DETAILED ACTION
1. 	This office action is in response to application 16/942,404 filed on 07/29/2020. Claims 1-15 are submitted for examination. Claim 1 is independent.  Thus, claims 1-15 are pending.
Notice of Pre-AIA  or AIA  Status
2.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
 					Priority	
	3.	This application filed on 07/29/2020 Claims Priority from Provisional Application 62879908, filed on 07/29/2019.
				Information Disclosure Statement
4.	The information disclosure statements (IDS) submitted on 12/02/2020 has been considered. The submission is in compliance with the provisions of 37 CFR 1.97. Form PTO-1449 is signed and attached hereto.
Drawings
5.	The drawings filed on July 29, 2020 are accepted. 
Specification
6.	The specification filed on July 29, 2020 is also accepted. 

7.	On August 24, 2021, applicant's representative John Davis, Reg. No. 65,798 and examiner conducted examiner initiated telephone interview. The summary of the interview is attached. 

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in a telephone interview with John Davis, Reg. No. 65,798 on August 24, 2021.


	The application has been amended as follows:


1.	(Currently Amended)  A method for managing program state information of a protected software function performed by a computing system comprising secure hardware, a processor, and a non-transitory computer-readable medium storing instructions that, when executed by the processor, cause the computing system to perform the method, the method comprising:
	receiving software function inputs;
	receiving encrypted initial program state information;
	retrieving a previous secure tag and a current secure tag associated with the encrypted initial program state information from a protected memory register of the secure hardware;
	generating a state decryption key based on a protected fixed key and the previous secure tag;
	decrypting the encrypted initial program state information using the state decryption key;

	generating a state encryption key based on the protected fixed key and the current secure tag;
	encrypting the updated program state information using the state encryption key;[[ and]]
	storing the encrypted updated program state information[[ key]] in system memory maintained on the non-transitory computer-readable medium; and
	executing the protected software function using, at least in part, decrypted updated program state information generated using the encrypted updated program state information.

2.	(Original)  The method of claim 1, wherein the method further comprises generating an updated current secure tag based, at least in part, on a shared key, the software function inputs, and the current secure tag, the shared key being shared by the protected software function and the secure hardware.

3.	(Original)  The method of claim 2, wherein the method further comprises storing the updated current secure tag in the protected memory register.

4.	(Propose amending)  The method of claim 2, wherein the updated current secure tag comprises a message authentication code tag and wherein generating the updated current 

5.	(Original)  The method of claim 1, wherein the software function inputs comprise at least one of an external program input, a dynamic device resource input, and a static device resource input.



7.	(Original)  The method of claim 6, wherein the previous secure tag and the current secure tag comprise sequential tags included in the protected memory register.

8.	(Original)  The method of claim 7, wherein the previous secure tag and the current secure tag comprise sequential tags included in a hash chain maintained in the protected memory register.

9.	(Original)  The method of claim 1, wherein the encrypted initial program state information is retrieved from the system memory.

10.	(Original)  The method of claim 1, wherein the protected software function comprises an obfuscated protected software function.

11.	(Original)  The method of claim 1, wherein the protected software function comprises a whitebox protected software function.

12.	(Original)  The method of claim 1, wherein generating the state decryption key comprises generating the state decryption key using a key derivation function with the protected fixed key and the previous secure tag as inputs to the key derivation function.

13.	(Original)  The method of claim 1, wherein generating a state encryption key comprises generating the state decryption key using a key derivation function with the protected fixed key and the current secure tag as inputs to the key derivation function.



15.	(Original)  The method of claim 1, wherein encrypting the updated program state information using the state encryption key is performed using an authenticated encryption function.

Allowable Subject Matter
8.	Claims 1-15 are allowed. 
9.	The following is an examiner’s statements of reasons for allowance:
10. 	Regarding independent claim 1, US Publication No. 2008/0148062 A1 to Ekberg discloses: 
a method for managing program state information of a protected software function [See at least abstract and title, method for the secure storing of program state data in an electronic device  and  see figure 1 and paragraph 0034, In provider entity 112 there is stored at least one program record, for example, program records 120, 130 and 140. Program record 120 comprises computer program code 121] performed by a computing system [See paragraph 0002 the invention relates to electronic device security. Particularly, the invention relates to a method for the secure storing of program state data in an electronic device paragraph 0034, FIG. 1 is a block diagram illustrating an electronic device comprising a secure execution environment and  wherein the electronic device corresponds to the system of claim 1] comprising secure hardware [See at least paragraph 0034, FIG. 1 is a block diagram illustrating an electronic device comprising a secure execution environment] a processor, and a non-transitory computer-readable medium storing instructions [See at least claim 10, at least one processor; and at least one memory including computer program code] that, when executed by the processor, cause the computing system to perform the method [Claim 17, a computer program embodied on a non-transitory computer readable memory medium, the computer program comprising code for controlling a processor to execute], the method comprising:
receiving software function inputs [See at least paragraph 0008, … obtain program information, said program information comprising at least a program code…a first data element comprising a first input data element and paragraph 0035, Provider entity provides input data 150 for program code 121]
receiving encrypted initial program state information [Paragraph 0045, At step 406, the program record is provided from the provider entity to the secure execution environment together with encrypted program record state] 

generating a state decryption key [See paragraph 0009, “computing a confidentiality key” and paragraph 0036, One-way function 103 yields a program record specific key 180. Key 180 is used to decrypt program record state 170 in a decryption function 104 to yield decrypted program record state 171] based on a protected fixed key [See paragraph 0009, “computing a confidentiality key´of at least part of said program information and a secret value specific to said electronic device” and at least paragraph 0036, secure execution environment 110 computes a hash function 102 from public key 122, program name 123 and version number 124. The result of hash function 102 is provided as input to a one-way function 103 together with a unique device secret 114 of electronic device 100. One-way function 103 yields a program record specific key 180]  
decrypting the encrypted initial program state information using the state decryption key [See paragraph 0009, “computing a confidentiality key” and paragraph 0036, One-way function 103 yields a program record specific key 180. Key 180 is used to decrypt program record state 170 in a decryption function 104 to yield decrypted program record state 171 and see at least claim 1, using at least the confidentiality key decrypting first state information associated with said executable computer program code]; 
executing the protected software function using, at least in part, the software function inputs and the decrypted initial program state information to generate updated program state information [See claim 1, using at least said decrypted first state information, performing said execution of said executable computer program code to produce second state information and paragraph 0036, Upon completion of decryption function 104, an execution function 105 may execute program code 121 with input data 150 and decrypted program record state 171. Decrypted program record state 171 comprises information, which is communicated between different executions of program code 121. During the execution of program code 121 in execution function 105, output from program code 121 is gathered as output 160 and program record state altered is taken as modified program record state 172];
	
encrypting the updated program state information using the state encryption key; [Paragaraph 0036, Modified program record state 172 is provided to an encryption function 107, which uses key 180 to encrypt modified program record state 172 in order to produce new encrypted program record state 173. New encrypted program record state 173. And see claim 5, modifying said first information element in said execution environment; and encrypting said first output information element with said confidentiality key]
	storing the encrypted updated program state information in system memory maintained on the non-transitory computer-readable medium [See paragraph 0039, New encrypted program record state 273 is provided to provider entity 212 for storage]


11.	Furthermore, with respect to independent claims 1 the following prior arts describes the general subject matter recited in the claims. 

A. 	US Publication No.  2015/0302195 to Acar discloses techniques for protecting contents of a stack associated with a processor are provided. The techniques include a method including receiving a store instruction from a software program being executed by the processor, the store instruction including control information associated with a subroutine, altering the control information to generate secured control information responsive to receiving the store instruction from the software program, storing the secured control information on the stack, 


B.	US Patent No.  8,452,932 B2 to Kaplan discloses protecting state information for virtual machine in particular Kaplan discloses a processing system includes a processor that implements registers to define a state of a virtual machine (VM) running on the processor. The processor detects exit conditions of the VM. The processing system also includes a memory element to store contents of the registers in a first data structure that is isolated from a hypervisor of the VM in response to the processor detecting an exit condition. The VM is to selectively expose contents of a subset of the registers to the hypervisor. 





C.	US Publication No. 2017/0277898 A1 to Powell discloses a processor that employs a security module to manage authentication and encryption keys for the processor. The security module can authenticate itself to other processing systems, such as processing systems providing software to be executed at the processor, can generate keys for encrypting address spaces for the provided software, and can securely import and export information at the encrypted address spaces to and from the processing system. By using a security module that is 

D.  	See also the other cited prior arts.

However, the above prior arts of record including the rest of the cited prior arts either taken alone or in combination neither anticipates nor renders obvious the claim  including the following underlined functional claim limitation recited in independent claim 1: “retrieving a previous secure tag and a current secure tag associated with the encrypted initial program state information from a protected memory register of the secure hardware; generating a state decryption key based on a protected fixed key and the previous secure tag and generating a state encryption key based on the protected fixed key and the current secure tag”. 
For this reason, the specific claim limitations recited in the independent claims 1 taken as whole are allowed.
12.	The dependent claims 2-15, which are dependent on the above independent claim 1 being further limiting to the independent claim, definite and enabled by the specification are also allowed.

13.	Any comments Applicants considers necessary must be submitted no later than the payment of the Issue Fee and to avoid processing delays, should preferable accompany the Issue Fees. Such submission should be clearly labeled "Comments on Statement of Reasons for Allowance". In 

Conclusion

14.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to SAMSON B LEMMA whose telephone number is 571-272-3806.  The examiner can normally be reached on M-F 8am-10pm.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shaw Yin Chen can be reached on 571-272-8878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.	
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/SAMSON B LEMMA/Primary Examiner, Art Unit 2498