieces of first secret data respectively corresponding to a plurality of first authentication keys, second secret data corresponding to a second authentication key, and signature data; 

a calculation unit configured to perform a calculation based on one first secret data of the plurality pieces of first secret data or the second secret data based on a determination result by the authentication 
 in accordance of a determination of the authentication 
The limitations of as noted above:
For Claim 3 and similarly Claim 1: recite concepts of holding data
For Claim 5 and similarly Claim 4 and 12: holding data, determining... to see if a “device” holds secret data, units that perform authentication and/or verification.
For Claim 5 and similarly Claim 15 and 14: holding data, the ability to transmit information, and further ability to perform calculation
The examiner respectfully notes such limitations as noted above, is a process that, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components. That is, other than reciting units nothing in the claim element precludes the step from practically being performed in the mind. For example, but for the various forms of units language the steps as noted above would be able to be performed in the mind or with the use of pencil and paper.  If a claim limitation, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic 
This judicial exception is not integrated into a practical application. In particular, the claim only recites additional elements of units to perform the aforementioned steps. The units in these steps are recited at a high-level of generality (i.e., as a generic units that perform computer processing) such that it amounts no more than mere instructions to apply the exception using a generic computer component. Accordingly, this additional element does not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. The claim is directed to an abstract idea. 
The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional element of using a units to perform the aforementioned steps amounts to no more than mere instructions to apply the exception using a generic computer component. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. The claim is not patent eligible.
Further dependent Claim(s) 2, 6-11, 13, and 16-19   do not add features considered to amount to “significantly more” than the abstract idea identified for the respective independent Claim 1, 5, 12, and 15.  These claims further recite similar concepts as noted above therefore are similarly rejected under 35 U.S.C. 101. 




Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-19 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.

Regarding Claims 1-3; Claims 1-3 recites the limitations “the authentication device holds...” and “the authentication target device holds ....”. The examiner notes the term “holds” is a relative term which renders the claim indefinite.  The term "holds" is not defined by the claim, the specification does not provide a standard for ascertaining the requisite degree, and one of ordinary skill in the art would not be reasonably apprised of the scope of the invention.  The examiner will interpret hold as a form of stored. 






Regarding Claims 4, 5, 12, 14, 15, and 16; Claims 4, 5, 12, 14, 15, and 16 recite the term "holds".  The examiner notes the term “holds” is a relative term which renders the claim indefinite.  The term “holds” is not defined by the claim, the specification does not provide a standard for ascertaining the requisite degree, and one of ordinary skill in the art would not be reasonably apprised of the scope of the invention.  The examiner will interpret hold as a form of stored. 

Further dependent Claim(s) 6-11, 13, and 17-19 are dependent on either claims 5, 12 or 15 and therefore inherit the 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph issues of the independent claims. 














Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim(s) 1, 3, 4, 14-16 and 18 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Lee et al. (US 2016/0135045 A1).

Regarding Claim 1; 
Lee discloses an authentication system comprising an authentication device and an authentication target device (FIG. 2 – Joining Device and Group Member Device), wherein 
the authentication device holds one first authentication secret data and one second authentication secret data, the one first authentication secret data to authenticate the authentication target device of a version from a first version that is the same as the authentication device to a second version newer than the first version, the one second authentication secret data to authenticate the authentication target device of a version newer than the second version (FIG. 1 and FIG. 3 – Group Authentication Key including GK1, GK2, GK3, and GK4 and Version Index and [0051] - In some examples, the subsequent version of the GK(i+1) is generated such that group member devices may verify the authenticity of GK(i+1) using GK(i) or prior versions of GKs, e.g., GK(i-1), GK(i-2), etc. and [0061] - At 435, the joining device 115-e may authenticate with the group member device 115-f using an AuT with version index i+1 whereas the group member device 115-f accepts the authentication using an AuT with version index i. As discussed, the AuT provided herein may permit forwards and/or backwards compatibility for authentication between devices... In another example, the group member device 115-f may authenticate the joining device 115-e based on the differences between the version index, e.g., up to one, two, three, etc., different versions are support for authentication...  Accordingly, the group member device may authenticate using version indexes that are newer and/or older than the version index from the joining device); and
the authentication target device holds a plurality pieces of first authentication target secret data and second authentication target secret data, the plurality pieces of first authentication target secret data corresponding to each of versions from a third version that is same as the authentication target device to a fourth version older than the third version and for authentication by the authentication device of a version from the third version to the fourth version, one second authentication target secret data corresponding to each of versions from a fifth version to a sixth version and for authentication by the authentication device of a version from the fifth version to the sixth version, the fifth version being older than the fourth version by one version, the sixth version being older than the fifth version (FIG. 1 and FIG. 3 – Group Authentication Key including GK1, GK2, GK3, and GK4 and Version Index and [0051] - The version index 330 may include one or more information elements associated with indicating a version of the AuT 305. The AS may update the AuT 305 for various reasons, e.g., timed-rollover for maintenance, group authentication key compromise, etc. The AS may, in some examples, create the group authentication key 325 using the hash function based on the group secret being hashed with the group identifier 315. The version index 330 may indicate which iteration of the hashing function is associated with the current AuT 305... and [0061] - At 435, the joining device 115-e may authenticate with the group member device 115-f using an AuT with version index i+1 whereas the group member device 115-f accepts the authentication using an AuT with version index i. As discussed, the AuT provided herein may permit forwards and/or backwards compatibility for authentication between devices... In some examples, the group member device 115-f may authenticate the joining device 115-e based on the reason code, e.g., the reason code indicates that the key change was scheduled and, therefore, the group member device 115-f trusts the AuT from the joining device despite the different version index. In another example, the group member device 115-f may authenticate the joining device 115-e based on the differences between the version index, e.g., up to one, two, three, etc., different versions are support for authentication. Other authentication determinations may be based on a combination of the reason code, the version index, as well as other factors known to the group member device 115-f and/or the joining device 115-e. Accordingly, the group member device may authenticate using version indexes that are newer and/or older than the version index from the joining device.). 







Regarding Claim 3; 
Lee discloses an authentication system comprising an authentication device and an authentication target device (FIG. 2 – Joining Device and Group Member Device), 
wherein the authentication device holds one first authentication secret data to authenticate the authentication target device of a first version that is the same as the authentication device and one second authentication secret data to authenticate the authentication target device of a version newer than the first version (FIG. 1 and FIG. 3 – Group Authentication Key including GK1, GK2, GK3, and GK4 and Version Index [0051] - In some examples, the subsequent version of the GK(i+1) is generated such that group member devices may verify the authenticity of GK(i+1) using GK(i) or prior versions of GKs, e.g., GK(i-1), GK(i-2), etc. and [0061] - At 435, the joining device 115-e may authenticate with the group member device 115-f using an AuT with version index i+1 whereas the group member device 115-f accepts the authentication using an AuT with version index i. As discussed, the AuT provided herein may permit forwards and/or backwards compatibility for authentication between devices... In another example, the group member device 115-f may authenticate the joining device 115-e based on the differences between the version index, e.g., up to one, two, three, etc., different versions are support for authentication...  Accordingly, the group member device may authenticate using version indexes that are newer and/or older than the version index from the joining device); and
the authentication target device holds a plurality of first authentication target secret data and second authentication target secret data, the plurality of first authentication target secret data for authentication by the authentication device of a second version that is the same as the authentication target device, one second authentication target secret data corresponding to each of versions from a third version to a fourth version and for authentication by the authentication (FIG. 1 and FIG. 3 – Group Authentication Key including GK1, GK2, GK3, and GK4 and Version Index and [0051] - The version index 330 may include one or more information elements associated with indicating a version of the AuT 305. The AS may update the AuT 305 for various reasons, e.g., timed-rollover for maintenance, group authentication key compromise, etc. The AS may, in some examples, create the group authentication key 325 using the hash function based on the group secret being hashed with the group identifier 315. The version index 330 may indicate which iteration of the hashing function is associated with the current AuT 305... and [0061] - At 435, the joining device 115-e may authenticate with the group member device 115-f using an AuT with version index i+1 whereas the group member device 115-f accepts the authentication using an AuT with version index i. As discussed, the AuT provided herein may permit forwards and/or backwards compatibility for authentication between devices... In some examples, the group member device 115-f may authenticate the joining device 115-e based on the reason code, e.g., the reason code indicates that the key change was scheduled and, therefore, the group member device 115-f trusts the AuT from the joining device despite the different version index. In another example, the group member device 115-f may authenticate the joining device 115-e based on the differences between the version index, e.g., up to one, two, three, etc., different versions are support for authentication. Other authentication determinations may be based on a combination of the reason code, the version index, as well as other factors known to the group member device 115-f and/or the joining device 115-e. Accordingly, the group member device may authenticate using version indexes that are newer and/or older than the version index from the joining device.). 
Regarding Claim 4;
Lee discloses an authentication device (FIG. 2 –Group Member Device),   comprising: 
a holding unit configured to hold authentication secret data corresponding to a first authentication key of a first version and authentication secret data corresponding to a second authentication key of the first version (FIG. 1 and FIG. 3 – Group Authentication Key including GK1, GK2, GK3, and GK4 and Version Index and FIG. 7 and [0045] – AuT and [0051] - In some examples, the subsequent version of the GK(i+1) is generated such that group member devices may verify the authenticity of GK(i+1) using GK(i) or prior versions of GKs, e.g., GK(i-1), GK(i-2), etc. and [0061] - At 435, the joining device 115-e may authenticate with the group member device 115-f using an AuT with version index i+1 whereas the group member device 115-f accepts the authentication using an AuT with version index i. As discussed, the AuT provided herein may permit forwards and/or backwards compatibility for authentication between devices... In another example, the group member device 115-f may authenticate the joining device 115-e based on the differences between the version index, e.g., up to one, two, three, etc., different versions are support for authentication...  Accordingly, the group member device may authenticate using version indexes that are newer and/or older than the version index from the joining device);
a determination unit configured to communicate with an authentication target device to determine whether the authentication target device is a first authentication target device or a second authentication target device, the first authentication target device holding authentication target secret data corresponding to the first authentication key of the first version and authentication target secret data corresponding to the second authentication key of a second version older than the first version, the second authentication target device holding (FIG. 1 and FIG. 3 – Group Authentication Key including GK1, GK2, GK3, and GK4 and Version Index and FIG. 7 and [0063] – preliminary authentication and [0045] – AuT and [0051] - In some examples, the subsequent version of the GK(i+1) is generated such that group member devices may verify the authenticity of GK(i+1) using GK(i) or prior versions of GKs, e.g., GK(i-1), GK(i-2), etc. and [0061] - At 435, the joining device 115-e may authenticate with the group member device 115-f using an AuT with version index i+1 whereas the group member device 115-f accepts the authentication using an AuT with version index i. As discussed, the AuT provided herein may permit forwards and/or backwards compatibility for authentication between devices... In another example, the group member device 115-f may authenticate the joining device 115-e based on the differences between the version index, e.g., up to one, two, three, etc., different versions are support for authentication...  Accordingly, the group member device may authenticate using version indexes that are newer and/or older than the version index from the joining device); and 
an authentication unit configured to authenticate the authentication target device based on the first authentication key of the first version in accordance with a determination that the authentication target device is the first authentication target device, and to authenticate the authentication target device based on the second authentication key of the first version in accordance with a determination that the authentication target device is the second authentication target device (FIG. 7 and FIG. 13 – Authenticate with second device).


Regarding Claim 14;
Lee discloses an authentication target device comprising (FIG. 2 – Joining Device): 
a holding unit configured to hold a plurality pieces of authentication target secret data respectively corresponding to a plurality of first authentication keys of a first version and an authentication target secret data corresponding to a second authentication key of a second version older than the first version (FIG. 1 and FIG. 3 – Group Authentication Key including GK1, GK2, GK3, and GK4 and Version Index and [0051] - In some examples, the subsequent version of the GK(i+1) is generated such that group member devices may verify the authenticity of GK(i+1) using GK(i) or prior versions of GKs, e.g., GK(i-1), GK(i-2), etc. and [0061] - At 435, the joining device 115-e may authenticate with the group member device 115-f using an AuT with version index i+1 whereas the group member device 115-f accepts the authentication using an AuT with version index i. As discussed, the AuT provided herein may permit forwards and/or backwards compatibility for authentication between devices... In another example, the group member device 115-f may authenticate the joining device 115-e based on the differences between the version index, e.g., up to one, two, three, etc., different versions are support for authentication...  Accordingly, the group member device may authenticate using version indexes that are newer and/or older than the version index from the joining device);
and a calculation unit configured to communicate with an authentication device to perform a calculation based on authentication target secret data corresponding to one first authentication key of the plurality of first authentication keys for authentication by the authentication device when the authentication device is of the first version, and to perform a calculation based on the authentication target secret data corresponding to the second authentication key for the authentication by the authentication device when the authentication ([0063] - At 505, the joining device 115-g and the group member device 115-h may perform a preliminary authentication. Generally, the preliminary authentication may include exchanging at least a portion of the AuT, e.g., the group authentication key and the current version index (e.g., GK(Index)). Based on that exchange, each device 115 may determine whether the other device holds a valid group authentication key and deny authentication to those who do not. The preliminary authentication may provide a quick and efficient mechanism to mitigate denial of service attacks, for example)).

Regarding Claim 15;
Lee discloses an authentication target device comprising (FIG. 2 – Joining Device): 
a holding unit configured to hold a plurality pieces of first secret data respectively corresponding to a plurality of first authentication keys, second secret data corresponding to a second authentication key, and signature data (FIG. 1 and FIG. 3 – Group Authentication Key including GK1, GK2, GK3, and GK4 and Version Index and [0051] - In some examples, the subsequent version of the GK(i+1) is generated such that group member devices may verify the authenticity of GK(i+1) using GK(i) or prior versions of GKs, e.g., GK(i-1), GK(i-2), etc. and [0061] - At 435, the joining device 115-e may authenticate with the group member device 115-f using an AuT with version index i+1 whereas the group member device 115-f accepts the authentication using an AuT with version index i. As discussed, the AuT provided herein may permit forwards and/or backwards compatibility for authentication between devices... In another example, the group member device 115-f may authenticate the joining device 115-e based on the differences between the version index, e.g., up to one, two, three, etc., different versions are support for authentication...  Accordingly, the group member device may authenticate using version indexes that are newer and/or older than the version index from the joining device and [0052] – the signature for the AuT);
a transmission unit configured to transmit, to an authentication device, information identifying the plurality pieces of first secret data and the second secret data held by the holding unit ([0063] - At 505, the joining device 115-g and the group member device 115-h may perform a preliminary authentication. Generally, the preliminary authentication may include exchanging at least a portion of the AuT, e.g., the group authentication key and the current version index (e.g., GK(Index)). Based on that exchange, each device 115 may determine whether the other device holds a valid group authentication key and deny authentication to those who do not. The preliminary authentication may provide a quick and efficient mechanism to mitigate denial of service attacks, for example)).
a calculation unit configured to perform a calculation based on one first secret data of the plurality pieces of first secret data or the second secret data based on a determination result by the authentication device as to which of the one first secret data of the plurality pieces of first secret data and the second secret data is used for authentication ( [0051] - In some examples, the subsequent version of the GK(i+1) is generated such that group member devices may verify the authenticity of GK(i+1) using GK(i) or prior versions of GKs, e.g., GK(i-1), GK(i-2), etc. and [0061] - At 435, the joining device 115-e may authenticate with the group member device 115-f using an AuT with version index i+1 whereas the group member device 115-f accepts the authentication using an AuT with version index i. As discussed, the AuT provided herein may permit forwards and/or backwards compatibility for authentication between devices... In another example, the group member device 115-f may authenticate the joining device 115-e based on the differences between the version index, e.g., up to one, two, three, etc., different versions are support for authentication...  Accordingly, the group member device may authenticate using version indexes that are newer and/or older than the version index from the joining device and [0063] - At 505, the joining device 115-g and the group member device 115-h may perform a preliminary authentication. Generally, the preliminary authentication may include exchanging at least a portion of the AuT, e.g., the group authentication key and the current version index (e.g., GK(Index)). Based on that exchange, each device 115 may determine whether the other device holds a valid group authentication key and deny authentication to those who do not. The preliminary authentication may provide a quick and efficient mechanism to mitigate denial of service attacks, for example)).
 wherein in accordance of a determination of the authentication device that the second secret data is used for the authentication, the transmission unit transmits the signature data to the authentication device ([0065]-[0066] - In some aspects, the full authentication may include exchanging a signature based on the AuT... At 520, the group member device determines whether the AuT from the joining device is valid, e.g., based on the signature received from the joining device 115-g. If so and at 525, the devices are authenticated and may communicate or otherwise exchange content).

Regarding Claim 16;
Lee discloses the authentication target device to Claim 15.
wherein the holding unit holds a plurality pieces of first public data respectively corresponding to the plurality of first authentication keys and second public data corresponding to the second authentication key (FIG. 3 – Group Identifier and [0049] - As one non-limiting example, the group authentication key 325 may be formed as a hash function of the group secret or key being hashed repeatedly with the group identifier 315, for example. The group identifier 315 may be used as an input to the hash function to generate a unique hash chain for each group and [0102] - The preliminary authorization may provide for confirmation that the joining device AuT is associated with the correct group. In some examples, the devices may exchange components of the group AuT indicative of the group, e.g., a group identifier.) The examiner notes the group identifier is public data);
the transmission unit transmits, to the authentication device, first public data corresponding to a first authentication key corresponding to the one first secret data in accordance with a determination of the authentication device that the one first secret data of the plurality pieces of first secret data is used for the authentication (FIG. 3 – Group Identifier and [0049] - As one non-limiting example, the group authentication key 325 may be formed as a hash function of the group secret or key being hashed repeatedly with the group identifier 315, for example. The group identifier 315 may be used as an input to the hash function to generate a unique hash chain for each group and 0052] - Accordingly, the group member devices may confirm the AuT 305 is associated with the group AS and yet, for further versions, realize reduced computational and/or communication overhead. In some examples, the subsequent version of the GK(i+1) is generated such that group member devices may verify the authenticity of GK(i+1) using GK(i) or prior versions of GKs, e.g., GK(i-1), GK(i-2), etc. and [0102] - The preliminary authorization may provide for confirmation that the joining device AuT is associated with the correct group. In some examples, the devices may exchange components of the group AuT indicative of the group, e.g., a group identifier.) The examiner notes the group identifier is public data);; and 
(FIG. 3 – Group Identifier and [0049] - As one non-limiting example, the group authentication key 325 may be formed as a hash function of the group secret or key being hashed repeatedly with the group identifier 315, for example. The group identifier 315 may be used as an input to the hash function to generate a unique hash chain for each group and [0052] - Accordingly, the group member devices may confirm the AuT 305 is associated with the group AS and yet, for further versions, realize reduced computational and/or communication overhead. In some examples, the subsequent version of the GK(i+1) is generated such that group member devices may verify the authenticity of GK(i+1) using GK(i) or prior versions of GKs, e.g., GK(i-1), GK(i-2), etc. and [0102] - The preliminary authorization may provide for confirmation that the joining device AuT is associated with the correct group. In some examples, the devices may exchange components of the group AuT indicative of the group, e.g., a group identifier.) The examiner notes the group identifier is public data).

Regarding Claim 18;
Lee disclose the authentication target device to Claim 16.
Lee further discloses wherein the plurality of first authentication keys are of a first version ([0051] – version index); and the second authentication key is of a second version older than the first version. ([0051] – version index and In some examples, the subsequent version of the GK(i+1) is generated such that group member devices may verify the authenticity of GK(i+1) using GK(i) or prior versions of GKs, e.g., GK(i-1), GK(i-2), etc.).

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 2, 5-8, 10 and 11  is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee et al. (US 2016/0135045 A1) in view of Brickell (US 2018/0131677 A1).

Regarding Claim 2; 
Lee discloses the authentication system according to Claim 1.
Lee further discloses  wherein the authentication target device further holds signature data corresponding to each of versions from the fifth version to the sixth version ([0051] - The version index 330 may include one or more information elements associated with indicating a version of the AuT 305... The version index 330 may indicate which iteration of the hashing function is associated with the current AuT 305... and and [0061] - At 435, the joining device 115-e may authenticate with the group member device 115-f using an AuT with version index i+1 whereas the group member device 115-f accepts the authentication using an AuT with version index i. As discussed, the AuT provided herein may permit forwards and/or backwards compatibility for authentication between devices... In some examples, the group member device 115-f may authenticate the joining device 115-e based on the reason code, e.g., the reason code indicates that the key change was scheduled and, therefore, the group member device 115-f trusts the AuT from the joining device despite the different version index. In another example, the group member device 115-f may authenticate the joining device 115-e based on the differences between the version index, e.g., up to one, two, three, etc., different versions are support for authentication. Other authentication determinations may be based on a combination of the reason code, the version index, as well as other factors known to the group member device 115-f and/or the joining device 115-e. Accordingly, the group member device may authenticate using version indexes that are newer and/or older than the version index from the joining device and [0065]-[0066]  In some aspects, the full authentication may include exchanging a signature based on the AuT. For example, the signature may include or be derived based on a hashing function of the group authentication key and its associated index.... In some examples, the group authentication key and associated index value may be maintained at the group member device 115-h and used to verify the AuT from the joining device 115-g is valid. At 520, the group member device determines whether the AuT from the joining device is valid, e.g., based on the signature received from the joining device 115-g); when the first version is any of version from the fifth version to the sixth version, the authentication device acquires signature data corresponding to the first version from the authentication target device and verifies the signature data corresponding to the first version ([0051- The version index 330 may include one or more information elements associated with indicating a version of the AuT 305... The version index 330 may indicate which iteration of the hashing function is associated with the current AuT 305... and [0061] - At 435, the joining device 115-e may authenticate with the group member device 115-f using an AuT with version index i+1 whereas the group member device 115-f accepts the authentication using an AuT with version index i. As discussed, the AuT provided herein may permit forwards and/or backwards compatibility for authentication between devices... In some examples, the group member device 115-f may authenticate the joining device 115-e based on the reason code, e.g., the reason code indicates that the key change was scheduled and, therefore, the group member device 115-f trusts the AuT from the joining device despite the different version index. In another example, the group member device 115-f may authenticate the joining device 115-e based on the differences between the version index, e.g., up to one, two, three, etc., different versions are support for authentication. Other authentication determinations may be based on a combination of the reason code, the version index, as well as other factors known to the group member device 115-f and/or the joining device 115-e. Accordingly, the group member device may authenticate using version indexes that are newer and/or older than the version index from the joining device and [0065]-[0066] -- signature); and ... verification of the signature data corresponding to the first version is successful... (FIG. 12 and [0061]).
The examiner respectfully notes Lee teaches a preliminary authentication with the group authentication key and current version index and a full authentication with signature (see, [0063]-[0066]), however Lee fails to explicitly disclose when verification of the signature data corresponding to the first version is successful the authentication device performs authentication of the authentication target device based on the one second authentication secret data 
However, in an analogous art, Brickell teaches when verification of the signature data corresponding to the first version is successful the authentication device performs authentication of the authentication target device based on the one second authentication secret data ([0088] The Access Protected Application 712 verifies the signature of the auditor on Public Key Exchange Key 540, and verifies that the key that created the signature was either the Attestation Key 532 or another key that had previously been attested to belong to the Access Protected Application 512).
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Brickell to the authentication of Lee to include when verification of the signature data corresponding to the first version is successful the authentication device performs authentication of the authentication target device based on the one second authentication secret data
One would have been motivated to combine the teachings of Brickell to Lee to do so as it provides / allows attestation via performing a cryptographic key exchange (Brickell, [0085]-[0086]).

Regarding Claim 5;
Lee discloses an authentication device (FIG. 2 –Group Member Device),   comprising: 
a holding unit configured to hold a first secret data corresponding to a selected authentication key selected from a plurality of first authentication keys and second secret data corresponding to a second authentication key version (FIG. 3 and FIG. 7 and [0045] – AuT and FIG. 1 and FIG. 3 – Group Authentication Key including GK1, GK2, GK3, and GK4 and Version Index [0051] - In some examples, the subsequent version of the GK(i+1) is generated such that group member devices may verify the authenticity of GK(i+1) using GK(i) or prior versions of GKs, e.g., GK(i-1), GK(i-2), etc. and [0061] - At 435, the joining device 115-e may authenticate with the group member device 115-f using an AuT with version index i+1 whereas the group member device 115-f accepts the authentication using an AuT with version index i. As discussed, the AuT provided herein may permit forwards and/or backwards compatibility for authentication between devices... In another example, the group member device 115-f may authenticate the joining device 115-e based on the differences between the version index, e.g., up to one, two, three, etc., different versions are support for authentication...  Accordingly, the group member device may authenticate using version indexes that are newer and/or older than the version index from the joining device); 
a determination unit configured to communicate with an authentication target device to determine that the authentication target device includes third secret data corresponding to the selected authentication key or fourth secret data corresponding to the second authentication key (FIG. 7 and [0063] – preliminary authentication and [0045] – AuT and FIG. 1 and FIG. 3 – Group Authentication Key including GK1, GK2, GK3, and GK4 and Version Index [0051] - In some examples, the subsequent version of the GK(i+1) is generated such that group member devices may verify the authenticity of GK(i+1) using GK(i) or prior versions of GKs, e.g., GK(i-1), GK(i-2), etc. and [0061] - At 435, the joining device 115-e may authenticate with the group member device 115-f using an AuT with version index i+1 whereas the group member device 115-f accepts the authentication using an AuT with version index i. As discussed, the AuT provided herein may permit forwards and/or backwards compatibility for authentication between devices... In another example, the group member device 115-f may authenticate the joining device 115-e based on the differences between the version index, e.g., up to one, two, three, etc., different versions are support for authentication...  Accordingly, the group member device may authenticate using version indexes that are newer and/or older than the version index from the joining device);
(FIG. 7 and FIG. 13 – Authenticate with second device);  and 
a verification unit configured to verify signature data held by the authentication target device (FIG. 7 and [0065]), wherein 
when the authentication target device includes the fourth secret data, the verification unit verifies the signature data ([0051]  - The version index 330 may include one or more information elements associated with indicating a version of the AuT 305... The version index 330 may indicate which iteration of the hashing function is associated with the current AuT 305... and [0061] - At 435, the joining device 115-e may authenticate with the group member device 115-f using an AuT with version index i+1 whereas the group member device 115-f accepts the authentication using an AuT with version index i. As discussed, the AuT provided herein may permit forwards and/or backwards compatibility for authentication between devices... In some examples, the group member device 115-f may authenticate the joining device 115-e based on the reason code, e.g., the reason code indicates that the key change was scheduled and, therefore, the group member device 115-f trusts the AuT from the joining device despite the different version index. In another example, the group member device 115-f may authenticate the joining device 115-e based on the differences between the version index, e.g., up to one, two, three, etc., different versions are support for authentication. Other authentication determinations may be based on a combination of the reason code, the version index, as well as other factors known to the group member device 115-f and/or the joining device 115-e. Accordingly, the group member device may authenticate using version indexes that are newer and/or older than the version index from the joining device and [0065]-[0066]  In some aspects, the full authentication may include exchanging a signature based on the AuT. For example, the signature may include or be derived based on a hashing function of the group authentication key and its associated index.... In some examples, the group authentication key and associated index value may be maintained at the group member device 115-h and used to verify the AuT from the joining device 115-g is valid. At 520, the group member device determines whether the AuT from the joining device is valid, e.g., based on the signature received from the joining device 115-g), and ... verification of the signature data corresponding to the first version is successful... (FIG. 12 and [0061]).
The examiner respectfully notes Lee teaches a preliminary authentication with the group authentication key and current version index and a full authentication with signature (see, [0063]-[0066]), however Lee fails to explicitly disclose when verification of the signature data corresponding to the first version is successful the authentication device performs authentication of the authentication target device based on the one second authentication secret data 
However, in an analogous art, Brickell teaches when verification of the signature data corresponding to the first version is successful the authentication device performs authentication of the authentication target device based on the one second authentication secret data ([0088] - ] The Access Protected Application 712 verifies the signature of the auditor on Public Key Exchange Key 540, and verifies that the key that created the signature was either the Attestation Key 532 or another key that had previously been attested to belong to the Access Protected Application 512).
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Brickell to the authentication of Lee to include when verification of the signature data corresponding to the first version is successful the 
One would have been motivated to combine the teachings of Brickell to Lee to do so as it provides / allows attestation via performing a cryptographic key exchange (Brickell, [0085]-[0086]).

Regarding Claim 6;
Lee and Brickell disclose the authentication device to Claim 5.
Lee further discloses wherein, when the authentication target device includes the third secret data, the verification unit authenticates the authentication target device based on the selected authentication key without verifying the signature data ([0061] - In another example, the group member device 115-f may authenticate the joining device 115-e based on the differences between the version index, e.g., up to one, two, three, etc., different versions are support for authentication. Other authentication determinations may be based on a combination of the reason code, the version index, as well as other factors known to the group member device 115-f and/or the joining device 115-e. Accordingly, the group member device may authenticate using version indexes that are newer and/or older than the version index from the joining device and [0066] - As discussed, in some examples the preliminary authentication may be considered sufficient for the devices to connect to form the mesh network. In such examples, the full authentication may be considered a second authentication and serve as an increased security measure for the devices).  


Regarding Claim 7;
Lee and Brickell disclose the authentication device to Claim 5.
Lee further discloses wherein the authentication target device includes first public data corresponding to the selected authentication key when the authentication target device includes the third secret data (FIG. 3 and [0049] - As one non-limiting example, the group authentication key 325 may be formed as a hash function of the group secret or key being hashed repeatedly with the group identifier 315, for example. The group identifier 315 may be used as an input to the hash function to generate a unique hash chain for each group) The examiner notes the group identifier is public data); the third secret data is generated by a one-way function with the first secret data and the first public data as input ([0049] - As one non-limiting example, the group authentication key 325 may be formed as a hash function of the group secret or key being hashed repeatedly with the group identifier 315, for example. The group identifier 315 may be used as an input to the hash function to generate a unique hash chain for each group) and [0040] – HMAC-256 or HMAC 384 and [0051- version index may indicate which iteration of the hashing function is associated with the current AuT and [0102] - The preliminary authorization may provide for confirmation that the joining device AuT is associated with the correct group. In some examples, the devices may exchange components of the group AuT indicative of the group, e.g., a group identifier and [0102] - The preliminary authorization may provide for confirmation that the joining device AuT is associated with the correct group. In some examples, the devices may exchange components of the group AuT indicative of the group, e.g., a group identifier.); and the authentication unit authenticates the authentication target device based on the first authentication key by acquiring a first calculation result based on the third secret data from the authentication target device, by acquiring the first public data from the ([0052] - Accordingly, the group member devices may confirm the AuT 305 is associated with the group AS and yet, for further versions, realize reduced computational and/or communication overhead. In some examples, the subsequent version of the GK(i+1) is generated such that group member devices may verify the authenticity of GK(i+1) using GK(i) or prior versions of GKs, e.g., GK(i-1), GK(i-2), etc. and [0102] - The preliminary authorization may provide for confirmation that the joining device AuT is associated with the correct group. In some examples, the devices may exchange components of the group AuT indicative of the group, e.g., a group identifier.)

Regarding Claim 8;
Lee and Brickell disclose the authentication device to Claim 5.
Lee further discloses wherein the authentication target device includes second public data corresponding to the second authentication key when the authentication target device includes the fourth secret data (FIG. 3 and [0049] - As one non-limiting example, the group authentication key 325 may be formed as a hash function of the group secret or key being hashed repeatedly with the group identifier 315, for example. The group identifier 315 may be used as an input to the hash function to generate a unique hash chain for each group) The examiner notes the group identifier is public data) and [0102] - The preliminary authorization may provide for confirmation that the joining device AuT is associated with the correct group. In some examples, the devices may exchange components of the group AuT indicative of the group, e.g., a group identifier); the fourth secret data is generated by a one-way function with the second secret data and the second public data as input ([0049] - As one non-limiting example, the group authentication key 325 may be formed as a hash function of the group secret or key being hashed repeatedly with the group identifier 315, for example. The group identifier 315 may be used as an input to the hash function to generate a unique hash chain for each group) and [0040] – HMAC-256 or HMAC 384 and [0052] and [0102] - The preliminary authorization may provide for confirmation that the joining device AuT is associated with the correct group. In some examples, the devices may exchange components of the group AuT indicative of the group, e.g., a group identifier.); and the authentication unit authenticates the authentication target device based on the second authentication key by acquiring a third calculation result based on the fourth secret data from the authentication target device, by acquiring the second public data from the authentication target device, and by comparing the third calculation result with a fourth calculation result based on the second secret data and the second public data ([0052] - Accordingly, the group member devices may confirm the AuT 305 is associated with the group AS and yet, for further versions, realize reduced computational and/or communication overhead. In some examples, the subsequent version of the GK(i+1) is generated such that group member devices may verify the authenticity of GK(i+1) using GK(i) or prior versions of GKs, e.g., GK(i-1), GK(i-2), etc and [0102] - The preliminary authorization may provide for confirmation that the joining device AuT is associated with the correct group. In some examples, the devices may exchange components of the group AuT indicative of the group, e.g., a group identifier.)





Regarding Claim 10;
Lee and Brickell disclose the authentication device to Claim 5.
Lee further discloses wherein the plurality of first authentication keys and the second authentication key correspond to a first version ([0051] – version index); and the authentication target device includes a secret data corresponding to each of a plurality of first authentication keys of a second version newer than the first version when the authentication target device includes the fourth secret data ([0051] – version index and In some examples, the subsequent version of the GK(i+1) is generated such that group member devices may verify the authenticity of GK(i+1) using GK(i) or prior versions of GKs, e.g., GK(i-1), GK(i-2), etc.).

Regarding Claim 11;
Lee and Brickell disclose the authentication device to Claim 5.
Lee further discloses wherein the authentication target device includes secret data corresponding to the second authentication key of a third version older than the first version when the authentication target device includes the third secret data. ([0051] – version index and In some examples, the subsequent version of the GK(i+1) is generated such that group member devices may verify the authenticity of GK(i+1) using GK(i) or prior versions of GKs, e.g., GK(i-1), GK(i-2), etc.)




Claim 9 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee et al. (US 2016/0135045 A1) in view of Brickell (US 2018/0131677 A1) and in further in view of Tatebayashi et al. (US 6,859,535 A1).

Regarding Claim 9.
Lee and Brickell disclose the authentication device according to Claim 8.
	Lee further discloses concepts of the second authentication key and the second public data (FIG. 3 and [0049] - As one non-limiting example, the group authentication key 325 may be formed as a hash function of the group secret or key being hashed repeatedly with the group identifier 315, for example. The group identifier 315 may be used as an input to the hash function to generate a unique hash chain for each group) The examiner notes the group identifier is public data) and [0102] - The preliminary authorization may provide for confirmation that the joining device AuT is associated with the correct group. In some examples, the devices may exchange components of the group AuT indicative of the group, e.g., a group identifier).
	Lee and Brickell fail to explicitly disclose wherein the signature data is message-recovery type signature data of data including at least one of an identifier of the ... key and the ... public data.
	However, in an analogous art, Tatebayashi wherein the signature data is message-recovery type signature data of data including at least one of an identifier of the ... key and the ... public data (Tatebayashi, col. 24, lines 15-25 - However, in this modification, a secret key Ks and a public key Kp are obtained under the message recovery signature scheme over an elliptic curve, that is a public key cryptosystem).

One would have been motivated to combine the teachings of Tatebayashi to Lee to do so as it provides / allows making it provides security by utilizing discrete logarithm questions (Tatebayashi, col. 24, lines 65-col. 25, lines 1).


Claims 12, 13 and 19  is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee et al. (US 2016/0135045 A1) in view of Lee (US 2014/0169803 A1).

Regarding Claim 12;
Lee discloses an ... apparatus comprising:
 a holding unit configured to hold authentication secret data corresponding to a first authentication key of a first version and authentication secret data corresponding to a second authentication key of the first version (FIG. 1 and FIG. 3 – Group Authentication Key including GK1, GK2, GK3, and GK4 and Version Index and FIG. 7 and [0045] – AuT and [0051] - In some examples, the subsequent version of the GK(i+1) is generated such that group member devices may verify the authenticity of GK(i+1) using GK(i) or prior versions of GKs, e.g., GK(i-1), GK(i-2), etc. and [0061] - At 435, the joining device 115-e may authenticate with the group member device 115-f using an AuT with version index i+1 whereas the group member device 115-f accepts the authentication using an AuT with version index i. As discussed, the AuT provided herein may permit forwards and/or backwards compatibility for authentication between devices... In another example, the group member device 115-f may authenticate the joining device 115-e based on the differences between the version index, e.g., up to one, two, three, etc., different versions are support for authentication...  Accordingly, the group member device may authenticate using version indexes that are newer and/or older than the version index from the joining device);
a determination unit configured to communicate with an authentication target device to determine whether the authentication target device is a first authentication target device or a second authentication target device, the first authentication target device holding authentication target secret data corresponding to the first authentication key of the first version and authentication target secret data corresponding to the second authentication key of a second version older than the first version, the second authentication target device holding authentication target secret data corresponding to the first authentication key of a third version newer than the first version and authentication target secret data corresponding to the second authentication key of the first version (FIG. 1 and FIG. 3 – Group Authentication Key including GK1, GK2, GK3, and GK4 and Version Index and [0051] - The version index 330 may include one or more information elements associated with indicating a version of the AuT 305. The AS may update the AuT 305 for various reasons, e.g., timed-rollover for maintenance, group authentication key compromise, etc. The AS may, in some examples, create the group authentication key 325 using the hash function based on the group secret being hashed with the group identifier 315. The version index 330 may indicate which iteration of the hashing function is associated with the current AuT 305... and [0061] - At 435, the joining device 115-e may authenticate with the group member device 115-f using an AuT with version index i+1 whereas the group member device 115-f accepts the authentication using an AuT with version index i. As discussed, the AuT provided herein may permit forwards and/or backwards compatibility for authentication between devices... In some examples, the group member device 115-f may authenticate the joining device 115-e based on the reason code, e.g., the reason code indicates that the key change was scheduled and, therefore, the group member device 115-f trusts the AuT from the joining device despite the different version index. In another example, the group member device 115-f may authenticate the joining device 115-e based on the differences between the version index, e.g., up to one, two, three, etc., different versions are support for authentication. Other authentication determinations may be based on a combination of the reason code, the version index, as well as other factors known to the group member device 115-f and/or the joining device 115-e. Accordingly, the group member device may authenticate using version indexes that are newer and/or older than the version index from the joining device.); and 
an authentication unit configured to authenticate the authentication target device based on the first authentication key of the first version in accordance with a determination that the authentication target device is the first authentication target device, and to authenticate the authentication target device based on the second authentication key of the first version in accordance with a determination that the authentication target device is the second authentication target device (FIG. 7 and FIG. 13 – Authenticate with second device).
Lee fails to explicitly disclose an image forming apparatus....
However, in an analogous art, Lee ‘803 teaches an image forming apparatus comprising [security between the image forming apparatus and a toner product] (Lee ‘803, [0008]).

One would have been motivated to combine the teachings of Lee to Lee to do so as it provides / allows a printer apparatus and a security method used for the apparatus and, more particularly, to a printer apparatus that is composed of a printer host and toner, having replaceable security algorithms, and a security method used for the printer apparatus (Lee, ‘803 [0002]).

Regarding Claim 13;
Lee and Lee ‘803 disclose the image forming apparatus to Claim 12.
	Lee teaches ...the authentication target device (FIG. 1).
	Lee ‘803 further teaches wherein a... target device is a unit that is detachable form the image forming apparatus (Lee ‘803, [0008]).

Regarding Claim 19;
Lee discloses the target device to Claim 15.
	Lee teaches ...the authentication target device (FIG. 1).
Lee fails to explicitly wherein the authentication target device is a unit that is detachable from an image forming apparatus.
However, in an analogous art, Lee ‘803 further teaches wherein a... target device is a unit that is detachable form the image forming apparatus (Lee ‘803, [0008]).

One would have been motivated to combine the teachings of Lee to Lee to do so as it provides / allows a printer apparatus and a security method used for the apparatus and, more particularly, to a printer apparatus that is composed of a printer host and toner, having replaceable security algorithms, and a security method used for the printer apparatus (Lee, ‘803 [0002]).

Claim 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee et al. (US 2016/0135045 A1) in view of Tatebayashi et al. (US 6,859,535 A1).

Regarding Claim 17;
Lee disclose the authentication target device according to Claim 16.
Lee further discloses concepts of the second authentication key and the second public data (FIG. 3 and [0049] - As one non-limiting example, the group authentication key 325 may be formed as a hash function of the group secret or key being hashed repeatedly with the group identifier 315, for example. The group identifier 315 may be used as an input to the hash function to generate a unique hash chain for each group) The examiner notes the group identifier is public data) and [0102] - The preliminary authorization may provide for confirmation that the joining device AuT is associated with the correct group. In some examples, the devices may exchange components of the group AuT indicative of the group, e.g., a group identifier).

	However, in an analogous art, Tatebayashi wherein the signature data is message-recovery type signature data of data including at least one of an identifier of the ... key and the ... public data (Tatebayashi, col. 24, lines 15-25 - However, in this modification, a secret key Ks and a public key Kp are obtained under the message recovery signature scheme over an elliptic curve, that is a public key cryptosystem).
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Tatebayashi to the authentication of Lee to include wherein the signature data is message-recovery type signature data of data including at least one of an identifier of the ... key and the ... public data
One would have been motivated to combine the teachings of Tatebayashi to Lee to do so as it provides / allows making it provides security by utilizing discrete logarithm questions (Tatebayashi, col. 24, lines 65-col. 25, lines 1).


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See PTO-892 attached.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KARI L SCHMIDT whose telephone number is (571)270-1385.  The examiner can normally be reached on Monday-Friday 10am - 6pm (MDT).

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on (571)270-5002.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/KARI L SCHMIDT/Primary Examiner, Art Unit 2439