Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This is in reply to papers filed on 07/18/2019. Claims 1-20 are pending. Claims 1, 8 and 16 is/are independent.

Information Disclosure Statement
	The information disclosure statement(s) (IDS) submitted on 07/18/2019 is/are in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement(s) is/are being considered by the examiner.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 12 and 20 is/are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Claims 12 and 20 recites “a second portion hash values for an update, that the second portion is the same as the first current portion hash value; determine, based on a comparison between a second current portion hash value and a third portion hash values for an update, that the third portion is different from the second current portion hash value” and “determine that the update has been received”.  However, it is not clear whether “for an update”, which is st update or 2nd update previously recited. Appropriate correction is required.
	
	
	

Claim Rejections - 35 USC § 103
	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

	The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
	
	This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claims 1-2, 5-8, 11, 16, and 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Smith et al. U.S. Publication 20170357496 (hereinafter “Smith”) in view of O'Hare et al. U.S. Publication 20130013931 (hereinafter “O'Hare”).
As per claim 1, Smith discloses 
A method, comprising:
(See Smith figure 3, elements 308, 310, and 334
para. 38 “method 300 for secure software updates”
	)

dividing an update into a number of portions, wherein the number of portions is based on a target portion size, and the number of portions comprises at least a first portion and a second portion; 
(See Smith Para. [0044]
Referring now to FIG. 4, diagram 400 illustrates a software release 204 and associated integrity hash tree 208. The software release 204 [update ] illustratively includes four [number of portions = 4 in this example ]packages 402, 404[a first portion= 402; and a second portion= 404;], 406, 408.[ portions= packages; dividing an update into a number of portions] Each package may include multiple[target portion size  is a size greater than one ]files or other sub-components [number of portions is disclosed by the 4 packages 402-408 illustrated in figure 4]
)

generating, for the first portion, a first portion hash value; 
generating, for the second portion, a second portion hash value; 
(See Smith Para. [0045]
Para. 45 As shown, the integrity hash tree 208 may be embodied as a Merkle hash tree including multiple hash nodes. Illustrative leaf hash nodes 416[first portion hash value;], 418[second portion hash value], 420, 422 are generated by calculating hash values for the packages 402[ first portion], 404[ second portion], 406, 408, respectively. 
)

generating, a first branch hash value, the branch hash value comprising a hash of a concatenation of the first portion hash value and the second portion hash value; 
generating a root hash value by concatenating the first branch hash value and a second branch hash value; 
 (See Smith Para. 
[0045]
parent hash node 424 [first branch hash value ]is generated by concatenating the hash nodes 416, 418 [concatenation of the first portion hash value and the second portion hash value ]and then calculating a hash value, and the parent hash node 426[a second branch hash value; ] is generated by concatenating the hash nodes 420, 422 and then calculating a hash value. The hash nodes 424, 426 represent the corresponding bundles 410, 412, respectively. The hash node 428 is generated by concatenating the hash nodes 424, 426 and then calculating a hash value. The leaf hash node 430 is generated by calculating a hash value for the version number 414. The root hash node 432 [a root hash value ] is generated by concatenating the hash nodes 428, 430 and then calculating a hash value[Smith’s process described with respect to figure 4 requires an additional step of concatenating the hash 428 and hash 430 in order to generate the root hash 432, which is not in the claim, nonetheless, claim 1 does not exclude additional steps needed to complete the computation of the root hash value; alternatively, the root hash value can also be disclosed by the hash 428 since claim 1 does not define the root hash value]
)

generating a signature based on the root hash value and a private key; 
(See Smith Para.
[0042] The root node of the 
integrity hash tree 208 may be calculated by concatenating the parent hash 	

number and then calculating a new hash value for the root node. 
[0049]
In block 324, the update server 102 generates a signature 216 for each hash node [generating a signature for each hash node would include generating a signature for root node of the integrity hash tree 208 which discloses root hash value ] of the integrity hash tree 208 using the one-time signature key pairs 212 and the authentication tree 214. ……, the update server 102 generates a one-time signature of a hash node using the private key of the corresponding key pair 212. 
)

generating an update comprising the signature, the root hash value, and a hash tree comprising first and second portion hash values, the first branch hash value, and the root hash value; 
(See Smith [ the update includes the data that is distributed to the client, as described in Smith para. 55, such data distributed to the client including integrity hash tree 208. Smith integrity hash tree 208 includes, as depicted in figure 4 and described in para. 45, the root hash value, and a hash tree comprising first and second portion hash values, the first branch hash value, and the root hash value. The data distributed to the client (para. 55) also includes signatures 216, which discloses the signature]
[0055]
In block 334, the update server 102 distributes ……the integrity hash tree 208, ……, and the associated signatures 216 to the client computing devices 104. 
)

transmitting the update to a client device for authentication; and 

In block 334, the update server 102 distributes ….. the integrity hash tree 208, ….., and the associated signatures 216 to the client computing devices 104. 
[064]
Referring back to block 720, if verified the method 700 advances to block 722, in which the client computing device 104 verifies each relevant hash node of the integrity hash tree 208 with the associated signature 216. [for authentication; authenticating the hashes with their  corresponding signatures]
)

transmitting one or more of the number of portions to the client device.
	(See Smith Para. [0055]
In block 334, the update server 102 distributes the release components of the software release 204, ….. To the client computing devices 104. 
Para. [0044]
The software release 204 illustratively includes four [number of portions = 4 in this example ]packages 402, 404
)

However, Smith does not expressly disclose 
generating an update header comprising the signature, the root hash value, and a hash tree comprising first and second portion hash values, the first branch hash value, and the root hash value; 
transmitting the update header to a client device for authentication; 
O'Hare discloses generating an update header comprising signatures and other metadata such as hashes to support transfer of network data

support for network data in motion may be provided  ……Simplified header generation process 4000 [0485]
a share integrity block and (optionally) a post-authentication tag (e.g., MAC) may be appended to the header block of each share.
O'Hare [0490] each data share may 
be secured using a share integrity portion including share integrity 
information (e.g., a SHA-256 hash[this hash may be appended to the header block]) of the encrypted, pre-partitioned data.  
O'Hare [0486]
share integrity information (e.g., a hash H) may be computed on the resulting ciphertext from step 4012. ……The integrity information (e.g., hash H) may then be appended to each data share. 
O'Hare [0487]
Each data share may include metadata, which may be necessary to permit correct reconstruction of the data blocks or data packets. This information may be included in the share header. The metadata may include such information as cryptographic key shares, key identities, share nonces, signatures/MAC values, and integrity blocks [hashes for checking integrity]. 
O'Hare [0488]
An integrity header chunk, which may include integrity checks for any number of the previous blocks (e.g., the previous two blocks) may also be included in the header. Any other suitable values or information may also be included in the share header.
)

transmitting the update header to a client device for authentication

parser 3000 may .. placing the shares of data into buffers from 
which they are sent for communication to a remote location[transmitting the update header to a client device, see e.g., para. 534 user device transmitting data to other devices], for storage, etc. 
O'Hare [0489] 
after header block 4102 is transmitted from a 
first location to a second location, the output blocks may then be transmitted.  
Alternatively, header block 4102 and output blocks 4104 may be transmitted at 
the same time in parallel.  
O'Hare [0490]
To verify the integrity of the outputs blocks at recovery time, the secure data parser may compare the share integrity blocks of each share and then invert the split algorithm. The hash of the recovered data may then be verified against the share hash.[ for authentication; the recipient would perform the opposite of splitting, including verifying the hash]
O'Hare [0535] 
transmits the plurality of encrypted 
keys in a header of each of the two or more encrypted data set shares.  To restore the data set, at least one of the plurality of second encryption keys (e.g., the private keys) of the plurality of asymmetric key pairs are needed[for authentication]
).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Smith with the technique for generating and transmitting the header with metadata such as signatures and hashes of O'Hare to include
generating an update header comprising the signature, the root hash value, and a hash tree comprising first and second portion hash values, the first branch hash value, and the root hash value; 
transmitting the update header to a client device for authentication; 
One of ordinary skill in the art would have made this modification to improve the ability of the system to transfer metadata describing the software update release components to the client. The system (update server) of the primary reference can be modified to generate a header to include signatures and integrity hash tree 208 and transmit the header.

As per claim 2, the rejection of claim 1 is incorporated herein. 
However, Smith does not expressly disclose 
wherein the update comprises one or more binary files and wherein the target portion size comprises a fixed size.
O'Hare discloses 
wherein the data being transferred comprises one or more binary files and wherein the target portion size comprises a fixed size.
(See O'Hare Para. 
[0108] data splitting modules to divide sensitive data into undecipherable portions, and 
then transmit one or more undecipherable portions of the sensitive data to a 
particular data storage facility. 
O'Hare [0114] 
data splitting process 800 
may advantageously split the data among a wide number of data storage 
facilities through generation of additional random numbers.  The data may be 
split into any desired, selected, predetermined, or randomly assigned size 
unit, ……., the data unit sizes 
predetermined to be all of the same size,[ the target portion size comprises a fixed size]
O'Hare [0276] data splitting module, sometimes referred to herein as a secure data parser, 
O'Hare [0398] The secure data parser ….involves data in motion (i.e., transfer of data from one location to another).  ….  secure data parser may be used to parse 
outgoing messages (i.e., containing text, binary data, or 
ems.  FIG. 28 ….message 2704, which may be, for example, an email 
message, a binary data file (e.g., graphics, voice, video, etc.), or both.  
Message 2704 is parsed and split by secure data parser 2702 ….. resultant data portions may be communicated across 
one or more separate communications paths 
).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Smith with the technique for splitting binary data into equal portions for transfer of O'Hare to include 
wherein the update comprises one or more binary files and wherein the target portion size comprises a fixed size.
One of ordinary skill in the art would have made this modification to improve the ability of the system to transfer binary data, and to split such binary data into portions based on a fixed size of a portion. The system (update server 102) of the primary reference can be modified to split the software update data into equal portions of binary data, as taught in the O'Hare reference. Having a fixed size would simplify the transfer of the portions since there is no need to transfer the portion size data with each transferred portion, thereby saving bandwidth and time. 


Smith in view of O'Hare discloses transmitting one or more of the number of portions to the client device comprises: 
receiving a request to transmit the first portion from the client device; and transmitting the first portion without transmitting any other unrequested portions to the client device.
(See Smith Para. [0055]
update server 102 may distribute release components and other data on-demand, allowing a client computing device 104 to request a particular sub-set of the release components during software update and/or configuration. [The 1st portion is disclosed by package 402 in figure 4, and package 402 is a subset of the release components ]
[0016]
Thus, the system 100 may allow individual packages and/or bundles to be dynamically requested by a software update agent of a client computing device 104 as needed, for example in response to an assessment of a dependency graph at package installation. 
)

As per claim 6, the rejection of claim 5 is incorporated herein. 
Smith in view of O'Hare discloses wherein less than all of the number of portions are requested by the client device.
(See Smith Para. [0055]
update server 102 may distribute release components and other data on-demand, allowing a client computing device 104 to request a particular sub-set of the release components during software update and/or configuration. 
[0016]
may allow individual packages and/or bundles to be dynamically requested by a software update agent of a client computing device 104 as needed, for example in response to an assessment of a dependency graph at package installation. 
)

As per claim 7, the rejection of claim 5 is incorporated herein. 
Smith in view of O'Hare discloses further comprising transmitting the second branch hash value to the client device.
(See Smith Para. [0055]
In block 334, the update server 102 distributes ….. the integrity hash tree 208[the second branch hash value= parent hash node 426], ….., and the associated signatures 216 to the client computing devices 104. 
)

As per claim 8, Smith discloses 
A non-transitory program storage device comprising instructions stored thereon to cause one or more processors to: 
(See Smith Para. [0014]  
embodiments may also be implemented as instructions carried by or stored on one 
or more transitory or non-transitory machine-readable (e.g., computer-readable) 
storage media, which may be read and executed by one or more processors. 
[Smith Para. 20, hard disk drives disclose storage devices;
Smith para. 24 components of client are similar to corresponding components of update server]
)

receive, by a client device, an update, the update comprising a signature, a root hash value, and a hash tree containing portion hash values for each portion of a number of portions of an update;
(See Smith [ the update includes data that is distributed to the client, as described in Smith para. 55, such as integrity hash tree 208. Smith integrity hash tree 208 includes, as depicted in figure 4 and described in para. 45, hash values[root hash value and other portion hash values] for the packages of the divided software updates, thereby disclosing a root hash value, and a hash tree containing portion hash values for each portion of a number of portions of an update;  the software update portions, i.e. Smith packages, that correspond to the Smith hash values are shown in figure 4 as package 402, etc. and described in para. 45; The data distributed to the client (para. 55) also includes signatures 216, which discloses the signature]
Smith [0055]
In block 334, the update server 102 distributes ……the integrity hash tree 208, ……, and the associated signatures 216 to the client computing devices 104. 
 Smith [0045]
integrity hash tree 208 …… including ……. hash nodes 416, 418, 420, 422 are generated The root hash node 432 [a root hash value ] is generated by concatenating the hash nodes 428, 430 and then calculating a hash value
)

authenticate the update based on the signature and a public key; 
(See Smith 
[this is interpreted as using the signature to verify the root hash value;  the claim does not say update header itself has a signature based on a hash of the header]
Smith [0064]
verifies each relevant hash node of the integrity hash tree 208 with the associated signature 216. Verifying a hash node indicates that the value of the hash node has not been modified[authenticate the update] and thus verifies the integrity of the integrity hash tree 208 itself. The client computing device 104 may, for example, verify a Lamport one-time signature associated with each relevant hash node using an associated public key[authenticate the update header based on the signature and a public key;]. )

receive a first portion of number of portions of the update;
(See Smith Para. [0062]
In block 716, the client computing device 104 receives the requested release components from the update server 102 (e.g., the requested bundles, packages, files, or other release components). 
See Smith Para. [0055]
In block 334, the update server 102 distributes the release components of the software release 204, ….. To the client computing devices 104. 
Para. [0044]
The software release 204 illustratively includes four [number of portions = 4 in this example ]packages 402, 404[a first portion of number of portions of the update]
).

authenticate the first portion based on a comparison of a hash value of the first portion and the portion hash values in the hash tree; 
(See Smith Para. 63 In block 718, the client computing device 104 verifies the integrity of the received release components and the release version number using the integrity hash tree 208. For example, the client computing device 104 may calculate hash values of the received release components and release version number and compare those calculated values to the corresponding nodes of the integrity hash tree 208. If the release components and/or version number have been altered (e.g., due to transmission error, malicious interference, or otherwise), then the calculated hash values will not match the integrity hash tree 208. 
).

save the first portion to a memory location; 
(See Smith Para. [0024] 
Each client computing device 104…..capable of performing the functions described 
herein, ….. client computing device 104 includes …., a memory 146[memory location], 
a data storage device 148[memory location], 
0066]
The client computing device 104 may install the release components [the release components include the 1st portion which is the package 402 in figure 4] by updating the contents of the installed software release 254, updating a local software update cache[save the first portion] or update queue, or otherwise updating the client computing device 104
)

repeat the steps of receiving the portion, authenticating the portion, and 
saving the portion until a determination that the update has been received; and 
(See Smith Para. [0063]
the client computing device 104 determines whether the integrity of the release components ….. was successfully verified[a determination that the update has been received]. 
[0067] In block 732, the client computing device 104 determines whether 

update server 102.  For example, a software update agent may repeat [repeat the steps] determining which packages and/or bundles are actually necessary for the current client 
computing device 104 (e.g., if needed to resolve transitive dependencies) until 
the right subset of components are in place[until a determination that the update has been received].  If additional release components 
should be downloaded, the method 700 loops back to block 714 to request, 
verify, and install additional release components[repeat the steps of receiving the portion, authenticating the portion, and saving the portion].  If no additional release 
components remain[ a determination that the update has been received], the method 700 advances to block 734, in which …., the client 
computing device 104 may update the installed software release 254 
)

update software on the client device based on the received update.
(See Smith Para. 0066]
Referring back to block 728, if verified the method 700 advances to block 730, in which the client computing device 104 installs the received release components. ….. client computing device 104 may install the release components by updating the contents of the installed software release 254, updating a local software update cache or update queue, or otherwise updating the client computing device 104.
)

	However, Smith does not expressly disclose 
receive, by a client device, an update header, the update header comprising a signature, a root hash value, and a hash tree containing portion hash values for each portion of a number of portions of an update;
authenticate the update header based on the signature and a public key; 

O'Hare discloses  receive, by a client device, an update header, comprising signatures and other metadata such as hashes to support transfer of network data
(See O'Hare Para. [0528] If a sufficient number of shares have been 
received for restoration[receive, by a client device, an update header; the received shares include headers of the shares, and the headers include the signatures and hashes, see e.g., para. 483, 485-488, 490, as discussed above with respect to claim 1], the cryptographic sharing client of User 2 device 
4202b then restores the shared file
).
authenticate the update header 
(See O'Hare Para. [0488]
The share header may also include an encrypted header chunk, which is encrypted with the split encryption key. 
 [0472] In order to restore the data, split encryption key 3806 may be 
retrieved and restored.  The split 
operation may then be reversed to restore the ciphertext.  Encryption key 3804 
may also be retrieved and restored, and the ciphertext may then be decrypted 
using the encryption key.[ authenticate the update header; the header was encrypted by the sending party (e.g. user 1), and then user 2 decrypts the header, which authenticates the update header ]
See also para. 475


It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Smith with the technique for receiving and authenticating the header with metadata such as signatures and hashes of O'Hare to include 
receive, by a client device, an update header, the update header comprising a signature, a root hash value, and a hash tree containing portion hash values for each portion of a number of portions of an update;
	authenticate the update header based on the signature and a public key; 

As per claim 11, the rejection of claim 8 is incorporated herein. 
	However, Smith does not expressly disclose 
wherein a portion size of each portion of the number of portions is based on a fixed target portion size.
O'Hare discloses 
wherein a portion size of each portion of the number of portions is based on a fixed target portion size.
(See O'Hare Para. 
[0108] data splitting modules to divide sensitive data into undecipherable portions, and 
then transmit one or more undecipherable portions of the sensitive data to a 
particular data storage facility. 
O'Hare [0114] data splitting process 800 
may advantageously split the data among a wide number of data storage 
facilities through generation of additional random numbers.  The data may be 
split into any desired, selected, predetermined, or randomly assigned size 
predetermined to be all of the same size,[ the target portion size comprises a fixed size]
).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Smith with the technique for splitting data into equal portions for transfer of O'Hare to include 
wherein a portion size of each portion of the number of portions is based on a fixed target portion size.
One of ordinary skill in the art would have made this modification to improve the ability of the system to split data into portions based on a fixed size of a portion. The system (update server 102) of the primary reference can be modified to split the software update data into equal portions of data, as taught in the O'Hare reference. Having a fixed size would simplify the transfer of the portions since there is no need to transfer the portion size data with each transferred portion, thereby saving bandwidth and time. 


As per claim 16, the claim(s) is/are directed to a device with limitations which correspond to limitations of claim 8, and is/are rejected for the reasons detailed with respect to claim 8.  In addition, claim 16 recites, and Smith discloses: A device, the device comprising: a memory; a network interface; one or more processors operatively coupled to the memory, wherein the one or more processors are configured to execute non-transitory instructions causing the one or more processors to:
(See Smith Para. [0024]
Each client computing device 104 [device ]may be embodied as any type of computation or computer device …. …. a processor 140 ….., a memory 146, …… similar to the corresponding components of the update server 102, 

The communication subsystem 130 [network interface ]of the update server 102 [the client components are functionally similar to the corresponding server components] ….. enabling communications between the update server 102, the client computing devices 104, and/or other remote devices over the network 106. 
Smith [0014] 
implemented as instructions carried by or stored on ….non-transitory machine-readable (e.g., computer-readable) storage media, which may be read and executed by one or more processors.  
)

As per claim 19, the rejection of claim 16 is incorporated herein. 
However, Smith does not expressly disclose 
wherein a portion size of each portion of the number of portions is based on a fixed target portion size.
O'Hare discloses 
wherein a portion size of each portion of the number of portions is based on a fixed target portion size. 
(See O'Hare Para. 
[0108] data splitting modules to divide sensitive data into undecipherable portions[number of portions], and 
then transmit one or more undecipherable portions of the sensitive data to a 
particular data storage facility. 
O'Hare [0114] 
data splitting process 800 
may advantageously split the data among a wide number of data storage 

split into any desired, selected, predetermined, or randomly assigned size 
unit, ……., the data unit sizes 
may be selected or predetermined to be all of the same size,[ fixed target portion size]
).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Smith with the technique for splitting data into equal portions for transfer of O'Hare to include 
wherein a portion size of each portion of the number of portions is based on a fixed target portion size.
One of ordinary skill in the art would have made this modification to improve the ability of the system to transfer data, and to split such data into portions based on a fixed size of a portion. Having a fixed size would simplify the transfer and storage of data since the portion  size is known ahead of time and space can be pre-allocated with the predetermined size. The system (update server 102) of the primary reference can be modified to split the software update data into equal portions of binary data, as taught in the O'Hare reference. Having a fixed size would simplify the transfer of the portions since there is no need to transfer the portion size data with each transferred portion, thereby saving bandwidth and time. 


 
Claim 3 is/are rejected under 35 U.S.C. 103 as being unpatentable over Smith in view of O’Hare, in view of Leppanen et al. U.S. Publication 20020077094 (hereinafter “Leppanen”).
As per claim 3, the rejection of claim 1 is incorporated herein. 
Smith discloses receiving, from a client device, a request to transmit the release components from the update server to the client on demand, including sending only a particular subset of the release components
(See Smith Para. [0055]
update server 102 may distribute release components and other data on-demand, allowing a client computing device 104 to request a particular sub-set of the release components during software update and/or configuration..[Because  the client can request a subset of the release components that means that the server can just transmit exactly the portion that the client needs]
).
	However, the combination of Smith and O’Hare does not expressly disclose 
receiving a request to retransmit a first portion of the number of portions from the client device; and 
retransmitting the first portion without retransmitting any other unrequested portions to the client device.
Leppanen discloses receiving a request to retransmit and retransmitting a portion of a software update
(See Leppanen Para. [0016]
mobile station may request the erroneous frame or the whole software to be loaded [this means retransmitting ]again. When the whole software is loaded (possibly after repeating some frames), it can be activated for use.).

receiving a request to retransmit a first portion of the number of portions from the client device; and 
retransmitting the first portion without retransmitting any other unrequested portions to the client device.
One of ordinary skill in the art would have made this modification to improve the ability of the system to more efficiently transmit data by allowing a client request to only the portion that failed to transfer correctly and retransmitting only the portion that the client needs to the client. The system (update server) of the primary reference can be modified to receive a request from the client to retransmit a portion and retransmitting the requested portion to the client.
Claim 4 is/are rejected under 35 U.S.C. 103 as being unpatentable over Smith in view of O’Hare, in view of DeYoung et al. U.S. Publication 20060265590 (hereinafter “DeYoung”).
As per claim 4, the rejection of claim 1 is incorporated herein. 
Smith discloses wherein the signature is generated based on the root hash value,  and wherein the private key associated with a published public key. 
(See Smith Para. [0049]
In block 324, the update server 102 generates a signature 216 for each hash node of the integrity hash tree 208 [see figure 4 which shows the hash tree 208 including the root hash 432 ] using the one-time signature key pairs 212 ……the update server 102 generates a one-time signature of a hash node using the private key of the corresponding key pair 212. 
[0055]
In block 334, the update server 102 distributes …..the public keys of the authentication tree 214, and the associated signatures 216 to the client computing devices 104. [Distributing the public keys to multiple devices is publishing the public keys]
).
	However, the combination of Smith and O’Hare does not expressly disclose 
wherein the signature is generated based on the root hash value, versioning information, and metadata, and wherein the private key associated with a published public key.
DeYoung discloses wherein the signature is generated based on the versioning information, and metadata
(See DeYoung Para. 
[0022] Other information, such as 
URL reference to an original version[versioning information; This provides information on the original version; the claim does not specify what the versioning information includes] or any other desired metadata may also be input to the digital 
signature algorithm 28 before the digital signature is generated. 
).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Smith and O’Hare with the technique for adding version data and metadata to a signature digital signature being generated of DeYoung to include wherein the signature is generated based on the root hash value, versioning information, and metadata, and wherein the private key associated with a published public key.
One of ordinary skill in the art would have made this modification to improve the ability of the system to generate a digital signature with additional useful information such as the metadata and version information. The system (update server) of the primary reference can be modified to generate digital signature to include metadata and version information. 

Claims 9-10 and 17-18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Smith in view of O’Hare, in view of Byrne et al. U.S. Publication 20190149338 (hereinafter “Byrne”).
As per claim 9, the rejection of claim 8 is incorporated herein. 
Smith discloses a client computing hash values of received release components and comparing the computed hash values with the integrity hash tree 208 received from the server
(See Smith Para. [0063]
In block 718, the client computing device 104 verifies the integrity of the received release components and the release version number using the integrity hash tree 208. For example, the client computing device 104 may calculate hash values of the received release compare those calculated values to the corresponding nodes of the integrity hash tree 208. If the release components and/or version number have been altered (e.g., due to transmission error, malicious interference, or otherwise), then the calculated hash values will not match the integrity hash tree 208..
).
However, the combination of Smith and O’Hare does not expressly disclose 
wherein the instructions to authenticate the first portion further cause the one or more processors to: 
generate a first branch hash value, the first branch hash value comprising a hash of a concatenation of a first portion hash value and a second portion hash value;
generate a reconstructed root hash value by concatenating the first branch hash value and a second branch hash value; 
determine that the reconstructed root hash value is equal to the root hash value; and determine that the hash value of the first portion matches a portion hash value of the hash tree.

Byrne discloses 
generate a first branch hash value, the first branch hash value comprising a hash of a concatenation of a first portion hash value and a second portion hash value; 
generate a reconstructed root hash value by concatenating the first branch hash value and a second branch hash value; 
determine that the reconstructed root hash value is equal to the root hash value; and determine that the hash value of the first portion matches a portion hash value of the hash tree.
(See Byrne figure 2, [hash-chain on right side which is the reconstructed hash tree ]

Para. [0041]
FIG. 2 illustrates a hash-chain in a verification process. ……. The signature token contains data for reconstructing a path through the hash tree starting from a signed hash value (a leaf, e.g. X3 of FIG. 2) to the top hash value (X18 of FIG. 2). For example, letting X3 indicate the original data hash and y a new hash value of the same data of which integrity is to be verified. Then nodes X4, X12 [second branch hash value= X12 ]and X58 are needed with concatenation order information for generating y4[generate a reconstructed root hash value; reconstructed root hash value=y4], as illustrated by the hash-chain on right hand-side of FIG. 2. That is, y [a first portion hash value=y ]is first concatenated with X4 [second portion hash value= X4 ] and a hash value y2=h(y|X4) is calculated[generate a first branch hash value, the first branch hash value comprising a hash; first branch hash value= y2], which is used as input to the next hash step with X12, giving y3 and so on. If y4=X18[determine that the reconstructed root hash value is equal to the root hash value; root hash value= X18 ], then y must be equal with X3 [determine that the hash value of the first portion matches a portion hash value of the hash tree; a portion hash value of the hash tree= X3]and thus X3 must have been a part of the original hash-tree proofing that the data over which the hash X3 was generated has not been changed. Hence, if y4=X18[determine that the reconstructed root hash value is equal to the root hash value], then it is safe to assume that y4 was in the original hash tree (left-hand side of FIG. 2).
).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Smith and O’Hare with the technique for verifying nodes of a hash tree including the root node of Byrne to include 
wherein the instructions to authenticate the first portion further cause the one or more processors to: 
generate a first branch hash value, the first branch hash value comprising a hash of a concatenation of a first portion hash value and a second portion hash value;
generate a reconstructed root hash value by concatenating the first branch hash value and a second branch hash value; 
determine that the reconstructed root hash value is equal to the root hash value; and determine that the hash value of the first portion matches a portion hash value of the hash tree.

One of ordinary skill in the art would have made this modification to improve the ability of the system to verify that the client’s reconstructed hash values are correct in comparison to the received integrity hash tree 208’s hash values, and then to request software portions with incorrect hash values. The system of the primary reference can be modified to reconstruct the hash values at the client and compare the reconstructed hash values to the integrity hash tree 208, including the root node of the tree 208 and the nodes between the root node and bottom leaf (e.g. package) hash nodes, as taught in the Byrne reference.

As per claim 10, the rejection of claim 9 is incorporated herein. 
Smith discloses wherein the update further comprises a second branch hash value.
(See Smith [Smith integrity hash tree 208 includes, as depicted in figure 4 and described in para. 45, hash 426 from figure 4, which is a second branch hash value.]
)
However, Smith does not expressly disclose wherein the update header further comprises a second branch hash value. 
O'Hare discloses that a header includes multiple hash values or any suitable information

[0488]
An integrity header chunk, which may include integrity checks [O'Hare hashes are used for integrity checking and are included in the header ]for any number of the previous blocks (e.g., the previous two blocks) may also be included in the header. Any other suitable values or information may also be included in the share header.
O'Hare [0388] …… as portions of data are created using the secure data 
parser ……, to assure the integrity of the 
data within a portion, a hash value is taken at preset intervals within the 
portion and is appended to the end of the interval.  …….  Each portion of data …….. Is 
compared to the appended hash value or values and an action may be taken.
).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Smith with the technique for adding multiple hash values or any suitable data to a header of O'Hare to include wherein the update header further comprises a second branch hash value.
One of ordinary skill in the art would have made this modification to improve the ability of the system to provide multiple hash values to the recipient so that the recipient may verify the integrity of the data received. The system (e.g. update server) of the primary reference can be modified to include hash 426 from figure 4, which is a 2nd branch hash value, in a header of a package or other release component. Placing the 2nd branch hash value in the header allows the client to conveniently find the hash data.


As per claim 17, the claim(s) is/are directed to a device with limitations which correspond to limitations of claim 9, and is/are rejected for the reasons detailed with respect to claim 9. In and determining that the hash value of the first portion matches a portion hash value of the portion hash values. The integrity hash tree 208 of Smith includes portion hash values as depicted in Smith figure 4, e.g., hash 416 and 418, and argued with respect to claim 9.

As per claim 18, the rejection of claim 17 is incorporated herein. 
Smith discloses wherein the update further comprises a second branch hash value.
(See Smith [Smith integrity hash tree 208 includes, as depicted in figure 4 and described in para. 45, hash 426 from figure 4, which is a second branch hash value.
]
)
However, Smith does not expressly disclose wherein the update header further comprises a second branch hash value. 
O'Hare discloses that a header includes multiple hash values or any suitable information
(See O'Hare Para. 
[0488]
An integrity header chunk, which may include integrity checks[O'Hare hashes are used for integrity checking and are included in the header] for any number of the previous blocks (e.g., the previous two blocks) may also be included in the header. Any other suitable values or information may also be included in the share header.
O'Hare [0388] …… as portions of data are created using the secure data 
parser ……, to assure the integrity of the 
data within a portion, a hash value is taken at preset intervals within the 
portion and is appended to the end of the interval.  …….  Each portion of data (or alternatively, less than all portions of 
data according to some interval or by a random or pseudo-random sampling) is 
hash value or values and an action may be taken.).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Smith with the technique for adding multiple hash values or any suitable data to a header of O'Hare to include wherein the update header further comprises a second branch hash value.
One of ordinary skill in the art would have made this modification to improve the ability of the system to provide multiple hash values to the recipient so that the recipient may verify the integrity of the data received. The system (e.g. update server) of the primary reference can be modified to include hash 426 from figure 4, which is a 2nd branch hash value, in a header of a package or other release component. Placing the 2nd branch hash value in the header allows the client to conveniently find the hash data.


Claims 12-15 and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Smith in view of O’Hare, in view of Mosko et al. U.S. Publication 20160057189 (hereinafter “Mosko”).
As per claim 12, the rejection of claim 8 is incorporated herein. 
Smith discloses obtain current portion hash values for each portion of software on the client device;
(See Smith Para. [0063]
In block 718, the client computing device 104 verifies the integrity of the received release components and the release version number using the integrity hash tree 208[the integrity hash tree received from the server has hash values for each portion of software on the client device]. For example, the client computing device 104 may calculate hash values of the received release components[the client itself may also perform computations on the components on the client device to obtain current portion hash values for each portion of software on the client device;] and release version number and compare those calculated values to the corresponding nodes of the integrity hash tree 208. 208. 
)

Requesting and receiving only software portions that are needed
(See Smith Para. [0061]
For example, a software update agent of the client computing device 104 may determine one or more bundles, packages, and/or files that are necessary to update the current client computing device 104. The requested release components may correspond to installed bundles and/or packages of the installed software release 254, package dependencies, or other requirements. The request sent to the update server 102 may identify only the necessary release components, which may reduce the required network bandwidth as compared to retrieving the entire software release 204.
).
	However, the combination of Smith and O’Hare does not expressly disclose 
determine, based on a comparison between a first current portion hash value and a second portion hash values for an update, that the second portion is the same as the first current portion hash value; 
determine, based on a comparison between a second current portion hash value and a third portion hash values for an update, that the third portion is different from the second current portion hash value; 
send a request, to a server, for the third portion; and 
determine that the update has been received without receiving the second portion.
Mosko discloses receiving hash values of data from the server and comparing hash values of data already on the requesting device with the received hash values in order to determine what data to request for download 

hash of each chunk in the manifest 402 allows the requester to determine 
whether it already has an object or a segment of the object in its cache by 
comparing the Content Object hash values.  If an object is not yet covered by 
an outstanding request and the requestor already has the object in its cache, 
the requester can skip the download of that embedded object.  For example, 
embedded JavaScript file 406 ranges from s10 to s11 in the all-in-one stream, 
and if an initial request issues Interests up to chunk 9, then JavaScript file 
406 is not covered by the initial request.  In addition, based on the Content 
Object hashes of JavaScript file 406[second portion], the requester may determine that it 
already has JavaScript file 406 in its cache.  Hence, the requester can then 
skip the download of JavaScript file 406 while continuing to download 
subsequent content components [third portion ]within content collection 400. 
[0062] In addition, the requester can determine whether it already has one 
or more content components or chunks in its cache based on the Content Object 
hashes listed in the manifest, and if so, skip the download of these chunks.  
To improve the download efficiency, the requester 
can issue an Interest set [this is sending a request for downloading only those objects that the recipient does not already have ]
that excludes Interests foo/page/all-in-one/s10 and 
/foo/page/all-in-one/s11.  By doing so, the requester provides parameters to 
the responder so that the responder can configure which embedded objects[third portion] to be 
included in the download stream.  In this example, because the Interest set 
does not have Interests for chunks s10 and s11, these two chunks are excluded 

).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Smith and O’Hare with the technique for receiving hash values of data from the server and comparing hash values of data already on the requesting device with the received hash values in order to determine what data to request for download of Mosko to include 
determine, based on a comparison between a first current portion hash value and a second portion hash values for an update, that the second portion is the same as the first current portion hash value; 
determine, based on a comparison between a second current portion hash value and a third portion hash values for an update, that the third portion is different from the second current portion hash value; 
send a request, to a server, for the third portion; and 
determine that the update has been received without receiving the second portion.

One of ordinary skill in the art would have made this modification to improve the ability of the system to more efficiently utilize network resources by only requesting components that are needed. The system of the primary reference can be modified to have the update server send hash values, such as the integrity hash tree 208, before sending the actual software components, and the client can perform the comparisons of hash values of existing components on the client with the hash values from the integrity hash tree 208 before deciding which components to request for download. Note also that para. 61 off Smith says to “identify only the necessary release components, which may reduce the required network bandwidth” for download.


Smith discloses obtain a current second portion hash value for a portion of software on the client device;
(See Smith Para. [0063]
client computing device 104 may calculate hash values of the received release components[obtain a current second portion hash value for a portion of software on the client device]  and compare those calculated values to the corresponding nodes of the integrity hash tree 208. 208. 
).
	However, the combination of Smith and O’Hare does not expressly disclose:
determine, based on a comparison between the current second portion hash value and hash values in the hash tree, that the current second portion does not need to be updated; and 	wherein updating software comprises updating the first portion without updating the second portion based on the determination that the current second portion does not need to be updated.
Mosko discloses receiving hash values of data from the server and comparing hash values of data already on the requesting device with the received hash values in order to determine what data to request for download
(See Mosko Para. [0053] including the Content Object 
hash of each chunk in the manifest 402 allows the requester to determine 
whether it already has an object or a segment of the object in its cache by 
comparing the Content Object hash values.  If an object is not yet covered by 
an outstanding request and the requestor already has the object in its cache, 
the requester can skip the download of that embedded object.  For example, 
embedded JavaScript file 406 ranges from s10 to s11 in the all-in-one stream, 
and if an initial request issues Interests up to chunk 9, then JavaScript file 
based on the Content 
Object hashes of JavaScript file 406, the requester may determine that it 
already has JavaScript file 406 in its cache.  Hence, the requester can then 
skip the download of JavaScript file 406 while continuing to download 
subsequent content components within content collection 400. 
[0062] In addition, the requester can determine whether it already has one 
or more content components or chunks in its cache based on the Content Object 
hashes listed in the manifest, and if so, skip the download of these chunks.  
For example, by comparing the Content Object hashes, the requester may find 
that it already has JavaScript file File1.js[second portion], which occupies chunks s10 and s11 in the all-in-one stream.  To improve the download efficiency, the requester 
can issue an Interest set [this is sending a request for downloading only those objects that the recipient does not already have ]
that excludes Interests foo/page/all-in-one/s10 and 
/foo/page/all-in-one/s11.  By doing so, the requester provides parameters to 
the responder so that the responder can configure which embedded objects[first portion] to be included in the download stream.  In this example, because the Interest set does not have Interests for chunks s10 and s11, these two chunks are excluded 
from the download stream. 
).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Smith and O’Hare with the technique for receiving hash values of data from the server and comparing hash values of data already on the requesting device with the received hash values in order to determine what data to request for download of Mosko to include 
determine, based on a comparison between the current second portion hash value and hash values in the hash tree, that the current second portion does not need to be updated; and 	wherein updating software comprises updating the first portion without updating the second portion based on the determination that the current second portion does not need to be updated.
One of ordinary skill in the art would have made this modification to improve the ability of the system to more efficiently utilize network resources by only requesting components that are needed. The system of the primary reference can be modified to have the update server send hash values, such as the integrity hash tree 208, before sending the actual software components, and the client can perform the comparisons of hash values of existing components on the client with the hash values from the integrity hash tree 208 before deciding which components to request for download. Note also that para. 61 of Smith says to “identify only the necessary release components, which may reduce the required network bandwidth” for download.

As per claim 14, the rejection of claim 8 is incorporated herein. 
	However, the combination of Smith and O’Hare does not expressly disclose wherein portions of the update are received in any order.
Mosko discloses receiving portions of a download in different orders according to different goals
(See Mosko Para. [0071]
 while constructing the stream, the content provider can order the 
content components in a way that optimizes a system feature, such as 
facilitating faster rendering by the client.  In further embodiments, content 
components that are required for the beginning of rendering, such as HTML files 
in the case of a webpage, are placed at the beginning of the stream, thus 
newest (the most recently modified) content components at the beginning of the 
stream in order to minimize the number of chunks that need to be transferred, 
as the client may already has some of the older components.  
).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Smith and O’Hare with the technique for receiving portions of a download in different orders according to different goals of Mosko to include wherein portions of the update are received in any order.
One of ordinary skill in the art would have made this modification to improve the ability of the system to modify the download order of the various components of the software update, in order to achieve a certain goal, such as optimizing delivery time or optimizing delivery such that components that are higher priority are delivered first. The system of the primary reference can be modified so that the update server sends portions of the software update according to different orderings based on various goals for the transmission of data.


	Smith discloses 
wherein the instructions further cause the one or more processors to: 
determine, based on a comparison between the current second portion hash value and hash values in the hash tree
(See Smith Para. [0063]
client computing device 104 may calculate hash values of the received release components and release version number and compare those calculated values to the corresponding nodes of the integrity hash tree 208. 
)
However, the combination of Smith and O’Hare does not expressly disclose 
obtain a current second portion hash value for a portion of software on the client device, the current second portion corresponding to a reference portion of the software on the client device; 
determine, based on a comparison between the current second portion hash value and hash values in the hash tree, that the current second portion does not need to be updated; and 	
determine to update software on the client device based on the determination that the current second portion does not need to be updated.

Mosko discloses based on a hash value comparison, that a software portion (e.g., JavaScript code reference portion) does not need to be downloaded but instead download other portions of the divided content, including downloading another software portion (e.g., JavaScript code)
(See Mosko Para. [0053] including the Content Object 
hash of each chunk in the manifest 402 allows the requester to determine 
whether it already has an object or a segment of the object in its cache by 
comparing the Content Object hash values.  If an object is not yet covered by 
an outstanding request and the requestor already has the object in its cache, 
the requester can skip the download of that embedded object.  For example, 
embedded JavaScript file 406 [the current second portion= JavaScript file 406; a reference portion of the software on the client device  = JavaScript file 406; JavaScript file 406 is a reference portion because a JavaScript file is referenced by a respective markup document (e.g., para. 46 where markup document 302 references JavaScript 304). JavaScript file 406 is embedded object (para. 53, 54), referenced by a markup document (para. 54)]ranges from s10 to s11 in the all-in-one stream, and if an initial request issues Interests up to chunk 9, then JavaScript file 
406 is not covered by the initial request.  In addition, based on the Content 
Object hashes of JavaScript file 406, the requester may determine that it 
already has JavaScript file 406 in its cache.  Hence, the requester can then 
skip [ the current second portion does not need to be updated ]the download of JavaScript file 406 while continuing to download 
subsequent content components within content collection 400. 
Mosko [0050]
FIG. 4, a content collection (which can include all content of a web page) 400 includes …. A JavaScript file (File1.js) 406, a JavaScript file (File2.ls) 408
[determine to update software on the client device; JavaScript file 406 and JavaScript file 408 are both in content collection 400, and JavaScript file 406 is not downloaded based on the hash comparison, but JavaScript file 408, which is software, is downloaded and the downloading discloses update software on the client device]
Mosko [0062] In addition, the requester can determine whether it already has one 
or more content components or chunks in its cache based on the Content Object 

For example, by comparing the Content Object hashes, the requester may find 
that it already has JavaScript file File1.js, which occupies chunks s10 and s11 
in the all-in-one stream.  To improve the download efficiency, the requester 
can issue an Interest set [this is sending a request for downloading only those objects that the recipient does not already have ]
that excludes [that the current second portion does not need to be updated ]Interests foo/page/all-in-one/s10 and 
/foo/page/all-in-one/s11.  By doing so, the requester provides parameters to 
the responder so that the responder can configure which embedded objects to be 
included in the download stream.  In this example, because the Interest set 
does not have Interests for chunks s10 and s11, these two chunks are excluded 
from the download stream. 
).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Smith and O’Hare with the technique for, determining, based on a hash value comparison, that a software portion does not need to be downloaded but instead download other portions of the divided content, including downloading another software portion of Mosko to include 
wherein the instructions further cause the one or more processors to: 
obtain a current second portion hash value for a portion of software on the client device, the current second portion corresponding to a reference portion of the software on the client device; 
determine, based on a comparison between the current second portion hash value and hash values in the hash tree, that the current second portion does not need to be updated; and 	
determine to update software on the client device based on the determination that the current second portion does not need to be updated.
One of ordinary skill in the art would have made this modification to improve the ability of the system to selectively download software code portions. The system (e.g. client) of the primary reference may be modified to download a software code portion even when other software portions do not need to be downloaded. Further, the system can utilize network bandwidth more efficiently by not downloading the software code portions that are not needed to be downloaded as indicated by a hash value comparison.


As per claim 20, the claim(s) is/are directed to a device with limitations which correspond to limitations of claim 12, and is/are rejected for the reasons detailed with respect to claim 12.





Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HOWARD H LOUIE whose telephone number is 571-272-0036.  The examiner can normally be reached on Monday-Friday 9 AM-5 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung W. Kim can be reached on 571-272-3804.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/HOWARD H. LOUIE/Examiner, Art Unit 2494                                                                                                                                                                                                        
/JUNG W KIM/Supervisory Patent Examiner, Art Unit 2494