DETAILED ACTION
This Non Final Office Action is in response to Application filed on 03/16/2020.
Claims 1-20 filed on 03/16/2020 are being considered on the merits.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Drawings
The drawings filed on 03/16/2020 are accepted.

Information Disclosure Statement
The information disclosure statements (IDS) submitted on 03/16/2020 have been considered. The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly an initialed and dated copy of Applicant's IDS form 1449 filed 03/16/2020 are attached to the instant Office action. 

Claim Objections
Claims 3, 13 and 18 objected to because of the following informalities:
Claim 3 recites an incomplete limitation: “…and a second rule for”.
Claim 13 recites “The computer-implemented method of claim 1, wherein combining the first secret data element byte string and the second secret data element byte string further includes randomly selecting the first secret data element byte string from the first secret data element and the second secret data element byte from the second secret data element.”, emphasis in bold. Examiner recommends replacing “byte from…” with “byte string from…”, as disclosed in [0041] of the instant application.
Claim 18 recites “transmitting, by the server-side device, the first secret data element and the second secret data element to the client-side device, emphasis in bold. There is insufficient antecedent bases for “the client device”. For examination purpose, “the client-side device” is interpreted as “a client-side device”
Appropriate correction is required.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 6 and 10 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly 

Claim 6 recites the limitation " the particular secret data servers” and “the particular data being encrypted “and claim 10 recites “the particular secret data elements” and “the particular data being encrypted”.  There is insufficient antecedent basis for these limitations in the claims, which makes the above described limitation unclear. For examination purpose, “the” will be replaced with “a”.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:

2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-3, 8-9, 11-14 and 16-17 are rejected under 35 U.S.C. 103 as being unpatentable over Tervo et. al. (US 20140229386 A1), hereinafter Tervo in view of Reynolds (US 20190372945 A1), hereinafter Reynolds

Regarding claim 1, Tervo teaches a computer-implemented method for generating a symmetric key for data encryption (Tervo [0020] discloses generating symmetric key based on two key parts from each key part collection, Figure 1 illustrates steps to generate symmetric key in (110)), the computer-implemented method comprising: 
receiving a first request from an entity to generate a first symmetric key for data encryption (Tervo discloses in [0045] the mobile payment application 180 on the user equipment 114 illustrated in Figure 1 receiving a transaction request, e.g. financial payment message, from a user as disclosed in [0029], and a as a result of the request, a symmetric key is generated using the features of selecting two key parts from each key part collection 202A-D illustrated in Figure 2); 
retrieving a first secret data element and a second secret data element from one or more secret data servers (Tervo Figure 1 (102-104) and [0027] “At 104, the server 199 may send the key parts collections generated and stored at 102 to user equipment 114…server 199 may share the key parts collections 202A-D with user equipment 114 including mobile payment application 180 by sending the key parts collections 202A-D.”, where the key part collection 1 202A and key part collection 2 202B in Figure 2 correspond to the first secret data element and a second secret data element, respectively, where the key part collections 202A-D are obtained via a secure connection, i.e. secret key part collections, as disclosed in [0027] “…user equipment 114 may obtain the initial key parts collections (and/or other software and/or data for the mobile application 180) via a secure connection using, for example, a symmetric key shared through asymmetric encryption.”); 
dividing each of the first secret data element and the second secret data element into a number of secret data element [byte strings] (Tervo discloses in [0025] and illustrated in Figure 2 dividing each key part collection 202A-D, divided into 16 values 208 and each value is indexed with indexes 204, where the user equipment 114 selects two key part from each key part collection 202A-D, i.e. selecting two key parts from key part collection 202A, corresponding to first secret data element and two key part from the key part collection 202B, corresponding to second secret data element, and two key parts from key part collection 202C and two key parts from key part collection 202D, to generate a symmetric key, as disclosed in [0030-00031], 
examiner notes that the random selection, by the user equipment 114, of two key parts from each key part collection 220A-D is a direct result of the system identifying each key part collection and ability to divide each key part collection when randomly selecting two key parts from each key part collection); and 
generating the first symmetric key for data encryption based, at least in part, on combining a first secret data element [byte string] from the first secret data element and a second secret data element [byte string] from the second secret data element (Tervo [0030] “At 108, the application 180 at user equipment 114 may select key parts…application 180 may randomly select 2 key parts from each collection, as depicted at 220A-D at FIG. 2.”, [0031] “At 110, a symmetric key may be generated, based on the selected key parts…user equipment 114 and/or application 180 may select the key values from each of the selected key parts 220A-D and then combine those key values to form a symmetric key. Referring again to FIG. 2, the generated key is 7613167486354513 (at 230). This generated key represents the concatenation of the selected key parts values, 76 and 13, from the first collection, the key parts values, 16 and 74, from the second collection, the key parts values, 86 and 35, from the third collection, and the key parts values, 45 and 13, from the fourth collection.”).  
Tervo discloses, in Figure 2, 16 key part values (208) in each key part collection 202A-D, where only two key part values from each key part collection 202A-D are randomly selected, where the randomly selected 8 key part values are combined to generate a symmetric key, while it is obvious for one of ordinary skill in the art before the effective date of the claimed invention to conceive of the key part collections 202A-D comprising the key part values to be represented by bits or bytes on a computer device, implies a subset of bits or bytes, however, Tervo does not explicitly indicate dividing a key part collection into byte strings. Emphasis in italic.
Reynolds discloses dividing secret data elements into byte strings (Reynolds discloses dividing a secure encryption key into key portions, where each key portion consists of a byte or two bytes of the encryption key, corresponding to a byte string, [0062] “A key portion may be any portion of the encryption key. For example, a key portion may be a nibble (4 bits) of an encryption key, a byte of an encryption key, two bytes of an encryption key, or any other portion of the encryption key…when the key portion is a byte, and the encryption key is 256 bytes, then the encryption key may be broken up into 256 key portions.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tervo to incorporate the teaching of Reynolds to utilize the above feature, with the motivation of dividing encryption keys into portions such that impeding unauthorized entities from hacking the encryption key, as recognized by (Reynolds [0015]).

Regarding claim 2, Tervo in view of Reynolds teaches the computer-implemented method of claim 1, further comprising: 
receiving a second request from the entity to generate a second symmetric key for data encryption (Tervo discloses in [0045] the mobile payment application 180 on the user equipment 114 illustrated in Figure 1 receiving a transaction request, e.g. financial payment message, from a user as disclosed in [0029], and a as a result of the request, a symmetric key is generated using the features of selecting two key parts from each key part collection 202A-D illustrated in Figure 2, as described above, Tervo further discloses in [0040] “…each generated symmetric key is used only during one request/response sequence before it is discarded.” Indicating that the second request would generate a second symmetric key); 
retrieving the first secret data element and the second secret data element from the one or more secret data servers (Tervo discloses in [0027] and Figures 1-2 (102) receiving, from the server 199, kay part collections 202A-D, [0040] further discloses sending renewed kay part collections 202A-D from the server 199, where key part collections 202A-B correspond to the first and second secret data element); 
dividing each of the first secret data element and the second secret data element into the number of secret data element [byte strings] (Tervo discloses in [0025] and illustrated in Figure 2 dividing each key part collection 202A-D, divided into 16 values 208 and each value is indexed with indexes 204, where the user equipment 114 selects two key part from each key part collection 202A-D, i.e. selecting two key parts from key part collection 202A, corresponding to first secret data element and two key part from the key part collection 202B, corresponding to second secret data element, and two key parts from key part collection 202C and two key parts from key part collection 202D, to generate a symmetric key, as disclosed in [0030-00031], 
examiner notes that the random selection, by the user equipment 114, of two key parts from each key part collection 220A-D is a direct result of the system identifying each key part collection and ability to divide each key part collection when randomly selecting two key parts from each key part collection); and 
generating a second symmetric key for data encryption based, at least in part, on combining a third secret data element [byte string] from the first secret data element and a fourth secret data element [byte string] from the second secret data element, wherein the third and fourth secret data element [byte strings] are distinct from the first and second secret data element [byte strings] (Tervo [0030] “At 108, the application 180 at user equipment 114 may select key parts…application 180 may randomly select 2 key parts from each collection, as depicted at 220A-D at FIG. 2.”, [0031] “At 110, a symmetric key may be generated, based on the selected key parts…user equipment 114 and/or application 180 may select the key values from each of the selected key parts 220A-D and then combine those key values to form a symmetric key. Referring again to FIG. 2, the generated key is 7613167486354513 (at 230). This generated key represents the concatenation of the selected key parts values, 76 and 13, from the first collection, the key parts values, 16 and 74, from the second collection, the key parts values, 86 and 35, from the third collection, and the key parts values, 45 and 13, from the fourth collection.”, [0040] “…each generated symmetric key is used only during one request/response sequence before it is discarded.”, 
where the random selection of two key parts from each key part collection 220A-D and the use of a generated symmetric key only once for every transaction indicates that the generated symmetric key for a second request/response utilizes different/distinct two key parts from each key part collection220A-D, where the different/distinct two key parts from each key part collection 220A-B correspond to the third and fourth secret data element).
Tervo does not explicitly disclose byte strings as discussed in claim 1.
Reynolds discloses dividing secret data elements into byte strings. Rationale and motivation described in claim 1 applies.

Regarding claim 3, Tervo in view of Reynolds teaches the computer-implemented method of claim 1, further comprising: generating a decryption policy for regenerating the symmetric key for data decryption (Tervo discloses in [0038, 0045-0046] and Figure 5 the process of regeneration of symmetric key for decryption of payload messages, corresponds to decryption policy), wherein the decryption policy includes: 
a first rule for dividing the first secret data element and the second secret data element into the number of secret data element [byte strings]; and a second rule for  (Tervo discloses in [0038, 0046] the user equipment re-generating a symmetric key for decrypting an encrypted message received from the server 199, where the re-generated symmetric key relies on receiving indexes embedded in the message header to identify two key parts of each key part collections 220A-B to use for re-generating the symmetric key,    
examiner notes that the selection, based on received indexes, by the user equipment 114, of two key parts from each key part collection 220A-D is a direct result of the system identifying each key part collection and ability to divide each key part collection when selecting two key parts from each key part collection,
where the instruction for the system to be able to dissect every key part collection, corresponding the first secret data element and the second secret data element, and identify the two key parts from each key part collection and accordingly re-generating the symmetric key, corresponds to the decryption policy and the first rule).
Tervo does not explicitly disclose byte strings as discussed in claim 1.
Reynolds discloses dividing secret data elements into byte strings. Rationale and motivation described in claim 1 applies.

Regarding claim 8, Tervo in view of Reynolds teaches the computer-implemented method of claim 1, wherein the first secret data element and the second secret data element are randomly retrieved from the one or more secret data servers (Tervo [0024] “…server 199 may randomly generate and store key parts collections, each of which includes indexes and corresponding key parts values…server 199 includes a security module that generates, or receives from a random or key generator, 4 key parts collections”, where the 4 key part collections 202A-B at the server 199, corresponding to the first and second secret data elements, are randomly generated/received before being transmitted to the user equipment as illustrated in Figure 1 and disclosed in [0027], where the random generation and transmission from the server 199 to the user equipment correspond to the random retrieval).  
Regarding claim 9, Tervo in view of Reynolds teaches the computer-implemented method of claim 1, wherein the first secret data element and the second secret data element are retrieved from the one or more secret data servers based on an encryption policy (Tervo discloses in [0024, 0027] and Figure 1 (102) obtaining the key part collections 202A-D, encryption policy corresponds to the generation of symmetric key based on retrieved ordered key part collections and their corresponding key parts, where the user equipment 114 and server 199 are aware of such order to be able to generate the symmetric key based on the retrieved key parts, perform the encryption, and consequently perform the decryption, as further disclosed in [0033-0034]).  

Regarding claim 11, Tervo in view of Reynolds teaches the computer-implemented method of claim 1, wherein each of the first secret data element [byte string] and the second secret data element [byte string] are respectively randomly selected from the first secret data element and the second secret data element (Tervo discloses random selection of two key parts from each key part collection 202A-D, [0030] “At 108, the application 180 at user equipment 114 may select key parts. For example, application 180 may randomly select 2 key parts from each collection, as depicted at 220A-D at FIG. 2.”).
Tervo does not explicitly disclose byte strings as discussed in claim 1.
Reynolds discloses dividing secret data elements into byte strings. Rationale and motivation described in claim 1 applies.
Regarding claim 12, Tervo in view of Reynolds teaches the computer-implemented method of claim 1, wherein each of the first secret data element byte string and the second secret data element [byte string] are respectively selected from the first secret data element and the second secret data element based on an encryption policy (Tervo discloses random selection of two key parts from each key part collection 202A-D, [0030] “At 108, the application 180 at user equipment 114 may select key parts. For example, application 180 may randomly select 2 key parts from each collection, as depicted at 220A-D at FIG. 2.”, where the encryption policy include the random section of two key parts from each key part collection 202A-D).
Tervo does not explicitly disclose byte strings as discussed in claim 1.
Reynolds discloses dividing secret data elements into byte strings. Rationale and motivation described in claim 1 applies.

Regarding claim 13, Tervo in view of Reynolds teaches the computer-implemented method of claim 1, wherein combining the first secret data element [byte string]  and the second secret data element [byte string] further includes randomly selecting the first secret data element [byte string] from the first secret data element and the second secret data element byte from the second secret data element (Tervo discloses random selection of two key parts from each key part collection 202A-D, [0030] “At 108, the application 180 at user equipment 114 may select key parts. For example, application 180 may randomly select 2 key parts from each collection, as depicted at 220A-D at FIG. 2.”, [0031] “At 110, a symmetric key may be generated, based on the selected key parts…user equipment 114 and/or application 180 may select the key values from each of the selected key parts 220A-D and then combine those key values to form a symmetric key. Referring again to FIG. 2, the generated key is 7613167486354513 (at 230). This generated key represents the concatenation of the selected key parts values, 76 and 13, from the first collection, the key parts values, 16 and 74, from the second collection, the key parts values, 86 and 35, from the third collection, and the key parts values, 45 and 13, from the fourth collection.”).  
Tervo does not explicitly disclose byte strings as discussed in claim 1.
Reynolds discloses dividing secret data elements into byte strings. Rationale and motivation described in claim 1 applies.

Regarding claim 14, Tervo in view of Reynolds teaches the computer-implemented method of claim 1, wherein combining the first secret data element [byte string] and the second secret data element [byte string] further includes selecting the first secret data element [byte string] from the first secret data element and the second secret data element byte from the second secret data element based on an encryption policy (Tervo discloses random selection of two key parts from each key part collection 202A-D, [0030] “At 108, the application 180 at user equipment 114 may select key parts. For example, application 180 may randomly select 2 key parts from each collection, as depicted at 220A-D at FIG. 2.”, [0031] “At 110, a symmetric key may be generated, based on the selected key parts…user equipment 114 and/or application 180 may select the key values from each of the selected key parts 220A-D and then combine those key values to form a symmetric key. Referring again to FIG. 2, the generated key is 7613167486354513 (at 230). This generated key represents the concatenation of the selected key parts values, 76 and 13, from the first collection, the key parts values, 16 and 74, from the second collection, the key parts values, 86 and 35, from the third collection, and the key parts values, 45 and 13, from the fourth collection.”, where the random selection corresponds to the encryption policy).  
Tervo does not explicitly disclose byte strings as discussed in claim 1.
Reynolds discloses dividing secret data elements into byte strings. Rationale and motivation described in claim 1 applies.

Regarding claim 16, Tervo in view of Reynolds teaches the computer-implemented method of claim 1, wherein an order in which the first secret data element [byte string] and the second secret data element [byte string] are combined to generate the symmetric key is based on an encryption policy (Tervo discloses random selection of two key parts from each key part collection 202A-D, where the order to combine the key parts is based on ordered index, or order agreed upon between the server and the user equipment as disclosed in [0033-0034], corresponding to encryption policy).  
Tervo does not explicitly disclose byte strings as discussed in claim 1.
Reynolds discloses dividing secret data elements into byte strings. Rationale and motivation described in claim 1 applies.

Regarding claim 17, Tervo in view of Reynolds teaches the computer-implemented method of claim 1. 
Tervo discloses in [0024, 0027, 0033] symmetric key, e.g. AES, however, Tervo does not explicitly disclose 256-bit advanced encryption standard (AES).
Reynolds discloses wherein the symmetric key is a 256-bit advanced encryption standard (AES) key (Reynolds [0021] “The data device 14 may have one or more encryption methods 34 that may be used to encrypt the data 30. An encryption method 34 represents any type of encryption method that may be utilized to encrypt data and/or decrypt encrypted data. For example, an encryption method 30 may be RSA, Data Encryption Standard (DES), triple DES (DESS), Advanced Encryption Standard (AES), AES-256, Cryptographic hash functions, Message authentication codes (MACs), symmetric encryption methods”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tervo to incorporate the teaching of Reynolds to utilize the above feature, with the motivation of implementing secure communication between requesting and sending devices, as recognized by (Reynolds [0016, 0021]), by utilizing and trying one of the finite number of encryption methods.
  
Claims 4-7 are rejected under 35 U.S.C. 103 as being unpatentable over Tervo et. al. (US 20140229386 A1), hereinafter Tervo in view of Reynolds (US 20190372945 A1), hereinafter Reynolds and further in view of Kohno et. al. (US 8520855 B1), hereinafter Kohno.
Regarding claim 4, Tervo in view of Reynolds teaches the computer-implemented method of claim 1, 
Tervo in view of Reynolds do not disclose randomly selected data servers.
Kohno wherein the one or more secret data servers are randomly selected (Kohno discloses key shares that are stored in different node/server locations, where the servers are selected randomly, Col. 7 line 45-59 “…generation module 409 identifies one or more locations to store each share of the data key within a network. In one embodiment, a location is a node within a network…generation module 409 identifies each location by deriving an address of each location using a random or pseudorandom number generator…the address generation module 409 selects one or more servers from a set of servers wherein each server is selected randomly or deterministically.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tervo to incorporate the teaching of Kohno to utilize the above feature, with the motivation of generating access key based on selecting node/server locations where key shares are stored and recover encrypted data, as recognized by (Kohno Col. 13 line 61-65), where the random selection is one of finite selections, random or deterministic, to try.
  
Regarding claim 5, Tervo in view of Reynolds teaches the computer-implemented method of claim 1, 
Tervo in view of Reynolds do not disclose how data servers are selected.
(Kohno discloses key shares that are stored in different node/server locations, where the servers are selected randomly, Col. 7 line 45-59 “generation module 409 identifies one or more locations to store each share of the data key within a network. In one embodiment, a location is a node within a network…generation module 409 identifies each location by deriving an address of each location using a random or pseudorandom number generator…the address generation module 409 selects one or more servers from a set of servers wherein each server is selected randomly or deterministically.”, where the selection is based random selection, corresponding to encryption policy).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tervo to incorporate the teaching of Kohno to utilize the above feature, with the motivation of generating access key based on selecting node/server locations where key shares are stored and recover encrypted data, as recognized by (Kohno Col. 13 line 61-65), where the random selection is one of finite selections, random or deterministic, to try.

Regarding claim 6, Tervo in view of Reynolds teaches the computer-implemented method of claim 5, 
Tervo in view of Reynolds do not disclose the below limitation.
wherein the encryption policy includes at least one of: 
a first rule that defines a predetermined threshold number of secret data servers from which to retrieve secret data; a second rule that defines the particular secret data the particular secret data servers from which to retrieve secret data elements based on a particular entity authorized to access the data encrypted by the symmetric key (Kohno Col. 11 line 15-16 “…the process retrieves 810 the needed number of shares as specified by the threshold number, M, of shares.”, where each key shares is stored in different server location, indicating a threshold number of server needed for retrieve the data key).
 It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tervo to incorporate the teaching of Kohno to utilize the above feature, with the motivation of reconstructing access key based on selecting node/server locations where key shares are stored and recover encrypted data, as recognized by (Kohno Col. 13 line 61-65).

Regarding claim 7, Tervo in view of Reynolds teaches the computer-implemented method of claim 1, 
Tervo in view of Reynolds do not disclose the below limitation.
Kohno discloses wherein the first secret data element is retrieved from a first secret data server and the second secret data element is retrieved from a second secret data server (Kohno discloses storing N key shares in various server locations, and retrieving at least M key shares from the various server locations in order to reconstruct the data key, Col. 3 line 37-41 “The shares of the data key are stored in one or more locations within a network. A location may be a node on a network or a virtual address within a node on a network. The node may include one or more devices within it (e.g., server systems or peer computer network).”, Figure 8 (810) Col. 11 line 13-14 “retrieves 810 key shares from one or more locations.”).  
  It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tervo to incorporate the teaching of Kohno to utilize the above feature, with the motivation of reconstructing access key based on selecting node/server locations where key shares are stored and recover encrypted data, as recognized by (Kohno Col. 13 line 61-65).

Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Tervo et. al. (US 20140229386 A1), hereinafter Tervo in view of Reynolds (US 20190372945 A1), hereinafter Reynolds, and further in view of Knas et. al. (US 10735193 B1), hereinafter Knas.
 
Regarding claim 10, Tervo in view of Reynolds teaches the computer-implemented method of claim 9, wherein the encryption policy includes: 
a first rule that defines the particular secret data elements to be retrieved from the one or more secret data servers (Tervo discloses in Figure 1 (102) and [0027] obtaining by the user equipment 114  key part collections 202A-D from the server 199); 
Tervo does not disclose a second rule where retrieving/receiving different secrets based on data being encrypted or authorized user.
Knas discloses a second rule that defines the particular secret data elements to be retrieved from the one or more secret data servers based on the particular data (Knas discloses retrieving secret segments from nodes/servers, where the number of key segments retrieved is based on the particular type of data, i.e. sensitive such as financial data, or less sensitive, Col. 11 line 55-65), 
Knas discloses a third rule that defines the particular secret data elements to be retrieved from the one or more secret data servers based on a particular entity authorized to access the data encrypted by the symmetric key (Knas discloses retrieving key fragment elements based on authorized user, Figure 5, Col. 18 line 6-14 “At step 506, the analytics server may display an authentication request on the graphical user interface…An authentication request may refer to an input field configured to request inputs from the user in order to authenticate the user. Upon displaying the authentication request, the analytics server may receive an input from the user's client computing device (step 508).”, Col. 20 line 39-43 “…upon positively authenticating the user, may instruct a database to transmit a key record associated encryption and division of the blockchain key.”, Col. 20 line 50-54 “At step 512, the analytics server may instruct one or more network nodes to transmit the encrypted key segments.”, Col. 21 line 18-31 “At step 516, the analytics server may generate a blockchain key string based on the division method used. Upon decrypting the encrypted key segments based on the received encryption methods (step 514), the analytics server may append the key segments in accordance with the first encryption method (e.g., append the strings associated with each key segment) in order to generate a blockchain key. For example, and referring to FIG. 4, the analytics server may append key segments 420a-c in order to generate blockchain key 410. The analytics server may then display the blockchain key on the graphical user interface associated with the user's computing device or otherwise transmit the blockchain key to the user computing device or any other computing device selected by the user.” where the retrieval of the key segments (510-514) is performed based on the user authentication (508)).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tervo in view of Reynolds to incorporate the teaching of Knas to utilize the above feature, with the motivation of decreasing the chances of data compromise in case of a cyber-attack, as recognized by (Knas [0029]).

Claim 15 is rejected under 35 U.S.C. 103 as being unpatentable over Tervo et. al. (US 20140229386 A1), hereinafter Tervo in view of Reynolds (US 20190372945 A1), hereinafter Reynolds, Singhal (US 8363834 B1), hereinafter Singhal.

Regarding claim 15, Tervo in view of Reynolds teaches the computer-implemented method of claim 1, wherein an order in which the first secret data element [byte string] and the second secret data element [byte string] are combined to generate the symmetric key [is random] (Tervo discloses random selection of two key parts from each key part collection 202A-D, [0030] “At 108, the application 180 at user equipment 114 may select key parts. For example, application 180 may randomly select 2 key parts from each collection, as depicted at 220A-D at FIG. 2.”, [0031] “At 110, a symmetric key may be generated, based on the selected key parts…user equipment 114 and/or application 180 may select the key values from each of the selected key parts 220A-D and then combine those key values to form a symmetric key. Referring again to FIG. 2, the generated key is 7613167486354513 (at 230). This generated key represents the concatenation of the selected key parts values, 76 and 13, from the first collection, the key parts values, 16 and 74, from the second collection, the key parts values, 86 and 35, from the third collection, and the key parts values, 45 and 13, from the fourth collection.”, [0033-0034] disclose the order of coming key parts to form the symmetric key).    
Tervo does not explicitly disclose byte strings as discussed in claim 1.
Reynolds discloses dividing secret data elements into byte strings. Rationale and motivation described in claim 1 applies.
Tervo discloses generating symmetrical key from key parts, however, Tervo in view of Reynolds do not disclose the order of combining two key/secret elements is random. Emphasis in italic.
Singhal discloses wherein an order in which the first secret data element byte string and the second secret data element byte string are combined to generate the symmetric key is random (Singhal Col 5 line 40-50 “two keys are concatenated in a random order to yield a key of twice the length of the prior art key”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tervo in view of Reynolds to incorporate the teaching of Singhal to utilize the above feature, with the motivation of producing a stronger key, as recognized by (Singhal Col 5 line 40-50).

Claim 18-20 is rejected under 35 U.S.C. 103 as being unpatentable over Tervo et. al. (US 20140229386 A1), hereinafter Tervo in view of Knas et. al. (US 10735193 B1), hereinafter Knas and further in view of. Reynolds (US 20190372945 A1), hereinafter Reynolds, 

Regarding claim 18, Tervo teaches a computer-implemented method for regenerating a symmetric key for data decryption (Tervo [0020, 0045-0046] discloses generating symmetric key based on key parts, Figure 1 illustrates steps to generate symmetric key in (110)) for encryption (112) and decryption (116), the computer-implemented method comprising: 
retrieving, by the server-side device, a first secret data element and a second secret data element from a first secret data server (Tervo [0024] “server 199 (i.e. server-side device) includes a security module that generates, or receives from a random or key generator (i.e. first secret data server), 4 key parts collections”); 
transmitting, by the server-side device, the first secret data element and the second secret data element to the client-side device (Tervo Figure 1 (102-104) and [0027] “At 104, the server 199 may send the key parts collections generated and stored at 102 to user equipment 114 (i.e. client-side device)…server 199 may share the key parts collections 202A-D with user equipment 114 including mobile payment application 180 by sending the key parts collections 202A-D.”, where the key part collection 1 202A and key part collection 2 202B in Figure 2 correspond to the first secret data element and a second secret data element, respectively, where the key part collections 202A-D are obtained via a secure connection, i.e. secret key part collections, as disclosed in [0027] “…user equipment 114 may obtain the initial key parts collections (and/or other software and/or data for the mobile application 180) via a secure connection using, for example, a symmetric key shared through asymmetric encryption.”); and 
regenerating, by the client-side device, the symmetric key based on a decryption policy (Tervo [0046] “…the user equipment 114 may decrypt the SMS acknowledgement message by at least obtaining the indexes 626 from the header of the received SMS message, re-generating at 628 the symmetric key from the obtained indexes, and at 630 decrypting, using the regenerated key, the payload of the SMS acknowledgement message.”, where the method of re-generating the symmetric key from key parts of each key part collection 202AD illustrated in Figure 2, corresponds to the decryption policy), 
wherein the decryption policy includes: 
a first rule for dividing each of the first secret data element and the secret data element into a number of secret data element [byte strings] (Tervo discloses in [0046] the user equipment re-generating a symmetric key for decrypting an encrypted message received from the server 199, where the re-generated symmetric key relies on receiving indexes embedded in the message header to identify two key parts of each key part collections 220A-B illustrated in Figure 2 to use for re-generating the symmetric key, where the method of generation is disclosed in [0030-0031],    
examiner notes that the selection, based on received indexes, by the user equipment 114, of two key parts from each key part collection 220A-D is a direct result of the system identifying each key part collection and ability to divide each key part collection when selecting two key parts from each key part collection,
where the instruction for the system to be able to dissect every key part collection 202A-B, corresponding the first secret data element and the second secret data element, and identify the two key parts from each key part collection and accordingly re-generating the symmetric key, corresponds to the decryption policy and the first rule); 
a second rule for selecting a first secret data element [byte string] from the first secret data element and a second secret data element [byte string] from the second secret data element (Tervo discloses in [0046] selecting based on the indexes in the message header, every two key parts associated with every key part collection 202A-D illustrated in Figure 2 in order re-generate symmetric key, where the selection based on the matrixes corresponds to the second rule, as further disclosed in [0030-0031]); and 
a third rule for combining the first secret data element [byte string] and the second secret data element [byte string] to form the symmetric key (Tervo discloses in [0046] the re-generation of the symmetric key based on combining two key parts from each key part collection 202A-D illustrated in Figure 2 and disclosed in [0030-0031], where the order to combine the key parts is based on ordered index, or order agreed upon between the server and the user equipment as disclosed in [0033-0034], corresponding to a third rule).  
generating symmetric key based on a request for accessing encrypted message/data, however, Tervo does not explicitly disclose receiving request by the server-side device. Emphasis in Italic.
Knas discloses receiving, by a server-side device, a request for a plurality of secret data elements for regenerating a symmetric key for access to encrypted data (Knas Figure 5 and Col. 17 line 59-“At step 504, the analytics server may receive a request to retrieve a secure blockchain key associated with the user's blockchain…the user (operating the client computing device) may log into the website hosted by the analytics server to request retrieval of his secure blockchain key.”, where the key is used for accessing encrypted data as disclosed in Col. 9 line 62-67 and Col. 10 line 1-2, where the request results into the generating instruction to the network nodes to transmit key segment strings as illustrated in Figure 5 (512)).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tervo to incorporate the teaching of Knas to utilize the above feature, such that the system is provided with blockchain key based on requests and authenticated users, as recognized by (Knas Col. 18 line 23-25).

Tervo discloses, in Figure 2, 16 key part values (208) in each key part collection 202A-D, where only two key part values are from each key part collection 202A-D are randomly selected, where the randomly selected 8 key part values are combined to generate a symmetric key, while it is obvious for one of ordinary skill in the art before the effective date of the claimed invention to realize that key part collections 202A-D explicitly indicate dividing a key part collection into byte strings. 
Reynolds discloses dividing secret data elements into byte strings (Reynolds discloses in dividing a secure encryption key into key portions, where each key portion consists of a byte or two bytes of the encryption key, corresponding to a byte string, [0062] “A key portion may be any portion of the encryption key. For example, a key portion may be a nibble (4 bits) of an encryption key, a byte of an encryption key, two bytes of an encryption key, or any other portion of the encryption key…when the key portion is a byte, and the encryption key is 256 bytes, then the encryption key may be broken up into 256 key portions.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tervo in view of Knas to incorporate the teaching of Reynolds to utilize the above feature, with the motivation of dividing encryption keys into portions such that impeding unauthorized entities from hacking the encryption key, as recognized by (Reynolds [0015]).

Regarding claim 19, Tervo in view of Knas and Reynolds teaches the computer-implemented method of claim 18, further comprising: retrieving, by the server-side device, the decryption policy for regenerating the symmetric key for data decryption (Tervo discloses the server 199 receiving the encrypted payload message along with the index header, where the symmetric key re-generation described in claim 18 is generated in order to decrypt the payload message, this is illustrated in Figure 2 (116) and Figure 5 (612-618) and disclosed in [0038, 0045]); and 
transmitting, by the server-side device, the first secret data element and the second secret data element to the client-side device (Tervo discloses in [0027] and Figures 1-2 (102) receiving, from the server 199, kay part collections 202A-D, [0040] further discloses sending renewed kay part collections 202A-D from the server 199, where key part collections 202A-B correspond to the first and second secret data element).  

Regarding claim 20, Tervo teaches a computer-implemented method for regenerating a symmetric key for data decryption (Tervo [0020] discloses generating symmetric key based on key parts, Figure 1 illustrates steps to generate symmetric key in (110)) for encryption (112) and decryption (116), the computer-implemented method comprising: 
retrieving, by the server-side device, a first secret data element and a second secret data element from a first secret data server (Tervo [0024] “server 199 (i.e. server-side device) includes a security module that generates, or receives from a random or key generator (i.e. first secret data server), 4 key parts collections”); 
regenerating, by the server-side device, the symmetric key based on a decryption policy (Tervo [0045] “…At 612, the SMS message (see, e.g., 280) may be sent to server 199. When server 199 receives the SMS message, the server 199 may decrypt the SMS message by at least obtaining at 612 the indexes from the header of the SMS message, re-generating at 614 the symmetric key from the obtained indexes.”, where the method of re-generating the symmetric key from key parts of each key part collection 202AD illustrated in Figure 2 described in [0030-0031], corresponds to the decryption policy), 
wherein the decryption policy includes: 
a first rule for dividing each of the first secret data element and the secret data element into a number of secret data element [byte strings] (Tervo discloses in [0045] the user equipment re-generating a symmetric key for decrypting an encrypted message received from the user equipment 114, where the re-generated symmetric key relies on receiving indexes embedded in the message header to identify two key parts of each key part collections 220A-B illustrated in Figure 2 to use for re-generating the symmetric key, where the method of generation is disclosed in [0030-0031],    
examiner notes that the selection, based on received indexes, by the server 199 of two key parts from each key part collection 220A-D is a direct result of the system identifying each key part collection and ability to divide each key part collection when selecting two key parts from each key part collection,
where the instruction for the system to be able to dissect every key part collection 202A-B, corresponding the first secret data element and the second secret data element, and identify the two key parts from each key part collection and accordingly re-generating the symmetric key, corresponds to the decryption policy and the first rule); 
[byte string] from the first secret data element and a second secret data element [byte string] from the second secret data element (Tervo discloses in [0045] selecting based on the indexes in the message header, every two key parts associated with every key part collection 202A-D illustrated in Figure 2 in order re-generate symmetric key, where the selection based on the matrixes corresponds to the second rule, as further disclosed in [0030-0031]; and 
a third rule for combining the first secret data element [byte string] and the second secret data element [byte string] to form the symmetric key (Tervo discloses in [0045] the re-generation of the symmetric key based on combining two key parts from each key part collection 202A-D illustrated in Figure 2 and disclosed in [0030-0031], where the order to combine the key parts is based on ordered index, or order agreed upon between the server and the user equipment as disclosed in [0033-0034], corresponding to a third rule). 

Tervo discloses generating symmetric key based on a request for accessing encrypted message/data, however, Tervo does not explicitly disclose receiving request by the server-side device and transmitting key from the server-side device. Emphasis in Italic.
Knas discloses receiving, by a server-side device, a request from a client-side device for a symmetric key to access encrypted data (Knas Figure 5 and Col. 17 line 59-“At step 504, the analytics server may receive a request to retrieve a secure blockchain key associated with the user's blockchain…the user (operating the client computing device) may log into the website hosted by the analytics server to request retrieval of his secure blockchain key.”, where the key is used for accessing encrypted data as disclosed in Col. 9 line 62-67 and Col. 10 line 1-2, where the request results into the generating instruction to the network nodes to transmit key segment strings).
transmitting, by the server-side device, the symmetric key to the client-side device (Knas discloses Col. 21 line 18-31 “At step 516, the analytics server may generate a blockchain key string based on the division method used. Upon decrypting the encrypted key segments based on the received encryption methods (step 514), the analytics server may append the key segments in accordance with the first encryption method (e.g., append the strings associated with each key segment) in order to generate a blockchain key. For example, and referring to FIG. 4, the analytics server may append key segments 420a-c in order to generate blockchain key 410. The analytics server may then display the blockchain key on the graphical user interface associated with the user's computing device or otherwise transmit the blockchain key to the user computing device or any other computing device selected by the user.” where the retrieval of the key segments (510-514) is performed based on the user authentication (508)).).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tervo to incorporate the teaching of Knas to utilize the above feature, such that the system is provided with blockchain key based on requests and authenticated users, as recognized by (Knas Col. 18 line 23-25).

Tervo discloses, in Figure 2, 16 key part values (208) in each key part collection 202A-D, where only two key part values are from each key part collection 202A-D are randomly selected, where the randomly selected 8 key part values are combined to generate a symmetric key, while it is obvious for one of ordinary skill in the art before the effective date of the claimed invention to realize that key part collections 202A-D comprising the key part values are represented by bits or bytes on a computer device, where a subset of the key part collection, i.e. two key part value, is translated into a subset of the bits or bytes of the key part collection, which implies a subset of bits or bytes, however, Tervo in view of Knas do not explicitly indicate dividing a key part collection into byte strings. 
Reynolds discloses dividing secret data elements into byte strings (Reynolds discloses in dividing a secure encryption key into key portions, where each key portion consists of a byte or two bytes of the encryption key, corresponding to a byte string, [0062] “A key portion may be any portion of the encryption key. For example, a key portion may be a nibble (4 bits) of an encryption key, a byte of an encryption key, two bytes of an encryption key, or any other portion of the encryption key…when the key portion is a byte, and the encryption key is 256 bytes, then the encryption key may be broken up into 256 key portions.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tervo in view of Knas to incorporate the teaching of Reynolds to utilize the above feature, with the motivation of dividing .

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Kurspahic (US 20160014110 A1) discloses in Figure 2A-B dividing the encrypted decryption key into two elements to be a part of two combinations, where the two elements are later retrieved and combined in order to recover the decryption key. 
Endo (US 10027479 B2) discloses in Figure 8 combining bit sequences of a first key in various combinations to generate different keys.
Gupta (US 20180227122 A1) discloses in Figure 1A deriving encryption key from bit streams by selecting, based on permutations, portions of the bit stream.
Petty (US 20140230028 A1) discloses in Figure 3 concatenation of key elements 1, 2 and 3 in as many combination available.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to BASSAM A NOAMAN whose telephone number is (571)272-2705.  The examiner can normally be reached on Monday-Friday 8:30 AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A. Shiferaw can be reached on (571) 272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/BASSAM A NOAMAN/           Examiner, Art Unit 2497