Notice of Pre-AIA  or AIA  Status

Claim Rejections – 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. 

Claims 13-18 are rejected under 35 USC 101 because the claimed invention is directed to an abstract idea without significantly more.
Claim 1 recites (emphasis added): 
13. (New) A search device comprising: 

processing circuitry to count a correspondence number of auxiliary tags corresponding to an auxiliary query obtained by conversion of a keyword, among stored auxiliary tags generated by conversion of a search word by a tag generation device; and

to specify an encryption tag corresponding to a search query being set with attribute information indicating an attribute of a user, and the keyword, among stored encryption tags generated by the tag generation device so as to be set with an access condition indicating an accessible attribute, and the search word, until a number of the specified encryption tags reaches the counted correspondence number.

Examiner finds that the emphasized portions of claim 1 recite an abstract idea—namely, mental steps. See MPEP 2106.04(a)(2)(III). 
When read as a whole, the recited limitations are directed to using mental steps to observe and evaluate data. See id (“Accordingly, the ‘mental processes’ abstract idea grouping is defined as concepts performed in the human mind, and examples of mental processes include observations, evaluations, judgments, and opinions”). 
id. 
The second element merely requires mentally specifying a tag (i.e. information) corresponding to a query where the tag contains user permissions. This task could be performed by a human mind or a human using pen and paper. See id. 
Examiner finds the following elements additional: 
13. (New) A search device comprising: 

processing circuitry to. . .  by a tag generation device; 
		. . . 
among stored encryption tags generated . . . so as to be set with an access condition indicating an accessible attribute. . . 

The elements “search device”; “processing circuitry”; and “tag generation device” are recited at a high level of generality such that they amount no more than mere instructions to apply the exception using a generic computer component. See MPEP 2106.05(f).  Accordingly, this additional element does not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. 
With respect to “among stored encryption tags generated . . . so as to be set with an access condition indicating an accessible attribute,” Examiner finds this element to be insignificant extra solution activity.  See MPEP 2106.05(g). Examiner finds storing encrypted data is mere data gathering.  See id. 




	With respect to the remaining additional elements, insignificant extra solution activity cannot provide “significantly more” than the abstract idea.  See MPEP 2106.05(g) (“Another consideration when determining whether a claim integrates the judicial exception into a practical application in Step 2A Prong Two or recites significantly more in Step 2B is whether the additional elements add more than insignificant extra-solution activity to the judicial exception.”). 
	Claim 18 is rejected for the same reasons above.  Claim 18 “non-transitory computer readable medium” is subject to the same analysis as “search device” recited above. 
Claim 15 recites “15. (New) The search device according to claim 13, wherein the processing circuitry specifies the encryption tag corresponding to the search query by performing pairing operation.”  Examiner finds that “pairing” merely requires observation and evaluation of the tag and the query. Thus, Examiner finds this element is a mental process. 
Claim 16 recites “16. (New) The search device according to claim 14, wherein the processing circuitry specifies the encryption tag corresponding to the search query by performing pairing operation.”   Examiner finds that “pairing” merely requires observation and evaluation of the tag and the query. Thus, Examiner finds this element is a mental process. 
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.

Claims 13–18 are rejected under 35 U.S.C. 102(a) (1) as being anticipated by Philipp US 20160344707 (IDS 11/25/2020 US Patent Documents Cite No. 1). 
With respect to claim 13, Philipp US 20160344707 teaches “13. (New) A search device comprising: processing circuitry to count a correspondence number of auxiliary tags corresponding to an auxiliary query obtained by conversion of a keyword, among stored auxiliary tags generated by conversion of a search word by a tag generation device” 
[0018] In some embodiments, the first client is configured to encrypt the file by applying a (q,n) threshold secret-sharing scheme wherein n is the number of stored encrypted portions and wherein q are the number of portions required to recover the file, and wherein the second client is configured to separately submit q separate encrypted search queries, and separately retrieve q encrypted portions.

[0038] This invention proposes a method to retrieve statically stored data as fragmented and scattered portions via query. A two-tiered query-based method to share data is proposed: an outer plaintext tier, and an inner encrypted tier. The outer tier interfaces with the users, and provides an interface in keeping with conventional file sharing methods, allowing users to `tag` a file with a plaintext term, `select` a contact with whom to share the file, `upload` the file, and subsequently `query` for the plaintext tag to retrieve the file. Any of the many known graphical user interfaces (GUIs) that provide such services may be implemented for the outer tiers of the uploading client and receiving client applications. The inner tier interfaces with the network, storage device and index, such that the data flowing there between is both encrypted and fragmented. A 

[0111] Clients 114 and/or 110 may apply a normalization technique, as are known in the art, to convert any entered plain-text tag to a normalized form prior to encryption by key K.sub.i. For example, the normalization may neutralize capitalization of letters, or remove spaces, and thus, either of plain-text tags `Family` and `family` may be used to retrieve file 200. Similarly, either of plain-text tags `photo 2016` and `photo2016` may be used to recover file 200. 

(Examples of search words are “Family” and “photo 2016”; examples of aux queries are “photo2016” and “family”; “photo 2016” is converted to “photo2016,” for example); 

[0018] In some embodiments, the first client is configured to encrypt the file by applying a (q,n) threshold secret-sharing scheme wherein n is the number of stored encrypted portions and wherein q are the number of portions required to recover the file, and wherein the second client is configured to separately submit q separate encrypted search queries, and separately retrieve q encrypted portions.

  [0025] In some embodiments, the multiple combinations are determined according to the prime factors of the number of the stored encrypted portions, and wherein the number of the multiple encryption keys corresponds to the sum of the prime factors.

[0114] Reference is now made to FIG. 3 which illustrates a system to index the multiple cipher-text/locator pairs, in accordance with an embodiment. To prevent mutually associating the multiple cipher-text/locator pairs by monitoring index 116 and observing that the pairs were written and/or read to/from index 116 within a short time frame, or originated from the same IP address, multiple copies of index 116 may be distributed at different servers 116a. Clients 110 and 114 may distribute the read/write requests across the different indexes 116, while insuring not to write and/or query from any one index 116 a sufficient number of ciphertext/locator pairs to recover file 200. To ensure all of indexes 116 are updated, a synchronizer 126 may periodically update indexes 116, such as by logically OR'ing the inclusion of each cipher-text locator pair across all the indexes 116 and adding any missing pairs as necessary. The time interval for updating may be balanced against the frequency of uploading files by client 110, i.e. a long time interval may allow a sufficient number of cipher-text/locator pairs to be written to indices 116(n) such that correctly grouping any newly written entries into their corresponding file may be considerably complex, whereas a short time interval may increase reliability for subsequent queries by client 114. If clients 110 and 114 access index 116 anonymously, in a high traffic environment, the task of grouping the index queries belonging to any one file may be considerable.

	(“adding” and “sum” require a count); 

“and to specify an encryption tag corresponding to a search query being set with attribute information indicating an attribute of a user, and the keyword  among stored encryption tags generated by the tag generation device so as to be set with an access condition indicating an accessible attribute”
[0040] The uploading client's inner tier encrypts and fragments the file, received from the outer tier, into portions. Additionally, the plaintext tag is encrypted multiple times using different keys to generate multiple different encrypted ciphertexts, or `signatures`, one for indexing each of the encrypted file portions. The encrypted file portions are uploaded over a network onto a storage device, and each portion is separately indexed according to one of the ciphertexts. Thus, from the perspective of the network, storage device and indexing service, the uploaded data appear as multiple, independent, and separately indexed files. Since both the file portions and the indexing terms are encrypted, the data uploaded by the uploading client do not include information that can indicate that the portions belong together or are associated with the same file, nor that the indexing terms belong together and are associated with the same file. This makes it hard for an unauthorized user to guess which portions and/or index terms are needed to recover the file. When many such files are fragmented and indexed, the problem of determining which portions belong to what file can become significantly more complex. 


[0112] Optionally, each of multiple files may be tagged with more than one plain-text tags, and thus indexed via multiple sets of ciphertexts, allowing a hierarchical file retrieval platform that allows retrieving different files responsive to different plain text search queries using the same or a different set of keys K.sub.I(n), allowing to structure and organize secure access to data. For example, different levels of authorization may be granted by disclosing different plain-texts to different users all sharing the same set of keys K.sub.I(n), or subsets of keys. 

(ciphertexts are encryption tags); and see ¶ 114; user attributes are the different plain-texts which also provide “accessible attributes”); 
“and the search word, until a number of the specified encryption tags reaches the counted correspondence number” 
[0045] Thus, in addition to the encryption, the factorization of n, corresponding to the dimensions of the array, may be used to encode and decode the data. The dimensions of the array may correspond to the prime factors of the number of file portions n. There are several advantages to this: a) the set of prime factors for n is unique and thus for a given n, both the uploading and receiving clients can create the same array, b) the sum of the prime factors is the minimum sum of the factors of n. Since the number of keys required corresponds to the dimensions of the array, using the prime factors requires a minimal number of keys.

(minimum number is “correspondence number”). 

With respect to claim 14, Philipp teaches “14. (New) The search device according to claim 13, wherein the auxiliary tag is generated by inputting an auxiliary key and the search word to a target system that is a common key cryptosystem or a hash function and converting the search word” 
[0111] Clients 114 and/or 110 may apply a normalization technique, as are known in the art, to convert any entered plain-text tag to a normalized form prior to encryption by key K.sub.i. For example, the normalization may neutralize capitalization of letters, or remove spaces, and thus, either of plain-text tags `Family` and `family` may be used to retrieve file 200. Similarly, either of plain-text tags `photo 2016` and `photo2016` may be used to recover file 200. 

[0112] Optionally, each of multiple files may be tagged with more than one plain-text tags, and thus indexed via multiple sets of ciphertexts, allowing a hierarchical file retrieval platform that allows retrieving different files responsive to different plain text search queries using the same or a different set of keys K.sub.I(n), allowing to structure and organize secure access to data. For example, different levels of 

“and wherein the auxiliary query is generated by inputting the auxiliary key and the keyword to the target system and converting the keyword”
0115] In one embodiment, index 116 may be implemented via a publicly accessible search engine. Each ciphertext/encrypted locator pair may be stored within an indexable webpage. The ciphertext may be stored in an indexable portion of the webpage, such as within a pair of <header>, </header>; <title>, </title>, and/or <body>, </body> hypertext markup language (HTML) tags, or any other suitable indication to the search engine to index the webpage according to the ciphertext. The encrypted locator may be stored in a manner that is not indexable, such as a JavaScript or HTML comment, or padded to exceed the indexable token length. Client 110 may submit such a webpage for each ciphertext/encrypted locator pair for indexing by the search engine via a webmaster tool. Once indexed, client 114 may query the search engine using the ciphertexts, retrieve the webpages and extract the encrypted locators to retrieve the portions, as described above.

With respect to claim 15, Philipp teaches “15. (New) The search device according to claim 13, wherein the processing circuitry specifies the encryption tag corresponding to the search query by performing pairing operation” 

[0048] A centralized encrypted index may provide access to the portions, and may list the ciphertext index terms together with the encrypted storage locations of the portions as encrypted pairs. The encrypted index may store numerous such pairs for numerous files. Each encrypted pair may appear as a generic index entry, similar in format and/or length to the other encrypted pairs stored in the index, without disclosing any information regarding the file to which it belongs, nor to any of the other encrypted pairs that index any of the portions belonging to the same file. Thus a hacker searching through such an index may be faced with a considerable task of determining which pairs belong to any given file. Furthermore, each encrypted pair is encrypted using different key(s), thus even should a hacker succeed in identifying pairs belonging to the same file, decrypting them to access the portions may prove a further 

[0114] Reference is now made to FIG. 3 which illustrates a system to index the multiple cipher-text/locator pairs, in accordance with an embodiment. To prevent mutually associating the multiple cipher-text/locator pairs by monitoring index 116 and observing that the pairs were written and/or read to/from index 116 within a short time frame, or originated from the same IP address, multiple copies of index 116 may be distributed at different servers 116a. Clients 110 and 114 may distribute the read/write requests across the different indexes 116, while insuring not to write and/or query from any one index 116 a sufficient number of ciphertext/locator pairs to recover file 200. To ensure all of indexes 116 are updated, a synchronizer 126 may periodically update indexes 116, such as by logically OR'ing the inclusion of each cipher-text locator pair across all the indexes 116 and adding any missing pairs as necessary. The time interval for updating may be balanced against the frequency of uploading files by client 110, i.e. a long time interval may allow a sufficient number of cipher-text/locator pairs to be written to indices 116(n) such that correctly grouping any newly written entries into their corresponding file may be considerably complex, whereas a short time interval may increase reliability for subsequent queries by client 114. If clients 110 and 114 access index 116 anonymously, in a high traffic environment, the task of grouping the index queries belonging to any one file may be considerable.

With respect to claim 16, Philipp teaches “16. (New) The search device according to claim 14, wherein the processing circuitry specifies the encryption tag corresponding to the search query by performing pairing operation” in 
[0048] A centralized encrypted index may provide access to the portions, and may list the ciphertext index terms together with the encrypted storage locations of the portions as encrypted pairs. The encrypted index may store numerous such pairs for numerous files. Each encrypted pair may appear as a generic index entry, similar in format and/or length to the other encrypted pairs stored in the index, without disclosing any information regarding the file to which it belongs, nor to any of the other encrypted pairs that index any of the portions belonging to the same file. Thus a hacker searching through such an index may be faced 

[0114] Reference is now made to FIG. 3 which illustrates a system to index the multiple cipher-text/locator pairs, in accordance with an embodiment. To prevent mutually associating the multiple cipher-text/locator pairs by monitoring index 116 and observing that the pairs were written and/or read to/from index 116 within a short time frame, or originated from the same IP address, multiple copies of index 116 may be distributed at different servers 116a. Clients 110 and 114 may distribute the read/write requests across the different indexes 116, while insuring not to write and/or query from any one index 116 a sufficient number of ciphertext/locator pairs to recover file 200. To ensure all of indexes 116 are updated, a synchronizer 126 may periodically update indexes 116, such as by logically OR'ing the inclusion of each cipher-text locator pair across all the indexes 116 and adding any missing pairs as necessary. The time interval for updating may be balanced against the frequency of uploading files by client 110, i.e. a long time interval may allow a sufficient number of cipher-text/locator pairs to be written to indices 116(n) such that correctly grouping any newly written entries into their corresponding file may be considerably complex, whereas a short time interval may increase reliability for subsequent queries by client 114. If clients 110 and 114 access index 116 anonymously, in a high traffic environment, the task of grouping the index queries belonging to any one file may be considerable.

With respect to claim 17, Philipp teaches “17. (New) A searchable encryption system comprising a tag generation device, a query generation device, and a search device. the tag generation device comprising processing circuitry: to generate an auxiliary tag by converting a search word” 
[0038] This invention proposes a method to retrieve statically stored data as fragmented and scattered portions via query. A two-tiered query-based method to share data is proposed: an outer plaintext tier, and an inner allowing users to `tag` a file with a plaintext term, `select` a contact with whom to share the file, `upload` the file, and subsequently `query` for the plaintext tag to retrieve the file. Any of the many known graphical user interfaces (GUIs) that provide such services may be implemented for the outer tiers of the uploading client and receiving client applications. The inner tier interfaces with the network, storage device and index, such that the data flowing there between is both encrypted and fragmented. A conceptual diagram of the outer and inner tiers configured with an uploading client 110 and a receiving client 114 is shown in FIG. 1A.

[0111] Clients 114 and/or 110 may apply a normalization technique, as are known in the art, to convert any entered plain-text tag to a normalized form prior to encryption by key K.sub.i. For example, the normalization may neutralize capitalization of letters, or remove spaces, and thus, either of plain-text tags `Family` and `family` may be used to retrieve file 200. Similarly, either of plain-text tags `photo 2016` and `photo2016` may be used to recover file 200. 

(Examples of search words are “Family” and “photo 2016”; examples of aux queries are “photo2016” and “family”); 
“and to generate an encryption tag by setting an access condition indicating an accessible attribute and the search word” 

[0040] The uploading client's inner tier encrypts and fragments the file, received from the outer tier, into portions. Additionally, the plaintext tag is encrypted multiple times using different keys to generate multiple different encrypted ciphertexts, or `signatures`, one for indexing each of the encrypted file portions. The encrypted file portions are uploaded over a network onto a storage device, and each portion is separately indexed according to one of the ciphertexts. Thus, from the perspective of the network, storage device and indexing service, the uploaded data appear as multiple, independent, and separately indexed files. Since both the file portions and the indexing terms are encrypted, the data uploaded by the uploading client do not include information that can indicate that the portions belong together or are associated with the same file, nor that the indexing terms belong together and are associated with the same file. This makes it hard for an unauthorized user to guess which portions and/or index terms are needed to recover the file. When many such files are fragmented and indexed, the problem of determining which portions belong to what file can become significantly more complex. 


[0112] Optionally, each of multiple files may be tagged with more than one plain-text tags, and thus indexed via multiple sets of ciphertexts, allowing a hierarchical file retrieval platform that allows retrieving different files responsive to different plain text search queries using the same or a different set of keys K.sub.I(n), allowing to structure and organize secure access to data. For example, different levels of authorization may be granted by disclosing different plain-texts to different users all sharing the same set of keys K.sub.I(n), or subsets of keys. 

(ciphertexts are encryption tags and--see ¶ 114; user attributes are the different plain-texts); 
“the query generation device comprising processing circuitry: to generate an auxiliary query by converting a keyword” 
0115] In one embodiment, index 116 may be implemented via a publicly accessible search engine. Each ciphertext/encrypted locator pair may be stored within an indexable webpage. The ciphertext may be stored in an indexable portion of the webpage, such as within a pair of <header>, </header>; <title>, </title>, and/or <body>, </body> hypertext markup language (HTML) tags, or any other suitable indication to the search engine to index the webpage according to the ciphertext. The encrypted locator may be stored in a manner that is not indexable, such as a JavaScript or HTML comment, or padded to exceed the indexable token length. Client 110 may submit such a webpage for each ciphertext/encrypted locator pair for indexing by the search engine via a webmaster tool. Once indexed, client 114 may query the search engine using the ciphertexts, retrieve the webpages and extract the encrypted locators to retrieve the portions, as described above.

“and to generate a search query by setting attribute information indicating an attribute of a user, and the keyword” 
0040] The uploading client's inner tier encrypts and fragments the file, received from the outer tier, into portions. Additionally, the plaintext tag is encrypted multiple times using different keys to generate multiple different encrypted ciphertexts, or `signatures`, one for indexing each of the encrypted file portions. The encrypted file portions are uploaded over a network onto a storage device, and each portion is separately indexed according to one of the ciphertexts. Thus, from the perspective of the network, storage device and indexing service, the uploaded data appear as multiple, independent, and separately indexed files. Since both the file portions and the indexing terms are encrypted, the data uploaded by the uploading client do not include information that can indicate that the portions belong together or are associated with the same file, nor that the indexing terms belong together and are associated with the same file. This makes it hard for an unauthorized user to guess which portions and/or index terms are needed to recover the file. When many such files are fragmented and indexed, the problem of determining which portions belong to what file can become significantly more complex. 


[0112] Optionally, each of multiple files may be tagged with more than one plain-text tags, and thus indexed via multiple sets of ciphertexts, allowing a hierarchical file retrieval platform that allows retrieving different files responsive to different plain text search queries using the same or a different set of keys K.sub.I(n), allowing to structure and organize secure access to data. For example, different levels of authorization may be granted by disclosing different plain-texts to different users all sharing the same set of keys K.sub.I(n), or subsets of keys. 

(ciphertexts are encryption tags); and see ¶ 114; user attributes are the different plain-texts which also provide “accessible attributes”); 
“the search device comprising processing circuitry: to store the auxiliary tag generated by the processing circuitry of the tag generation device” 
[0040] The uploading client's inner tier encrypts and fragments the file, received from the outer tier, into portions. Additionally, the plaintext tag is encrypted multiple times using different keys to generate multiple different encrypted ciphertexts, or `signatures`, one for indexing each of the encrypted file portions. The encrypted file portions are uploaded over a network onto a storage device, and each portion is separately indexed according to one of the ciphertexts. Thus, from the perspective of the network, storage device and indexing service, the uploaded data appear as multiple, independent, and separately indexed files. Since both the file portions and the indexing terms are encrypted, the data uploaded by the uploading client do not include information that can indicate that the portions belong together or are associated with the same file, nor that the indexing terms belong together and are associated with the same file. This makes it hard for an unauthorized user to guess which portions and/or index terms are needed to recover the file. When many such files are fragmented and indexed, the problem of determining which portions belong to what file can become significantly more complex


“to store the encryption tag generated by the processing circuitry of the tag generation device” 
[0040] The uploading client's inner tier encrypts and fragments the file, received from the outer tier, into portions. Additionally, the plaintext tag is encrypted multiple times using different keys to generate multiple different encrypted ciphertexts, or `signatures`, one for indexing each of the encrypted file portions. The encrypted file portions are uploaded over a network onto a storage device, and each portion is separately indexed according to one of the ciphertexts. Thus, from the perspective of the network, storage device and indexing service, the uploaded data appear as multiple, independent, and separately indexed files. Since both the file portions and the indexing terms are encrypted, the data uploaded by the uploading client do not include information that can indicate that the portions belong together or are associated with the same file, nor that the indexing terms belong together and are associated with the same file. This makes it hard for an unauthorized user to guess which portions and/or index terms are needed to recover the file. When many such files are fragmented and indexed, the problem of determining which portions belong to what file can become significantly more complex

(index stores generated encryption tag); 
“to count a correspondence number of auxiliary tags corresponding to the auxiliary query generated by the processing circuitry of the query generation device among the stored auxiliary tags; a” 
[0045] Thus, in addition to the encryption, the factorization of n, corresponding to the dimensions of the array, may be used to encode and decode the data. The dimensions of the array may correspond to the prime factors of the number of file portions n. There are several advantages to this: a) the set of prime factors for n is unique and thus for a given n, both the uploading and receiving clients can create the same array, b) the sum of the prime factors is the minimum sum of the factors of n. Since the number of keys required corresponds to the dimensions of the array, using the prime factors requires a minimal number of keys. 

(requirement of a minimal number requires a count); 
“and to specify an encryption tag corresponding to the search query generated by the processing circuitry of the query generation device, 
[0045] Thus, in addition to the encryption, the factorization of n, corresponding to the dimensions of the array, may be used to encode and decode the data. The dimensions of the array may correspond to the prime factors of the number of file portions n. There are several advantages to this: a) the set of prime factors for n is unique and thus for a given n, both the uploading and receiving clients can create the same array, b) the sum of the prime factors is the minimum sum of the factors of n. Since the number of keys required corresponds to the dimensions of the array, using the prime factors requires a minimal number of keys. 

0048] A centralized encrypted index may provide access to the portions, and may list the ciphertext index terms together with the encrypted storage locations of the portions as encrypted pairs. The encrypted index may store numerous such pairs for numerous files. Each encrypted pair may appear as a generic index entry, similar in format and/or length to the other encrypted pairs stored in the index, without disclosing any information regarding the file to which it belongs, nor to any of the other encrypted pairs that index any of the portions belonging to the same file. Thus a hacker searching through such an index may be faced with a considerable task of determining which pairs belong to any given file. Furthermore, each encrypted pair is encrypted using different key(s), thus even should a hacker succeed in identifying pairs belonging to the same file, decrypting them to access the portions may prove a further challenge. The index may store a sufficient number of pairs to make the task of guessing the set of pairs that index a given file difficult. Furthermore, each file may be divided into a different number of portions, and thus the number of index entry pairs for the different files may vary, presenting another unknown variable to an intruder--not only does he need to know which blocks and/or indexing pairs to use in order to recover a file, he needs to know how many. 

[0049] By contrast, the authorized user possessing the keys and the plaintext tag can easily derive the ciphertext index terms and query the index to gain access to the portions for recovering the file. A symmetric encryption scheme may be used to encrypt the pairs in the index, such that the key(s) used to derive the search queries may be used to decrypt the storage location returned in response to the query. The encrypted file portion may then be accessed using the decrypted locator. The encryption algorithm for encrypting the file may be independent of the encryption algorithm for encrypting the plaintext, and thus may be any suitable encryption algorithm: symmetric or asymmetric. 

[0061] Optionally, the encrypted file portions are shares derived using a secure secret sharing scheme. For example, encrypted file 200 is divided by client 110 in accordance with a secure (q,n)-threshold secret sharing technique, where q is the minimal number of encrypted portions that need to be retrieved in order to recover file 200. Examples of such algorithms include Shamir's scheme, Rabin's IDA scheme, use of the Chinese Remainder theorem, to name a few. Alternatively, file 200 may be encrypted using any suitable technique, symmetric or asymmetric, and partitioned into n portions such that the size of each portion is approximately 1/n times the size of the encrypted file 200. 

(number is reached when minimum number is reached). 
With respect to claim 18, Philipp US 20160344707 teaches “(New) A non-transitory computer readable medium storing a search program that causes a computer to execute: an auxiliary collation process of counting a correspondence number of auxiliary tags corresponding to an auxiliary query obtained by conversion of a keyword among stored auxiliary tags generated by conversion of a search word by a tag generation device” 
[0018] In some embodiments, the first client is configured to encrypt the file by applying a (q,n) threshold secret-sharing scheme wherein n is the number of stored encrypted portions and wherein q are the number of portions required to recover the file, and wherein the second client is configured to separately submit q separate encrypted search queries, and separately retrieve q encrypted portions.

[0038] This invention proposes a method to retrieve statically stored data as fragmented and scattered portions via query. A two-tiered query-based method to share data is proposed: an outer plaintext tier, and an inner encrypted tier. The outer tier interfaces with the users, and provides an interface in keeping with conventional file sharing methods, allowing users to `tag` a file with a plaintext term, `select` a contact with whom to share the file, `upload` the file, and subsequently `query` for the plaintext tag to retrieve the file. Any of the many known graphical user interfaces (GUIs) that provide such services may be implemented for the outer tiers of the uploading client and receiving client applications. The inner tier interfaces with the network, storage device and index, such that the data flowing there between is both encrypted and fragmented. A conceptual diagram of the outer and inner tiers configured with an uploading client 110 and a receiving client 114 is shown in FIG. 1A.

For example, the normalization may neutralize capitalization of letters, or remove spaces, and thus, either of plain-text tags `Family` and `family` may be used to retrieve file 200. Similarly, either of plain-text tags `photo 2016` and `photo2016` may be used to recover file 200. 

(Examples of search words are “Family” and “photo 2016”; examples of aux queries are “photo2016” and “family”; “photo 2016” is converted to “photo2016,” for example); 

  [0025] In some embodiments, the multiple combinations are determined according to the prime factors of the number of the stored encrypted portions, and wherein the number of the multiple encryption keys corresponds to the sum of the prime factors.

[0114] Reference is now made to FIG. 3 which illustrates a system to index the multiple cipher-text/locator pairs, in accordance with an embodiment. To prevent mutually associating the multiple cipher-text/locator pairs by monitoring index 116 and observing that the pairs were written and/or read to/from index 116 within a short time frame, or originated from the same IP address, multiple copies of index 116 may be distributed at different servers 116a. Clients 110 and 114 may distribute the read/write requests across the different indexes 116, while insuring not to write and/or query from any one index 116 a sufficient number of ciphertext/locator pairs to recover file 200. To ensure all of indexes 116 are updated, a synchronizer 126 may periodically update indexes 116, such as by logically OR'ing the inclusion of each cipher-text locator pair across all the indexes 116 and adding any missing pairs as necessary. The time interval for updating may be balanced against the frequency of uploading files by client 110, i.e. a long time interval may allow a sufficient number of cipher-text/locator pairs to be written to indices 116(n) such that correctly grouping any newly written entries into their corresponding file may be considerably complex, whereas a short time interval may increase reliability for subsequent queries by client 114. If clients 110 and 114 access index 116 anonymously, in a high traffic environment, the task of grouping the index queries belonging to any one file may be considerable.

	(“adding” and “sum” require a count); 


[0040] The uploading client's inner tier encrypts and fragments the file, received from the outer tier, into portions. Additionally, the plaintext tag is encrypted multiple times using different keys to generate multiple different encrypted ciphertexts, or `signatures`, one for indexing each of the encrypted file portions. The encrypted file portions are uploaded over a network onto a storage device, and each portion is separately indexed according to one of the ciphertexts. Thus, from the perspective of the network, storage device and indexing service, the uploaded data appear as multiple, independent, and separately indexed files. Since both the file portions and the indexing terms are encrypted, the data uploaded by the uploading client do not include information that can indicate that the portions belong together or are associated with the same file, nor that the indexing terms belong together and are associated with the same file. This makes it hard for an unauthorized user to guess which portions and/or index terms are needed to recover the file. When many such files are fragmented and indexed, the problem of determining which portions belong to what file can become significantly more complex. 


[0112] Optionally, each of multiple files may be tagged with more than one plain-text tags, and thus indexed via multiple sets of ciphertexts, allowing a hierarchical file retrieval platform that allows retrieving different files responsive to different plain text search queries using the same or a different set of keys K.sub.I(n), allowing to structure and organize secure access to data. For example, different levels of authorization may be granted by disclosing different plain-texts to different users all sharing the same set of keys K.sub.I(n), or subsets of keys. 

(ciphertexts are encryption tags); and see ¶ 114; user attributes are the different plain-texts which also provide “accessible attributes”); 
“and the search word, until a number of the specified encryption tags reaches the correspondence number counted by the auxiliary collation process” 
a) the set of prime factors for n is unique and thus for a given n, both the uploading and receiving clients can create the same array, b) the sum of the prime factors is the minimum sum of the factors of n. Since the number of keys required corresponds to the dimensions of the array, using the prime factors requires a minimal number of keys.

(minimum number is “correspondence number”). 

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ALBERT M PHILLIPS, III whose telephone number is (571)270-3256.  The examiner can normally be reached on 10a-6:30pm EST M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Mariela D. Reyes can be reached on (571)270-1006.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is 






/ALBERT M PHILLIPS, III/         Primary Examiner, Art Unit 2159