DETAILED ACTION
1. 	This Non-Final Office Action is in response to application filed on 05/21/2020.  	Claims 1-20 are being considered on the merits. 	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
Drawings
2. 	The drawings filed on 05/21/2020 are accepted. 
Information Disclosure Statement
3.	The information disclosure statement (IDS) submitted on 05/21/2020 has been considered. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, an initialed and dated copy of the Applicant’s IDS form 1449 filed on 05/21/2020 is attached to this office action.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


4.	Claims 1-2, 9-14 and 19-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by US Pub. No. US 2017/0006469 A1 to Palanigounder, (hereinafter, “Palan”).
As per claim 1, Palan teaches a method for a serving network to selectively employ perfect forward security (PFS) based on an indication from a home network, the method comprising: 
(Palan, para. [0053] “FIG. 6, with further reference to FIGS. 2, 4 and 5, a call flow diagram 600 of another example authentication procedure with perfect forward secrecy (PFS) is shown. The diagram 600 represents an alternative security procedures which may be used by a communication system 200, thus the diagram 600 includes a UE 202 (e.g., a mobile device 100), a network 602, and a home network 604. The network 602 may include an eNodeB (eNB) 204 and an MME 206…Upon receipt of the request, the MME 206 is configured to request authentication vectors from the home network 604 (e.g., the HSS 208). The MME 206 generates the PFS authentication info request message 512 (e.g., including the MME (SN) PFS informational element) and provides it to the home network 604. The home network 604 (e.g. the HSS 208) is configured to receive the PFS authentication info request message 512 and determine if the network 602 support the PFS property. The HSS 208 generates the PFS authentication info response message 514 including an Authentication Vector (AV). The AV in the PFS authentication info response message 514 includes the authentication token with the PFS bit described above, (AUTN), the expected response (XRES) value, the random number (RAND) value, and the Key Access Security Management Entity (K.sub.ASME) value.”); 
determining, by the serving network, whether the PFS indicator indicates that the home network has instructed the serving network to employ PFS for communications with a piece of user equipment (Palan, para. [0055] “the UE 202 is configured to determine if the PFS bit in AUTN value indicates the PFS property is supported, and determine if the MME public key (i.e., DHEpubKey.sub.MME) is present in the PFS NAS authentication request message 616.” And para. [0056] “The UE 202 is also configured to determine if the AUTN value is fresh, as previously described. If the AUTN value is accepted, and the PFS bit is set, and then the MME public key (i.e., DHEpubKey.sub.MME) is present, then the UE 202 (user equipment) computes a RES value and provides a PFS NAS authentication response message 518 to the MME 206, including the RES value and the UE public key value (i.e., DHEpubKey.sub.UE).” and para. [0057] “the MME 206 (serving network) is configured to determine if the RES value equals the XRES value, and then derive a Diffie-Hellman shared key (i.e., sharedDHEkey) based on the received UE public key (i.e., DHEpubKey.sub.UE in the PFS NAS authentication response message 518). The shared key is then bound to the K.sub.ASME value received from the HSS 208 and the bound key is used to protect all subsequent NAS traffic.”); and 
performing, by the serving network, a PFS procedure with the piece of user equipment in response to determining that the PFS indicator indicates that the home network has instructed the serving network to employ PFS for communications with the piece of user equipment (Palan, para. [0058] “The MME 206 sends a PFS NAS SMC message 620, including confidentiality and integrity algorithms.” And para.  [0059] If the checks of the based on the PFS NAS SMC message 620 pass (e.g., the UE security capabilities sent by the MME match the ones stored in the UE, and the integrity protection uses the indicated NAS integrity algorithm and the NAS integrity key based on K'.sub.ASME), the UE 202 is configured to respond with a PFS NAS Security Mode Complete message 522. The UE 202 is configured to execute NAS integrity protection and ciphering/deciphering based on K'.sub.ASME, and to send the PFS NAS security mode complete message 522 to MME 206 ciphered and integrity protected. The MME 206 is configured to de-cipher and check the integrity protection on the PFS NAS Security Mode Complete message 522 using keys based on K'.sub.ASME and other algorithms indicated in the PFS NAS SMC message 620.”).

As per claim 2, Palan teaches the method of claim 1, wherein the PFS procedure includes a Diffie-Hellman key exchange procedure that generates a secret key (Palan, para. [0057] “the MME 206 is configured to determine if the RES value equals the XRES value, and then derive a Diffie-Hellman shared key (i.e., sharedDHEkey) based on the received UE public key (i.e., DHEpubKey.sub.UE in the PFS NAS authentication response message 518).”).
As per claim 9, Palan teaches the method of claim 1, further comprising: transmitting, by the serving network, an authentication request to the home network for the piece of user equipment, wherein the PFS indicator and the authentication information are received from the home network in response to the authentication request (Palan, para. [0053] “Upon receipt of the request, the MME 206 is configured to request authentication vectors from the home network 604 (e.g., the HSS 208). The MME 206 generates the PFS authentication info request message 512 (e.g., including the MME (SN) PFS informational element) and provides it to the home network 604.”). 

As per claim 10, Palan teaches the method of claim 9, wherein the PFS indicator and the authentication information are included in the same message transmitted from the home network (Palan, para. [0053] “The home network 604 (e.g. the HSS 208) is configured to receive the PFS authentication info request message 512 and determine if the network 602 support the PFS property. If PFS is supported, at stage 526 the HSS 208 is configured to generate the authentication token (AUTN) including the PFS bit discussed in FIG. 5. If the network 602 does not support the PFS property, then the PFS bit is set to an value to indicate that PFS is not supported and the standard AKA protocol will be used (e.g., the Boolean bit is set to zero). The HSS 208 generates the PFS authentication info response message 514 including an Authentication Vector (AV). The AV in the PFS authentication info response message 514 includes the authentication token with the PFS bit described above, (AUTN), the expected response (XRES) value, the random number (RAND) value, and the Key Access Security Management Entity (K.sub.ASME) value.”).

As per claim 11, Palan teaches the method of claim 1, wherein the home network is a network to which a user of the piece of the user equipment is a subscriber but is not currently connected and the serving network is separate from the home network and the piece of user equipment with which the home network is attempting to connect, and wherein the PFS indicator is set by the home network based on one or more of a subscription level of the user of the piece of user equipment, capabilities of the piece of user equipment, and capabilities of the home network or the serving network (Palan, para. [0053] “The diagram 600 represents an alternative security procedures which may be used by a communication system 200, thus the diagram 600 includes a UE 202 (e.g., a mobile device 100), a network 602, and a home network 604. The network 602 may include an eNodeB (eNB) 204 and an MME 206. The home network 604 includes at least the HSS 208 that is assumed to support AKA with a PFS property. The call flow diagram 600 improves the authentication and key agreement (AKA) procedure described in FIG. 4 by adding a perfect forward secrecy (PFS) property…The home network 604 (e.g. the HSS 208) is configured to receive the PFS authentication info request message 512 and determine if the network 602 support the PFS property. If PFS is supported, at stage 526 the HSS 208 is configured to generate the authentication token (AUTN) including the PFS bit discussed in FIG. 5. If the network 602 does not support the PFS property, then the PFS bit is set to an value to indicate that PFS is not supported and the standard AKA protocol will be used (e.g., the Boolean bit is set to zero).” And para. [0059] “If the checks of the based on the PFS NAS SMC message 620 pass (e.g., the UE security capabilities sent by the MME match the ones stored in the UE, and the integrity protection uses the indicated NAS integrity algorithm and the NAS integrity key based on K'.sub.ASME), the UE 202 is configured to respond with a PFS NAS Security Mode Complete message 522.”).
As per claim 12, Palan teaches the method of claim 1, wherein the serving network is within the home network (Palan, para. [0053] “Referring to FIG. 6, with further reference to FIGS. 2, 4 and 5, a call flow diagram 600 of another example authentication procedure with perfect forward secrecy (PFS) is shown. The diagram 600 represents an alternative security procedures which may be used by a communication system 200, thus the diagram 600 includes a UE 202 (e.g., a mobile device 100), a network 602, and a home network 604. The network 602 may include an eNodeB (eNB) 204 and an MME 206. The home network 604 includes at least the HSS 208 that is assumed to support AKA with a PFS property.”).

As per claim 13, Palan teaches a network device to function as a switch in a serving software-defined networking (SDN) network to selectively employ perfect forward security (PFS) based on an indication from a home network, the network device comprising: 
a set of one or more processors (Palan, para. [0036] “The computer system 300 is shown comprising hardware elements that can be electrically coupled via a bus 305 (or may otherwise be in communication, as appropriate). The hardware elements may include one or more processors 310, including without limitation one or more general-purpose processors and/or one or more special-purpose processors”); and 
a non-transitory machine-readable storage medium having stored therein an access and mobility management function, which when executed by the set of one or more processors, causes the switch to receive a PFS indicator from the home network, determine whether the PFS indicator indicates that the home network has instructed the serving network to employ PFS for communications with a piece of user equipment (Palan, para. [0053] “the MME 206 is configured to request authentication vectors from the home network 604 (e.g., the HSS 208). The MME 206 generates the PFS authentication info request message 512 (e.g., including the MME (SN) PFS informational element) and provides it to the home network 604. The home network 604 (e.g. the HSS 208) is configured to receive the PFS authentication info request message 512 and determine if the network 602 support the PFS property. The HSS 208 generates the PFS authentication info response message 514 including an Authentication Vector (AV). The AV in the PFS authentication info response message 514 includes the authentication token with the PFS bit described above, (AUTN), the expected response (XRES) value, the random number (RAND) value, and the Key Access Security Management Entity (K.sub.ASME) value.” And para. [0055] “the UE 202 is configured to determine if the PFS bit in AUTN value indicates the PFS property is supported, and determine if the MME public key (i.e., DHEpubKey.sub.MME) is present in the PFS NAS authentication request message 616.” And para. [0056] “The UE 202 is also configured to determine if the AUTN value is fresh, as previously described. If the AUTN value is accepted, and the PFS bit is set, and then the MME public key (i.e., DHEpubKey.sub.MME) is present, then the UE 202 (user equipment) computes a RES value and provides a PFS NAS authentication response message 518 to the MME 206, including the RES value and the UE public key value (i.e., DHEpubKey.sub.UE).” and para. [0057] “the MME 206 (serving network) is configured to determine if the RES value equals the XRES value, and then derive a Diffie-Hellman shared key (i.e., sharedDHEkey) based on the received UE public key (i.e., DHEpubKey.sub.UE in the PFS NAS authentication response message 518). The shared key is then bound to the K.sub.ASME value received from the HSS 208 and the bound key is used to protect all subsequent NAS traffic.”), and 
perform a PFS procedure with the piece of user equipment in response to determining that the PFS indicator indicates that the home network has instructed the serving network to employ PFS for communications with the piece of user equipment (Palan, para. [0058] “The MME 206 sends a PFS NAS SMC message 620, including confidentiality and integrity algorithms.” And para.  [0059] If the checks of the based on the PFS NAS SMC message 620 pass (e.g., the UE security capabilities sent by the MME match the ones stored in the UE, and the integrity protection uses the indicated NAS integrity algorithm and the NAS integrity key based on K'.sub.ASME), the UE 202 is configured to respond with a PFS NAS Security Mode Complete message 522. The UE 202 is configured to execute NAS integrity protection and ciphering/deciphering based on K'.sub.ASME, and to send the PFS NAS security mode complete message 522 to MME 206 ciphered and integrity protected. The MME 206 is configured to de-cipher and check the integrity protection on the PFS NAS Security Mode Complete message 522 using keys based on K'.sub.ASME and other algorithms indicated in the PFS NAS SMC message 620.”).
As per claim 14, Palan teaches the network device of claim 13, wherein the PFS procedure includes a Diffie-Hellman key exchange procedure that generates a secret key (Palan, para. [0057] “the MME 206 is configured to determine if the RES value equals the XRES value, and then derive a Diffie-Hellman shared key (i.e., sharedDHEkey) based on the received UE public key (i.e., DHEpubKey.sub.UE in the PFS NAS authentication response message 518).”).
As per claim 19, Palan teaches the network device of claim 13, wherein the access and mobility management function, when executed by the set of one or more processors further causes the switch to transmit an authentication request to the home network for the piece of user equipment, wherein the PFS indicator and the authentication information are received from the home network in response to the authentication request, wherein the PFS indicator and the authentication information are included in the same message transmitted from the home network (Palan, para. [0053] “Upon receipt of the request, the MME 206 is configured to request authentication vectors from the home network 604 (e.g., the HSS 208). The MME 206 generates the PFS authentication info request message 512 (e.g., including the MME (SN) PFS informational element) and provides it to the home network 604. The home network 604 (e.g. the HSS 208) is configured to receive the PFS authentication info request message 512 and determine if the network 602 support the PFS property. If PFS is supported, at stage 526 the HSS 208 is configured to generate the authentication token (AUTN) including the PFS bit discussed in FIG. 5. If the network 602 does not support the PFS property, then the PFS bit is set to an value to indicate that PFS is not supported and the standard AKA protocol will be used (e.g., the Boolean bit is set to zero). The HSS 208 generates the PFS authentication info response message 514 including an Authentication Vector (AV). The AV in the PFS authentication info response message 514 includes the authentication token with the PFS bit described above, (AUTN), the expected response (XRES) value, the random number (RAND) value, and the Key Access Security Management Entity (K.sub.ASME) value.”).
As per claim 20, Palan teaches a non-transitory machine-readable medium having computer code stored therein, which when executed by a set of one or more processors of a network device functioning as a switch in a serving software-defined networking (SDN) network (Palan, para. [0037] “The computer system 300 may further include (and/or be in communication with) one or more non-transitory storage devices 325” and para. [0040] “A set of these instructions and/or code might be stored on a computer-readable storage medium, such as the storage device(s) 325 described above. In some cases, the storage medium might be incorporated within a computer system, such as the computer system 300.”), causes the switch to selectively employ perfect forward security (PFS) based on an indication from a home network, the operations comprising: 
receiving a PFS indicator from the home network (Palan, para. [0053] “FIG. 6, with further reference to FIGS. 2, 4 and 5, a call flow diagram 600 of another example authentication procedure with perfect forward secrecy (PFS) is shown. The diagram 600 represents an alternative security procedures which may be used by a communication system 200, thus the diagram 600 includes a UE 202 (e.g., a mobile device 100), a network 602, and a home network 604. The network 602 may include an eNodeB (eNB) 204 and an MME 206…Upon receipt of the request, the MME 206 is configured to request authentication vectors from the home network 604 (e.g., the HSS 208). The MME 206 generates the PFS authentication info request message 512 (e.g., including the MME (SN) PFS informational element) and provides it to the home network 604. The home network 604 (e.g. the HSS 208) is configured to receive the PFS authentication info request message 512 and determine if the network 602 support the PFS property. The HSS 208 generates the PFS authentication info response message 514 including an Authentication Vector (AV). The AV in the PFS authentication info response message 514 includes the authentication token with the PFS bit described above, (AUTN), the expected response (XRES) value, the random number (RAND) value, and the Key Access Security Management Entity (K.sub.ASME) value.”); 
determining whether the PFS indicator indicates that the home network has instructed the serving network to employ PFS for communications with a piece of user equipment (Palan, para. [0055] “the UE 202 is configured to determine if the PFS bit in AUTN value indicates the PFS property is supported, and determine if the MME public key (i.e., DHEpubKey.sub.MME) is present in the PFS NAS authentication request message 616.” And para. [0056] “The UE 202 is also configured to determine if the AUTN value is fresh, as previously described. If the AUTN value is accepted, and the PFS bit is set, and then the MME public key (i.e., DHEpubKey.sub.MME) is present, then the UE 202 (user equipment) computes a RES value and provides a PFS NAS authentication response message 518 to the MME 206, including the RES value and the UE public key value (i.e., DHEpubKey.sub.UE).” and para. [0057] “the MME 206 (serving network) is configured to determine if the RES value equals the XRES value, and then derive a Diffie-Hellman shared key (i.e., sharedDHEkey) based on the received UE public key (i.e., DHEpubKey.sub.UE in the PFS NAS authentication response message 518). The shared key is then bound to the K.sub.ASME value received from the HSS 208 and the bound key is used to protect all subsequent NAS traffic.”); and 
performing a PFS procedure with the piece of user equipment in response to determining that the PFS indicator indicates that the home network has instructed the serving network to employ PFS for communications with the piece of user equipment (Palan, para. [0058] “The MME 206 sends a PFS NAS SMC message 620, including confidentiality and integrity algorithms.” And para.  [0059] If the checks of the based on the PFS NAS SMC message 620 pass (e.g., the UE security capabilities sent by the MME match the ones stored in the UE, and the integrity protection uses the indicated NAS integrity algorithm and the NAS integrity key based on K'.sub.ASME), the UE 202 is configured to respond with a PFS NAS Security Mode Complete message 522. The UE 202 is configured to execute NAS integrity protection and ciphering/deciphering based on K'.sub.ASME, and to send the PFS NAS security mode complete message 522 to MME 206 ciphered and integrity protected. The MME 206 is configured to de-cipher and check the integrity protection on the PFS NAS Security Mode Complete message 522 using keys based on K'.sub.ASME and other algorithms indicated in the PFS NAS SMC message 620.”).

 Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.



s 3-8 and 15-18 are rejected under 35 U.S.C. 103 as being unpatentable over Palan, as disclosed above, in view of US Pub. No. US 2016/0255070 A1 to Naslund, (hereinafter, “Naslund”), as disclosed in IDS submitted on 05/21/2020.

As per claim 3, Palan teaches the method of claim 2, however fails to explicitly teach but Naslund teaches, further comprising: transmitting, by the serving network to the home network, one or more keys in a set of secret keys, wherein the set of secret keys includes the secret key and keys generated using the secret key (Naslund, para. [0100] “In an authentication of the type shown in FIG. 1 and described above, a secret key K, with advantage pre-shared, is used both in the user equipment and in the network.” And para. [0145] “the communication network 36 is the first wireless network WN1 and the first network device 44 is the MME of the first wireless network.”  para. [0147] “After having obtained the authentication vector, the first network device (serving network) then obtains a first PFS parameter PFS1, step 76, which first PFS parameter PFS1 may be obtained through generation as a base value g raised with a random value x, i.e. as ĝx, where the random value x may be generated by the first network device 44… The first verification code VC1 may be generated as a Message Authentication Code (MAC) over the first PFS parameter PFS1 using a known key of the authentication vector, such as XRES or the initial session key Kasme, as key. When the second network device 46 generates the first verification code, the RAND value is based on the first PFS parameter PFS1.” And para. [0148] “the RAND value may be generated by the second network device 46 as the first PFS parameter PFS1 or as a hash of the first PFS parameter PFS1, such as a cryptographic hash. Thereby it is possible, e.g. by the UE, to use the challenge verification code AUTN also as the first verification code VC1 for the first PFS parameter PFS1. Here it may also be mentioned that RAND in both these examples is in fact a challenge to the USIM 48 of the UE.”).
(Naslund, para. [0011]). 

As per claim 4, the combination of Palan and Naslund teach the method of claim 3, further comprising: 
generating, by the serving network, a plurality of secondary keys based on the secret key (Palan, para. [0054] “The UE 202 and the MME 206 are configured to generate respective pairs of public and private Ephemeral Diffie-Hellman (DHE) keys at stage 521 and 524, respectively. The UE 202 is configured to generate a UE private key value (DHEpriKey.sub.UE) and a UE public key value (DHEpubKey.sub.UE). The MME 206 is configured to generate a MME private key value (DHEpriKey.sub.MME) and a MME public key value (DHEpubKey.sub.MME). The private keys (DHEpriKey.sub.UE, DHEpriKey.sub.MME) are typically generated using a cryptographically secure pseudo-random number generator (CSPRNG), but other confidential information available to the respective systems may be used. The corresponding public keys may be generated in a similar non-deterministic manner by the respective systems. The DHE key pairs may be selected and generated (e.g., precomputed) in advance by the UE 202 and the MME 206 to reduce the impact of a potential network attack (e.g., processing delays due to generating the DHE keys). It should be noted that the MME may generates its DHE pairs any time before stage 524 and the UE may generates its DHE pairs at any time before stage 521.”), 
(Palan, para. [0055] “The UE 202 and the MME 206 are configured to exchange their public keys during AKA authentication procedures and each derive a shared key (e.g., sharedDHkey). In contrast to the PFS NAS authentication request message 516 in FIG. 5, in the call flow in FIG. 6 the MME 206 generates a PFS NAS authentication request message 616 including the AUTN and RAND values received from the HSS 208, the NAS Key Set Identifier (KSI.sub.ASME) based on the received K.sub.ASME value, as well as the MME public key (i.e., DHEpubKey.sub.MME). At stage 628, the UE 202 is configured to determine if the PFS bit in AUTN value indicates the PFS property is supported, and determine if the MME public key (i.e., DHEpubKey.sub.MME) is present in the PFS NAS authentication request message 616.”), 
wherein a second secondary key in the plurality of secondary keys is generated using the first key definition function that takes the secret key and a second value as inputs (Palan, para. [0057] “At stage 530 the MME 206 is configured to determine if the RES value equals the XRES value, and then derive a Diffie-Hellman shared key (i.e., sharedDHEkey) based on the received UE public key (i.e., DHEpubKey.sub.UE in the PFS NAS authentication response message 518). The shared key is then bound to the K.sub.ASME value received from the HSS 208 and the bound key is used to protect all subsequent NAS traffic. For example, a bound key may be designated as K'.sub.ASME (e.g., K.sub.ASME-prime) and may be generated based on a key derivation function (KDF) of K.sub.ASME and the shared key. That is, K'.sub.ASME=KDF (K.sub.ASME, sharedDHEkey). The KDF may be a cryptographic hashing function (e.g., SHA256, SHA512, SHA3, etc. . . . ). The resulting K'.sub.ASME value may be used as the K.sub.ASME value in the LTE network. At stage 632, the UE 202 is configured to derive the Diffie-Hellman shared key (e.g., sharedDHEkey) based on the MME public key (e.g., DHEpubKey.sub.MME). The sharedDHEkey is then bound to the K.sub.ASME value (e.g., as identified by the KSI.sub.ASME value) to create the K'.sub.ASME as described above. The resulting K'.sub.ASME value may be used as the K.sub.ASME value in the subsequent LTE security procedures.”), and 
wherein the plurality of secondary keys are included in the set of secret keys (Palan, para. [0059] “If the checks of the based on the PFS NAS SMC message 620 pass (e.g., the UE security capabilities sent by the MME match the ones stored in the UE, and the integrity protection uses the indicated NAS integrity algorithm and the NAS integrity key based on K'.sub.ASME), the UE 202 is configured to respond with a PFS NAS Security Mode Complete message 522. The UE 202 is configured to execute NAS integrity protection and ciphering/deciphering based on K'.sub.ASME, and to send the PFS NAS security mode complete message 522 to MME 206 ciphered and integrity protected. The MME 206 is configured to de-cipher and check the integrity protection on the PFS NAS Security Mode Complete message 522 using keys based on K'.sub.ASME and other algorithms indicated in the PFS NAS SMC message 620.”).

As per claim 5, the combination of Palan and Naslund teach the method of claim 4, wherein the first secondary key in the plurality of secondary keys is assigned for communications between the serving network and the piece of user equipment and the second secondary key in the plurality of secondary keys is assigned for communications between the home network and the piece of user equipment (Palan, para. [0055] “The UE 202 and the MME 206 are configured to exchange their public keys during AKA authentication procedures and each derive a shared key (e.g., sharedDHkey). In contrast to the PFS NAS authentication request message 516 in FIG. 5, in the call flow in FIG. 6 the MME 206 generates a PFS NAS authentication request message 616 including the AUTN and RAND values received from the HSS 208, the NAS Key Set Identifier (KSI.sub.ASME) based on the received K.sub.ASME value, as well as the MME public key (i.e., DHEpubKey.sub.MME). At stage 628, the UE 202 is configured to determine if the PFS bit in AUTN value indicates the PFS property is supported, and determine if the MME public key (i.e., DHEpubKey.sub.MME) is present in the PFS NAS authentication request message 616.”).

As per claim 6, the combination of Palan and Naslund teach the method of claim 4, further comprising: 
generating, by the serving network, one or more tertiary keys based on the plurality of secondary keys, wherein the one or more tertiary keys are included in the set of secret keys, wherein a first tertiary key in the one or more tertiary keys is generated using a second key definition function that takes the secret key as an input, and wherein the first tertiary key is used for a specified type of communications with the piece of user equipment (Naslund, para. [0155] “Thereafter the ME 46 or rather the PFS AKA module 52 of the ME 46 generates a second PFS parameter PFS2 and a second verification code, VC2, step 70, which second PFS parameter PFS2 may be generated as the base value g raised with another random value y, i.e. as ĝy. The verification code VC2 may in turn be generated as a message authentication code (MAC) of the second PFS parameter PFS2 and a key, e.g. one of the result parameters, or a derivative, Kd, of a result parameter, e.g. Kasme. The second verification code may thus be computed using the second PFS parameter and a result parameter or a derivative of a result parameter. If this second verification code VC2 is generated based on the response parameter RES, VC2 may be encoded in the information element normally carrying RES. It may then be generated as a function of RES and ĝy, such as a MAC of RES and ĝy, where RES acts as a key. Thus, the PFS module either calculates VC2 as MAC(Kd, ĝy, . . . ), as MAC(Kasme, ĝy, . . . ), or as MAC(RES, ĝy, . . . ). The second PFS parameter PFS2 and the second verification code VC2 are then sent to the first network device, either together with the separate response parameter RES (if Kd was used as key), or (if RES was used as a key) by encoding VC2 in what would normally be the RES information element, step 72, and may more particularly be sent in an authentication request response message ARE.” And para. [0159] “In ensuing sessions, e.g. data or signalling exchange between the UE and the network and more particularly between the UE and the first network device 44 it is then possible that a session key is used to protect communication and that this session key is based on the first and second PFS parameters. The session key may more particularly be based on the base g raised with the value x raised with the value y according to ĝ(xy). Alternatively, a derivative of a combination of Kasme and ĝ(xy) may be used. Thereby it can be seen that a secure session key is obtained that is at least based on the values x and y used for generating the first and second PFS parameters. It is thus generated based on one of the PFS parameters and the exponent of the other PFS parameter. This may more particularly mean that the PFS AKA module 52 may generate the session key based on the first PFS parameter PFS1 and the exponent y of the second PFS parameter PFS2, while the first network device 44 may generate the session key based on the second PFS parameter PFS2 and the exponent x of the first PFS parameter PFS1.”).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Naslund’s communication method using perfect forward secrecy into Palan’s authentication and key agreement with perfect forward secrecy, with a motivation to raise the security level of communication between a communication device and a communication network (Naslund, para. [0011]). 

As per claim 7, the combination of Palan and Naslund teach the method of claim 6, wherein the specified type of communications is one of Non- Access Stratum (NAS) protocol communications and Packet Data Convergence Protocol (PDCP) communications (Palan, para. [0041] “The call flow diagram 400 illustrates an authentication and key agreement (AKA) procedure for providing credentials on a network. The UE 202 sends the MME 206 (e.g., via the eNB 204) a Non Access Stratum (NAS) request message 410 including an International Mobile Station Equipment Identity (IMSI). The MME 206 is configured to retrieve authentication data from the HSS 208 to perform user authentication.”).

As per claim 8, the combination of Palan and Naslund teach the method of claim 6, wherein the PFS indicator is received by the serving network from the home network along with key definition information, which includes one or more of the first value, the second value, an indicator for the first key definition function, and an indicator for the second key definition function (Palan, para. [0046] “The UE 202 may be configured to send a PFS NAS attach request 510 to the MME 206. The PFS NAS attach request 510 includes identifying information (e.g., IMSI) and may optionally also include a UE PFS Information Element (IE). The UE PFS IE may be a boolean data bit, or any data type to indicate that the UE 202 is capable of processing AKA with a PFS property. The UE PFS IE is optional, however, as the UE's ability to process AKA with a PFS property may be established in other ways (e.g., via information elements present in other message exchanges). Upon receipt of the request, the MME 206 is configured to request authentication vectors from the home network 504 (e.g., the HSS 208). The MME 206 generates a PFS authentication info request message 512 including the UE security information (e.g., IMSI), data fields indicating a network type (e.g., E-UTRAN), and an indication that the network 502 supports a PFS property (e.g., a MME (SN) PFS informational element). The PFS authentication info request message 512 is typically a diameter protocol message with Attribute Value Pairs (AVP) as informational elements. The MME (SN) PFS informational element may be a Boolean value, or other data value, and is used to indicate that the network 502 supports the PFS property.” and para.[0053] “The HSS 208 generates the PFS authentication info response message 514 including an Authentication Vector (AV). The AV in the PFS authentication info response message 514 includes the authentication token with the PFS bit described above, (AUTN), the expected response (XRES) value, the random number (RAND) value, and the Key Access Security Management Entity (K.sub.ASME) value.”).

As per claim 15, Palan teaches the network device of claim 14, however fails to explicitly teach but Naslund teaches, wherein the access and mobility management function, when executed by the set of one or more processors, further causes the switch to transmit, to the home network, one or more keys in a set of secret keys, wherein the set of secret keys includes the secret key and keys generated using the secret key (Naslund, para. [0100] “In an authentication of the type shown in FIG. 1 and described above, a secret key K, with advantage pre-shared, is used both in the user equipment and in the network.” And para. [0145] “the communication network 36 is the first wireless network WN1 and the first network device 44 is the MME of the first wireless network.”  para. [0147] “After having obtained the authentication vector, the first network device (serving network) then obtains a first PFS parameter PFS1, step 76, which first PFS parameter PFS1 may be obtained through generation as a base value g raised with a random value x, i.e. as ĝx, where the random value x may be generated by the first network device 44… The first verification code VC1 may be generated as a Message Authentication Code (MAC) over the first PFS parameter PFS1 using a known key of the authentication vector, such as XRES or the initial session key Kasme, as key. When the second network device 46 generates the first verification code, the RAND value is based on the first PFS parameter PFS1.” And para. [0148] “the RAND value may be generated by the second network device 46 as the first PFS parameter PFS1 or as a hash of the first PFS parameter PFS1, such as a cryptographic hash. Thereby it is possible, e.g. by the UE, to use the challenge verification code AUTN also as the first verification code VC1 for the first PFS parameter PFS1. Here it may also be mentioned that RAND in both these examples is in fact a challenge to the USIM 48 of the UE.”).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Naslund’s communication method using perfect forward secrecy into Palan’s authentication and key agreement with perfect forward secrecy, with a motivation to raise the security level of communication between a communication device and a communication network (Naslund, para. [0011]). 
As per claim 16, the combination of Palan and Naslund teach the network device of claim 15, wherein the access and mobility management function, when executed by the set of one or more processors, further causes the switch to generate a plurality of secondary keys based on the secret key (Palan, para. [0054] “The UE 202 and the MME 206 are configured to generate respective pairs of public and private Ephemeral Diffie-Hellman (DHE) keys at stage 521 and 524, respectively. The UE 202 is configured to generate a UE private key value (DHEpriKey.sub.UE) and a UE public key value (DHEpubKey.sub.UE). The MME 206 is configured to generate a MME private key value (DHEpriKey.sub.MME) and a MME public key value (DHEpubKey.sub.MME). The private keys (DHEpriKey.sub.UE, DHEpriKey.sub.MME) are typically generated using a cryptographically secure pseudo-random number generator (CSPRNG), but other confidential information available to the respective systems may be used. The corresponding public keys may be generated in a similar non-deterministic manner by the respective systems. The DHE key pairs may be selected and generated (e.g., precomputed) in advance by the UE 202 and the MME 206 to reduce the impact of a potential network attack (e.g., processing delays due to generating the DHE keys). It should be noted that the MME may generates its DHE pairs any time before stage 524 and the UE may generates its DHE pairs at any time before stage 521.”), 
(Palan, para. [0055] “The UE 202 and the MME 206 are configured to exchange their public keys during AKA authentication procedures and each derive a shared key (e.g., sharedDHkey). In contrast to the PFS NAS authentication request message 516 in FIG. 5, in the call flow in FIG. 6 the MME 206 generates a PFS NAS authentication request message 616 including the AUTN and RAND values received from the HSS 208, the NAS Key Set Identifier (KSI.sub.ASME) based on the received K.sub.ASME value, as well as the MME public key (i.e., DHEpubKey.sub.MME). At stage 628, the UE 202 is configured to determine if the PFS bit in AUTN value indicates the PFS property is supported, and determine if the MME public key (i.e., DHEpubKey.sub.MME) is present in the PFS NAS authentication request message 616.”), 
wherein a second secondary key in the plurality of secondary keys is generated using the first key definition function that takes the secret key and a second value as inputs (Palan, para. [0057] “At stage 530 the MME 206 is configured to determine if the RES value equals the XRES value, and then derive a Diffie-Hellman shared key (i.e., sharedDHEkey) based on the received UE public key (i.e., DHEpubKey.sub.UE in the PFS NAS authentication response message 518). The shared key is then bound to the K.sub.ASME value received from the HSS 208 and the bound key is used to protect all subsequent NAS traffic. For example, a bound key may be designated as K'.sub.ASME (e.g., K.sub.ASME-prime) and may be generated based on a key derivation function (KDF) of K.sub.ASME and the shared key. That is, K'.sub.ASME=KDF (K.sub.ASME, sharedDHEkey). The KDF may be a cryptographic hashing function (e.g., SHA256, SHA512, SHA3, etc. . . . ). The resulting K'.sub.ASME value may be used as the K.sub.ASME value in the LTE network. At stage 632, the UE 202 is configured to derive the Diffie-Hellman shared key (e.g., sharedDHEkey) based on the MME public key (e.g., DHEpubKey.sub.MME). The sharedDHEkey is then bound to the K.sub.ASME value (e.g., as identified by the KSI.sub.ASME value) to create the K'.sub.ASME as described above. The resulting K'.sub.ASME value may be used as the K.sub.ASME value in the subsequent LTE security procedures.”), and 
wherein the plurality of secondary keys are included in the set of secret keys (Palan, para. [0059] “If the checks of the based on the PFS NAS SMC message 620 pass (e.g., the UE security capabilities sent by the MME match the ones stored in the UE, and the integrity protection uses the indicated NAS integrity algorithm and the NAS integrity key based on K'.sub.ASME), the UE 202 is configured to respond with a PFS NAS Security Mode Complete message 522. The UE 202 is configured to execute NAS integrity protection and ciphering/deciphering based on K'.sub.ASME, and to send the PFS NAS security mode complete message 522 to MME 206 ciphered and integrity protected. The MME 206 is configured to de-cipher and check the integrity protection on the PFS NAS Security Mode Complete message 522 using keys based on K'.sub.ASME and other algorithms indicated in the PFS NAS SMC message 620.”).
As per claim 17, the combination of Palan and Naslund teach the network device of claim 16, wherein the first secondary key in the plurality of secondary keys is assigned for communications between the serving network and the piece of user equipment and the second secondary key in the plurality of secondary keys is assigned for communications between the home network and the piece of user equipment (Palan, para. [0055] “The UE 202 and the MME 206 are configured to exchange their public keys during AKA authentication procedures and each derive a shared key (e.g., sharedDHkey). In contrast to the PFS NAS authentication request message 516 in FIG. 5, in the call flow in FIG. 6 the MME 206 generates a PFS NAS authentication request message 616 including the AUTN and RAND values received from the HSS 208, the NAS Key Set Identifier (KSI.sub.ASME) based on the received K.sub.ASME value, as well as the MME public key (i.e., DHEpubKey.sub.MME). At stage 628, the UE 202 is configured to determine if the PFS bit in AUTN value indicates the PFS property is supported, and determine if the MME public key (i.e., DHEpubKey.sub.MME) is present in the PFS NAS authentication request message 616.”).
As per claim 18, the combination of Palan and Naslund teach the network device of claim 16, wherein the access and mobility management function, when executed by the set of one or more processors further causes the switch to generate one or more tertiary keys based on the plurality of secondary keys, wherein the one or more tertiary keys are included in the set of secret keys, wherein a first tertiary key in the one or more tertiary keys is generated using a second key definition function that takes the secret key as an input, and wherein the first tertiary key is used for a specified type of communications with the piece of user equipment (Naslund, para. [0155] “Thereafter the ME 46 or rather the PFS AKA module 52 of the ME 46 generates a second PFS parameter PFS2 and a second verification code, VC2, step 70, which second PFS parameter PFS2 may be generated as the base value g raised with another random value y, i.e. as ĝy. The verification code VC2 may in turn be generated as a message authentication code (MAC) of the second PFS parameter PFS2 and a key, e.g. one of the result parameters, or a derivative, Kd, of a result parameter, e.g. Kasme. The second verification code may thus be computed using the second PFS parameter and a result parameter or a derivative of a result parameter. If this second verification code VC2 is generated based on the response parameter RES, VC2 may be encoded in the information element normally carrying RES. It may then be generated as a function of RES and ĝy, such as a MAC of RES and ĝy, where RES acts as a key. Thus, the PFS module either calculates VC2 as MAC(Kd, ĝy, . . . ), as MAC(Kasme, ĝy, . . . ), or as MAC(RES, ĝy, . . . ). The second PFS parameter PFS2 and the second verification code VC2 are then sent to the first network device, either together with the separate response parameter RES (if Kd was used as key), or (if RES was used as a key) by encoding VC2 in what would normally be the RES information element, step 72, and may more particularly be sent in an authentication request response message ARE.” And para. [0159] “In ensuing sessions, e.g. data or signalling exchange between the UE and the network and more particularly between the UE and the first network device 44 it is then possible that a session key is used to protect communication and that this session key is based on the first and second PFS parameters. The session key may more particularly be based on the base g raised with the value x raised with the value y according to ĝ(xy). Alternatively, a derivative of a combination of Kasme and ĝ(xy) may be used. Thereby it can be seen that a secure session key is obtained that is at least based on the values x and y used for generating the first and second PFS parameters. It is thus generated based on one of the PFS parameters and the exponent of the other PFS parameter. This may more particularly mean that the PFS AKA module 52 may generate the session key based on the first PFS parameter PFS1 and the exponent y of the second PFS parameter PFS2, while the first network device 44 may generate the session key based on the second PFS parameter PFS2 and the exponent x of the first PFS parameter PFS1.”).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Naslund’s communication method using perfect forward secrecy into Palan’s authentication and key agreement with perfect forward secrecy, with a motivation to raise the security level of communication between a communication device and a communication network (Naslund, para. [0011]). 

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
US 20130243194 A1 – Encoding exchanges with a set of shared ephemeral key data.
US 9584318 B1 - Perfect forward secrecy distributed denial of service attack defense.

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s acting supervisor, Kristine Kincaid can be reached on (571) 272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ZOHA PIYADEHGHIBI TAFAGHODI/Examiner, Art Unit 2437    

/SAMSON B LEMMA/Primary Examiner, Art Unit 2498