DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-61 are submitted for examination.
Claims 1-61 are pending.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Priority
This application filed on 06/01/2020 claims priority of provisional application 62/931,753 filed on November 06, 2019 and provisional application 62/859,568 filed on June 10, 2019..
Information Disclosure Statement
The following Information Disclosure Statements in the instant application submitted in compliance with the provisions of 37 CFR 1.97, and thus, have been fully considered:
IDS filed on 01 June 2020.
IDS filed on 10 September 2020
IDS filed on 17 February 2021
Claim Objections
Claim 53 is objected to because of the following informalities: Claim 53 recites a limitation, “The computerized method of claim 52, further comprising transferring, via at least one mobile storage device..”.   A colon is missing after comprising. Examiner suggest to put colon after comprising. Appropriate correction is required.

Claim Analysis - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 

(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitation(s) is/are: “…at least one remotely located computing device configured to communicate with the first user computing device” in claim 27. “wherein the at least one remotely located computing device is configured to communicate a plurality of public encryption keys to the first user computing device” in claim  27,  “…wherein the second user computing device is configured to communicate at least one recovery public encryption key to the at least one remotely located computing device…”, in claim 39, “..wherein the at least one remotely located computing device is configured to communicate at least one recovery encrypted share to the second user computing device..”, in claim 39. “..wherein the second user computing device is configured to decrypt…”. in claim 39.  “…at least one remotely located computing device configured to communicate with the first user computing device…”, in claim 43, “…wherein the user computing device is configured to communicate…”, in claim 43, “…wherein the at least one remotely located computing device is configured to communicate..”, in claim 43, “…wherein the user computing device is configured to: decrypt…”, in claim 43. 
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.
Since these claim limitation(s) invokes 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, claim(s) 17-18 and 20 have been interpreted to cover the corresponding structure described in the specification that achieves the claimed function, and equivalents thereof.  
A review of the specification shows that the following appears to be the corresponding structure described in the specification for the 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph limitation:
“remotely located computing device”, “user computing device”, “second user computing device” are interpreted as computing device disclosed in Figure 9. The computing device has memory, processor, network interface as per description provided in paragraphs 148 through 153. The description recites sufficient structure. 

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 9, 24, 35 and 49 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Claim 9 recites a limitation, “…wherein the at least one secret can be used to encrypt data, decrypt data, and sign transactions..”, Claim 24 recites a limitation, “..wherein the at least one secret can be used to encrypt data, decrypt data, and sign transactions”, Claim 35 recites a limitation, “…wherein the at least one secret can be used to encrypt data, decrypt data, and sign transactions.”, Claim 49 recites a limitation, “…wherein the at least one secret can be used to encrypt data, decrypt data, and sign transactions”. It is not clear that the one secret is used to encrypt data, decrypt data and sign transaction as can is not definitive. Examiner suggest replacing/removing word “can be” to make the claim definite.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.


Claims 1, 8-9, 27, 34-35 and 52 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Setty et al. (US PGPUB. # US 2018/0375653, hereinafter “Setty”).

Referring to Claims 1, 27 and 52:
Regarding Claim 1, Setty teaches,
A user computing device (Fig. 1(102), Fig. 7(702)) comprising: 
at least one processor; (Fig. 7(704), ¶132-¶133, “the processing system 704 is illustrated as including hardware elements 710 that may be configured as processors”) 
at least one memory communicatively coupled to the at least one processor; (Fig. 7(706, 712), ¶139, “Examples of computer-readable storage media may include, but are not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital versatile disks (DVD) or other optical storage, hard disks, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or other storage device”) 
at least one network interface communicatively coupled to the at least one processor and configured to communicate with at least one remotely located computing device; (¶24, “the client device 102, the service 104, the leaf agent devices 106, and the recovering authority device 108 can alternatively or additionally be connected to one another via a data network, such as the Internet, a local area network (LAN), a public telephone network, an intranet, other public and/or proprietary networks, combinations thereof”, Fig. 7(708, ¶135, “The one or more input/output interface(s) 708 are representative of functionality to allow a user to enter commands and information to computing device 702, and also allow information to be presented to the user and/or other components or devices using various input/output devices”, “a network card”)
wherein the at least one network interface is configured to receive a plurality of public encryption keys from the at least one remotely located computing device; (¶28, “The client device 102 also obtains public keys from the leaf agent devices 106. For each share to be associated with a leaf agent device 106”, i.e. plurality of public keys are received from leaf agent devices (remotely located computing devices))
wherein the at least one processor (Fig. 7(704), ¶132-¶133, “the processing system 704 is illustrated as including hardware elements 710 that may be configured as processors”)  is configured to: 
split at least one secret into a plurality of shares, wherein at least a subset of the plurality of shares is sufficient to reconstruct the at least one secret; (Abstract, “The device generates different shares of the protected key, each share being a value that, in combination with the other share(s), allows the protected key to be recovered”,¶27, “The client device 102 creates multiple shares of the protected key 114 for the leaf agents such that shares from the combination(s) of leaf agents specified in the key recovery policy 112 can be used to recover the protected key 114”, ¶47, “the key share generation module 206 can generate the key shares for the protected key 114 in any of a variety of different manners”, Fig. 5(504), ¶122, “Multiple key shares of the protected key are generated base on the key recovery policy (act 504)“, “the protected key can be recovered given an appropriate combination of leaf agents (as indicated by the key recovery policy)“, i.e. splitting key (secret) into multiple shares and subset of shares are sufficient to recover the key(secret)) and 
encrypt each of the plurality of shares based on a different public encryption key of the plurality of public encryption keys to create a plurality of encrypted shares; (Abstract, “the device encrypts each share with the public key of the leaf agent associated with the share “, ¶28, “the client device 102 encrypts the share with the public key of the leaf agent device 106”, Fig. 5(508), ¶124, “Each of the multiple key shares is encrypted with a public key of a public/private key pair of a leaf agent with which the key share is associated (act 508)“) wherein the at least one network interface is configured to communicate the encrypted shares to the at least one remotely located computing device. (Abstract, “provides the encrypted share to a service”, ¶28, “The share is then communicated to the service 104”, Fig. 5(510), ¶125, “The encrypted key shares are sent to a service for storage (act 510)”).

Regarding Claim 27, it is a system claim of above user computing device Claim 1 and therefore Claim 27 is rejected with the same rationale as applied against Claim 1 above.
In addition Shetty teaches a first user computing device (Fig. 1(102) and remotely located computing device (Fig. 1(106)). 

Regarding Claim 52, it is a method claim of above user computing device Claim 1 and therefore Claim 52 is rejected with the same rationale as applied against Claim 1 above.

Referring to Claims 8 and 34:
Regarding Claim 8, rejection of Claim 1 is included and for the same motivation Setty teaches,
The user computing device of claim 1, wherein the at least one secret includes at least one of. a key, a cryptographic key, a private key, a public encryption key, an encryption key, a signature key, and a password. (¶12, “generates a key that is protected based on the key recovery policy. The protected key can be used in various different manners, such as to encrypt data that the user of the client device desires to keep secret”, i.e. secret includes a key).

Regarding Claim 34, rejection of Claim 27 is included and Claim 34 is rejected with the same rationale as applied against Claim 8 above.

Referring to Claims 9 and 35:
Regarding Claim 9, rejection of Claim 1 is included and for the same motivation Setty teaches,
The user computing device of claim 1, wherein the at least one secret can be used to encrypt data, decrypt data, and sign transactions. (¶12, “The protected key can be used in various different manners, such as to encrypt data that the user of the client device desires to keep secret”, i.e. protected key (one secret) used to encrypt the data).

Regarding Claim 35, rejection of Claim 27 is included and Claim 35 is rejected with the same rationale as applied against Claim 9 above.





Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 2-3 and 29 are rejected under 35 U.S.C. 103 as being unpatentable over, Setty et al. (US PGPUB. # US 2018/0375653, hereinafter “Setty”), and further in view of Eric Le Saint (USPGPUB. # US 2021/0111875, hereinafter “Le Saint”).

Regarding Claim 2, rejection of Claim 1 is included and Setty does not teach explicitly,
The user computing device of claim 1, wherein the at least one processor is further configured to encrypt and sign each of the plurality of encrypted shares using an Elliptic Curve Diffie Hellman (ECDH) operation.
However, Le Saint teaches,
The user computing device of claim 1, wherein the at least one processor is further configured to encrypt and sign each of the plurality of encrypted shares using an Elliptic Curve Diffie Hellman (ECDH) operation. (¶71, “For example, an AES key wrap algorithm or other wrapping technique can be used, such as elliptic curve Diffie-hellman (ECDH). Upon encrypting each DEK share (e.g. DEKi, DEKj, DEKk, etc.) using a public key of each corresponding device (i.e. public keys of server Si 510”).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Le Saint with the invention of Setty. 
Setty teaches, splitting a secret into plurality of shares and encrypting each share with different public key. Le Saint teaches, encrypting encrypted shares with ECDH operation. Therefore, it would have been obvious to have encrypting encrypted shares with ECDH operation of Le Saint with splitting a secret into plurality of shares and encrypting each share with different public key so an attacker cannot access the secret. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Referring to Claims 3 and 29:
Regarding Claim 3, rejection of Claim 1 is included and Setty teaches,
The user computing device of claim 1, wherein the at least one processor is configured to encrypt using an Elliptic Curve Diffie Hellman (ECDH) operation, comprising: 
encrypting each of the plurality of shares, combined with a respective AES key, into a respective encrypted share. (Abstract, “the device encrypts each share with the public key of the leaf agent associated with the share “, ¶28, “the client device 102 encrypts the share with the public key of the leaf agent device 106”, Fig. 5(508), ¶124, “Each of the multiple key shares is encrypted with a public key of a public/private key pair of a leaf agent with which the key share is associated (act 508)“).
Setty does not teach explicitly,
determining a plurality of ECDH keys, each determined based on a private signature key and a respective one of the public encryption keys; 
determining a plurality of Advanced Encryption Standard (AES) keys, each determined as a hash of a respective ECDH key, a public signature key, and a respective one of the public encryption keys; and 
However, Le Saint teaches,
determining a plurality of ECDH keys, each determined based on a private signature key and a respective one of the public encryption keys; (¶71, “using a public key of each corresponding device (i.e. public keys of server Si 510, server Sj 511, and server Sk 513), key wrap module 512C may yield encrypted DEK shares eDEKi, eDEKj, and eDEKk.”)
determining a plurality of Advanced Encryption Standard (AES) keys, each determined as a hash of a respective ECDH key, a public signature key, and a respective one of the public encryption keys; (¶71, each DEK share may be encrypted using the public key of its corresponding server. For example, an AES key wrap algorithm or other wrapping technique can be used”).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Le Saint with the invention of Setty. 
Setty teaches, splitting a secret into plurality of shares and encrypting each share with different public key. Le Saint teaches, encrypting encrypted shares with ECDH operation. Therefore, it would have been obvious to have encrypting encrypted shares with ECDH operation of Le Saint with splitting a secret into plurality of shares and encrypting each share with different public key of Irwan so an attacker cannot access the secret. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 29, rejection of Claim 27 is included and Claim 29 is rejected with the same rationale as applied against Claim 3 above.


Claims 4 and 30 are rejected under 35 U.S.C. 103 as being unpatentable over, Setty et al. (US PGPUB. # US 2018/0375653, hereinafter “Setty”), and further in view of Paek et al.  (USPGPUB. # US 2021/0264410, hereinafter “Paek”).

Referring to Claims 4 and 30:
Regarding Claim 4, rejection of Claim 1 is included and Setty does not teach explicitly,
The user computing device of claim 1, wherein each different public encryption key of the plurality of public encryption keys is derived using a Hierarchical Deterministic (HD) methodology from a different master seed key.
However, Paek teaches,
The user computing device of claim 1, wherein each different public encryption key of the plurality of public encryption keys is derived using a Hierarchical Deterministic (HD) methodology from a different master seed key. (¶42, “The master key may be the key to be used for a Hierarchical Deterministic Wallet (HD wallet)”).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Paek with the invention of Setty. 
Setty teaches, splitting a secret into plurality of shares and encrypting each share with different public key. Paek teaches, deriving a key based on a hierarchical deterministic methodology from a master key. Therefore, it would have been obvious to have deriving a key based on a hierarchical deterministic methodology from a master key of Paek with splitting a secret into plurality of shares and encrypting each share with different public key so an attacker cannot access the secret. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 30, rejection of Claim 27 is included and Claim 30 is rejected with the same rationale as applied against Claim 4 above.


Claims 5-7 and 31-33 are rejected under 35 U.S.C. 103 as being unpatentable over, Setty et al. (US PGPUB. # US 2018/0375653, hereinafter “Setty”), and further in view of Bendersky et al. (US PGPUB. # US 2020/0052889, hereinafter “Bendersky”). 
 
Referring to Claims 5 and 31:
Regarding Claim 5, rejection of Claim 1 is included and Setty does not teach explicitly,
The user computing device of claim 1, wherein the shares are Shamir secret shares.
However, Bendersky teaches,
The user computing device of claim 1, wherein the shares are Shamir secret shares. (¶111, “a secret splitting algorithm such as Shamir's secret-sharing scheme, Blakley's scheme, or various other types of schemes may be used to split the secret into N pieces”).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.

Setty teaches, splitting a secret into plurality of shares and encrypting each share with different public key. Bendersky teaches, splitting shares according to Shamir’s secre-sharing. Therefore, it would have been obvious to have splitting shares according to Shamir’s secre-sharing of Bendersky with splitting a secret into plurality of shares and encrypting each share with different public key so an attacker cannot access the secret. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 31, rejection of Claim 27 is included and Claim 31 is rejected with the same rationale as applied against Claim 5 above.

Referring to Claims 6 and 32:
Regarding Claim 6, rejection of Claim 1 is included and Setty does not teach explicitly,
The user computing device of claim 1, wherein the at least one processor is configured to split the at least one secret into a plurality of shares through at least one of polynomial interpolation or Shamir secret sharing.
However, Bendersky teaches,
The user computing device of claim 1, wherein the at least one processor is configured to split the at least one secret into a plurality of shares through at least one of polynomial interpolation or Shamir secret sharing. (¶111, “a secret splitting algorithm such as Shamir's secret-sharing scheme, Blakley's scheme, or various other types of schemes may be used to split the secret into N pieces”, ¶126).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Bendersky with the invention of Setty. 
Setty teaches, splitting a secret into plurality of shares and encrypting each share with different public key. Bendersky teaches, splitting shares according to Shamir’s secre-sharing. Therefore, it would have been obvious to have splitting shares according to Shamir’s secre-sharing of Bendersky with splitting a secret into plurality of shares and encrypting each share with different public key so an attacker cannot access the secret. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 32, rejection of Claim 27 is included and Claim 32 is rejected with the same rationale as applied against Claim 6 above.

Referring to Claims 7 and 33:
Regarding Claim 7, rejection of Claim 1 is included and Setty does not teach explicitly,
The user computing device of claim 1, wherein the shares are Shamir shares; and wherein the at least one processor is configured to split the at least one secret into a plurality of shares using Shamir secret sharing.
However, Bendersky teaches,
The user computing device of claim 1, wherein the shares are Shamir shares; and wherein the at least one processor is configured to split the at least one secret into a plurality of shares using Shamir secret sharing. (¶111, “a secret splitting algorithm such as Shamir's secret-sharing scheme, Blakley's scheme, or various other types of schemes may be used to split the secret into N pieces”, ¶126).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Bendersky with the invention of Setty. 
Setty teaches, splitting a secret into plurality of shares and encrypting each share with different public key. Bendersky teaches, splitting shares according to Shamir’s secre-sharing. Therefore, it would have been obvious to have splitting shares according to Shamir’s secre-sharing of Bendersky with splitting a secret into plurality of shares and encrypting each share with different public key so an attacker cannot access the secret. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 33, rejection of Claim 27 is included and Claim 33 is rejected with the same rationale as applied against Claim 7 above.



Claims 10-13, 36-38 and 53 are rejected under 35 U.S.C. 103 as being unpatentable over, Setty et al. (US PGPUB. # US 2018/0375653, hereinafter “Setty”)and further in view of Irwan et al. (US PAT. # US 10,084,600, hereinafter “Irwan”). 

Referring to Claims 10 and 36:
Regarding Claim 10 rejection of Claim 1 is included and Setty does not teach explicitly,
The user computing device of claim 1, wherein the plurality of public encryption keys are each part of a different encryption key pair with a different private key, each different private key stored on a different computing device.
However, Irwan teaches,
The user computing device of claim 1, wherein the plurality of public encryption keys are each part of a different encryption key pair with a different private key, each different private key stored on a different computing device. (Fig. 3, , CL(9), LN(56-67, CL(10), LN(1-17), “In the example of FIG. 3, once the secret sharing instructions 230 generates all nine shares 310, 320, 330, 340, 350, 360, 370, 380, 390, each share is encrypted with a separate public key that corresponds to each of nine security gateways. For example, encrypting instructions 240 may encrypt share 310 with a public key corresponding to security gateway 314 to generate encrypted share 312”, “Subsequently, each security gateway 314, 324, 334, 344, 354, 364, 374, 384, 394 may use their own private key to decrypt a corresponding encrypted share 312, 322, 332, 342, 352, 362, 372, 382, 392, as further described herein”).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Irwan with the invention of Setty. 
Setty teaches, splitting a secret into plurality of shares and encrypting each share with different public key. Irwan teaches, receiving subset of plurality of encrypted shares and decrypting the shares utilizing a private key and forming a secret from the decrypted shares. Therefore, it would have been obvious to have receiving subset of plurality of encrypted shares and decrypting the shares utilizing a private key and forming a secret from the decrypted shares of Irwan with splitting a secret into plurality of shares and encrypting each share with different public key of Setty so an attacker cannot access the secret. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 36, rejection of Claim 27 is included and Claim 36 is rejected with the same rationale as applied against Claim 10 above.
Referring to Claims 11 and 37:
Regarding Claim 11 rejection of Claim 10 is included and for the same motivation Setty teaches,

The user computing device of claim 10, wherein each different computing device is controlled by a different group of individuals. (Fig. 1(106), ¶22).

Regarding Claim 37, rejection of Claim 36 is included and Claim 37 is rejected with the same rationale as applied against Claim 11 above.

Referring to Claims 12 and 38:
Regarding Claim 12 rejection of Claim 10 is included and for the same motivation Setty teaches,
The user computing device of claim 10, wherein each different computing device is located at a different physical location from other different computing devices. (¶22, “A leaf agent refers to an entity (e.g., person, organization, company, government agency, etc.) that can by itself and/or in combination with one or more other entities recover the protected key 114”, ¶23, i.e. each computing device is located a different physical location).

Regarding Claim 38, rejection of Claim 36 is included and Claim 38 is rejected with the same rationale as applied against Claim 12 above.

Regarding Claim 13 rejection of Claim 1 is included and Setty does not teach explicitly,
The user computing device of claim 1, 
wherein the at least one network interface is configured to receive at least a first subset of a first plurality of encrypted shares from the at least one remotely located computing device; 
wherein the at least one processor is configured to: 
decrypt each of the first subset of the first plurality of encrypted shares to create a first plurality of un-encrypted shares; and 
reconstruct the at least one secret using the first plurality of un-encrypted shares.
However, Irwan teaches,
The user computing device of claim 1, 
wherein the at least one network interface is configured to receive at least a first subset of a first plurality of encrypted shares from the at least one remotely located computing device; (CL(14), LN(29-31), “Of the total number of gateways, two is the subset that is sufficient to reveal the hidden security service data”, Fig. 7B (714), CL(14), LN(48-54), “The re-encrypted share may then be sent to the requesting security gateway 170 for decryption using the private key of the requesting security gateway”, i.e. receives subset of plurality of encrypted share) 
wherein the at least one processor is configured to: 
decrypt each of the first subset of the first plurality of encrypted shares to create a first plurality of un-encrypted shares; (Fig. 7B (716), CL(14), LN(55-62), “At step 716, the requesting security gateway 170 may receive the re-encrypted share from the available security gateway 170, as well as the requesting security gateway's corresponding encrypted share from the blockchain 150, and decrypt the shares using the requesting security gateway's private key”, i.e. first of plurality of un-encrypted shares are created) and 
reconstruct the at least one secret using the first plurality of un-encrypted shares. (Fig. 7B (718), CL(14), LN(62-65),  “At step 718, a readable copy of the hidden security service data may be formed and stored by reconstructing the digital representation of the polynomial function”, i.e. hidden security data (one secret) is formed (reconstructed).

Regarding Claim 53 rejection of Claim 52 is included and Setty does not teach explicitly,
The computerized method of claim 52, further comprising 
transferring, via at least one mobile storage device, each of the plurality of encrypted shares from the at least one remotely located computing device to a respective one of a plurality of trusted computing devices; 
decrypting, at each trusted computing device, a respective encrypted share into a respective un-encrypted share; and 
verifying, at each trusted computing device, that a respective un-encrypted share matches one of the plurality of shares before it was encrypted.
However, Irwan teaches,
transferring, via at least one mobile storage device, each of the plurality of encrypted shares from the at least one remotely located computing device to a respective one of a plurality of trusted computing devices; (Fig. 7B(716), CL(14), LN(55-58),  “At step 716, the requesting security gateway 170 may receive the re-encrypted share from the available security gateway 170”, i.e. plurality of encrypted shares are transferred from the gateway device)
decrypting, at each trusted computing device, a respective encrypted share into a respective un-encrypted share; (Fig. 7B(716), CL(14), LN(57060), “decrypt the shares using the requesting security gateway's private key. Decrypting the shares may form the two x-y coordinate points”) and 
verifying, at each trusted computing device, that a respective un-encrypted share matches one of the plurality of shares before it was encrypted. (Fig. 7B(720), CL(15), LN(6-10), “at step 720, the requesting security gateway 170 may use the security service data to authenticate a client device 161”).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Irwan with the invention of Setty. 
Setty teaches, splitting a secret into plurality of shares and encrypting each share with different public key. Irwan teaches, receiving subset of plurality of encrypted shares and decrypting the shares utilizing a private key and forming a secret from the decrypted shares. Therefore, it would have been obvious to have receiving subset of KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Claims 14-17 are rejected under 35 U.S.C. 103 as being unpatentable over, Setty et al. (US PGPUB. # US 2018/0375653, hereinafter “Setty”), and further in view of Irwan et al. (US PAT. # US 10,084,600, hereinafter “Irwan”), and further in view of Bendersky et al. (US PGPUB. # US 2020/0052889, hereinafter “Bendersky”).

Regarding Claim 14, rejection of Claim 13 is included and Setty does not teach explicitly, 
The user computing device of claim 13, 
wherein the at least one network interface is configured to communicate at least one recovery public encryption key to the at least one remotely located computing device; 
wherein the at least one processor is configured to decrypt each of the first subset of the first plurality of encrypted shares based on at least one recovery private decryption key corresponding to the at least one recovery public encryption key.
However, Irwan teaches,
[wherein the at least one network interface is configured to communicate at least one recovery public encryption key to the at least one remotely located computing device]; 
wherein the at least one processor is configured to decrypt each of the first subset of the first plurality of encrypted shares based on at least one recovery private decryption key corresponding to the at least one recovery public encryption key (Fig. 7B (716), CL(14), LN(55-62), “At step 716, the requesting security gateway 170 may receive the re-encrypted share from the available security gateway 170, as well as the requesting security gateway's corresponding encrypted share from the blockchain 150, and decrypt the shares using the requesting security gateway's private key”, i.e. first of plurality of un-encrypted shares are created).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Irwan with the invention of Setty. 
Setty teaches, splitting a secret into plurality of shares and encrypting each share with different public key. Irwan teaches, receiving subset of plurality of encrypted shares and decrypting the shares utilizing a private key and forming a secret from the decrypted shares. Therefore, it would have been obvious to have receiving subset of plurality of encrypted shares and decrypting the shares utilizing a private key and forming a secret from the decrypted shares of Irwan with splitting a secret into plurality of shares and encrypting each share with different public key of Setty so an attacker KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 
Combination of Setty and Irwan does not teach explicitly,
wherein the at least one network interface is configured to communicate at least one recovery public encryption key to the at least one remotely located computing device.
However, Bendersky teaches,
wherein the at least one network interface is configured to communicate at least one recovery public encryption key to the at least one remotely located computing device. (Fig. 11, Fig. 13(1303),  ¶119, “endpoint computing device 1101 may transmit the key (e.g., symmetric key, or public key from a private /public key pair) to security server 1103”, i.e. public encryption key is transmitted (communicated) to a security server (remotely located computing device))  wherein at least one recovery private decryption key corresponds to the at least one recovery public encryption key; (¶118, “endpoint computing device 1201 may access a previously created symmetric cryptographic key or asymmetric (public/private) key pair from key memory 1202. Alternatively, endpoint computing device 1201 may generate such keys”, ¶119, “the endpoint computing device 1101 or 1201 may transmit a symmetric key, or the public key from a private /public key pair”, i.e. public key corresponds to a private key).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.

Setty in view of Irwan teaches, splitting a secret into plurality of shares and encrypting each share with different public key and receiving subset of plurality of encrypted shares and decrypting the shares utilizing a private key and forming a secret from the decrypted shares. Bendersky teaches, providing a public key to a remote computing device to encrypt the shares with the public key. Therefore, it would have been obvious to have providing a public key to a remote computing device to encrypt the shares with the public key of Bendersky in to the teachings of Setty in view of Irwan so an attacker cannot access the secret. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 15, rejection of Claim 14 is included and for the same motivation combination of Setty and Irwan does not teach explicitly, 
The user computing device of claim 14, wherein each different recovery public encryption key of the at least one recovery public encryption key is part of a different recovery encryption key pair with a different recovery private decryption key of the at least one recovery private decryption key.
However, Bendersky teaches,
The user computing device of claim 14, wherein each different recovery public encryption key of the at least one recovery public encryption key is part of a different recovery encryption key pair with a different recovery private decryption key of the at least one recovery private decryption key. (Fig. 13, ¶123, “the endpoint computing device 1101 or 1201 may transmit a symmetric key, or the public key from a private /public key pair, to the security server 1103 or 1203 (or to secure access service provider 1207)”, i.e. different public keys are paired with different private keys).

Regarding Claim 16, rejection of Claim 14 is included and for the same motivation combination of Setty and Irwan does not teach explicitly, 
The user computing device of claim 14, wherein the at least one recovery private decryption key is a single recovery private decryption key; and wherein the at least one recovery public encryption key is a single recovery public encryption key.
However, Bendersky teaches,
The user computing device of claim 14, wherein the at least one recovery private decryption key is a single recovery private decryption key; and wherein the at least one recovery public encryption key is a single recovery public encryption key. (Fig. 13, ¶123, “the endpoint computing device 1101 or 1201 may transmit a symmetric key, or the public key from a private /public key pair, to the security server 1103 or 1203 (or to secure access service provider 1207)”, i.e. public encryption key is single recovery public encryption key).

Regarding Claim 17, rejection of Claim 14 is included and for the same motivation Setty does not teach explicitly, 
The user computing device of claim 14, wherein the at least one processor is further configured to generate a hash from each of the plurality of shares prior to encryption; and wherein the at least one network interface is further configured to communicate the hashes to the at least one remotely located computing device.
However, Irwan teaches,
The user computing device of claim 14, wherein the at least one processor is further configured to generate a hash from each of the plurality of shares prior to encryption; and wherein the at least one network interface is further configured to communicate the hashes to the at least one remotely located computing device. (CL(6), LN(35-43), “The security broker 130 may generate secret shares of the identity information, hash and encrypt the identity information, and send the information over a network 140 to a blockchain 150”).


Claims 39-42 are rejected under 35 U.S.C. 103 as being unpatentable over, Setty et al. (US PGPUB. # US 2018/0375653, hereinafter “Setty”), and further in view of Eric Le Saint (USPGPUB. # US 2021/0111875, hereinafter “Le Saint”), and further in view of Irwan et al. (US PAT. # US 10,084,600, hereinafter “Irwan”), and further in view of Bendersky et al. (US PGPUB. # US 2020/0052889, hereinafter “Bendersky”).

Regarding Claim 39 rejection of Claim 29 is included and combination of Setty and Le Saint does not teach explicitly,
The system of claim 29, further comprising: 
a second user computing device; 
wherein the second user computing device is configured to communicate at least one recovery public encryption key to the at least one remotely located computing device; 
wherein the at least one remotely located computing device is configured to communicate at least one recovery encrypted share to the second user computing device; 
wherein the second user computing device is configured to decrypt each of the at least one recovery encrypted share to create a first plurality of un-encrypted shares based on at least one recovery private decryption key corresponding to the at least one recovery public encryption key; and 
wherein the second user computing device is configured to reconstruct the at least one secret using the first plurality of un-encrypted shares.
However, Irwan teaches,
wherein the at least one remotely located computing device is configured to communicate at least one recovery encrypted share to the second user computing device; CL(14), LN(29-31), “Of the total number of gateways, two is the subset that is sufficient to reveal the hidden security service data”, Fig. 7B (714), CL(14), LN(48-54), “The re-encrypted share may then be sent to the requesting security gateway 170 for decryption using the private key of the requesting security gateway”, i.e. receives subset of plurality of encrypted share)  
wherein the second user computing device is configured to decrypt each of the at least one recovery encrypted share to create a first plurality of un-encrypted shares based on at least one recovery private decryption key corresponding to the at least one recovery public encryption key; (Fig. 7B (716), CL(14), LN(55-62), “At step 716, the requesting security gateway 170 may receive the re-encrypted share from the available security gateway 170, as well as the requesting security gateway's corresponding encrypted share from the blockchain 150, and decrypt the shares using the requesting security gateway's private key”, i.e. first of plurality of un-encrypted shares are created) and 
wherein the second user computing device is configured to reconstruct the at least one secret using the first plurality of un-encrypted shares. (Fig. 7B (718), CL(14), LN(62-65),  “At step 718, a readable copy of the hidden security service data may be formed and stored by reconstructing the digital representation of the polynomial function”, i.e. hidden security data (one secret) is formed (reconstructed).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Irwan with the invention of Setty in view of Le Saint. 
Setty in view of Le Saint teaches, splitting a secret into plurality of shares and encrypting each share with different public key and encrypting encrypted shares with KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 
Combination of Setty, Le Saint and Irwan does not teach explicitly,
wherein the second user computing device is configured to communicate at least one recovery public encryption key to the at least one remotely located computing device; 
However, Bendersky teaches,
wherein the second user computing device is configured to communicate at least one recovery public encryption key to the at least one remotely located computing device; (Fig. 11, Fig. 13(1303),  ¶119, “endpoint computing device 1101 may transmit the key (e.g., symmetric key, or public key from a private /public key pair) to security server 1103”, i.e. public encryption key is transmitted (communicated) to a security server (remotely located computing device))  wherein at least one recovery private decryption key corresponds to the at least one recovery public encryption key; (¶118, “endpoint computing device 1201 may access a previously created symmetric cryptographic key or asymmetric (public/private) key pair from key memory 1202. Alternatively, endpoint computing device 1201 may generate such keys”, ¶119, “the endpoint computing device 1101 or 1201 may transmit a symmetric key, or the public key from a private /public key pair”, i.e. public key corresponds to a private key).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Bendersky with the invention of Setty in view of Le Saint and Irwan. 
Setty in view of Le Saint and Irwan teaches, splitting a secret into plurality of shares and encrypting each share with different public key and encrypting encrypted shares with ECDH operation and receiving subset of plurality of encrypted shares and decrypting the shares utilizing a private key and forming a secret from the decrypted shares. Bendersky teaches, providing a public key to a remote computing device to encrypt the shares with the public key. Therefore, it would have been obvious to have providing a public key to a remote computing device to encrypt the shares with the public key of Bendersky in to the teachings of Setty in view of Le Saint and Irwan so an attacker cannot access the secret. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 40 rejection of Claim 39 is included and for the same motivation combination of Setty, Le Saint and Irwan does not teach explicitly,
The system of claim 39, wherein each different recovery public encryption key of the at least one recovery public encryption key is part of a different recovery encryption key pair with a different recovery private decryption key of the at least one recovery private decryption key.
However, Bendersky teaches,
The system of claim 39, wherein each different recovery public encryption key of the at least one recovery public encryption key is part of a different recovery encryption key pair with a different recovery private decryption key of the at least one recovery private decryption key. (Fig. 13, ¶123, “the endpoint computing device 1101 or 1201 may transmit a symmetric key, or the public key from a private /public key pair, to the security server 1103 or 1203 (or to secure access service provider 1207)”, i.e. different public keys are paired with different private keys).

Regarding Claim 41 rejection of Claim 39 is included and for the same motivation combination of Setty, Le Saint and Irwan does not teach explicitly,
The system of claim 39, wherein the at least one recovery private decryption key is a single recovery private decryption key; and wherein the at least one recovery public encryption key is a single recovery public encryption key.
However, Bendersky teaches,
The system of claim 39, wherein the at least one recovery private decryption key is a single recovery private decryption key; and wherein the at least one recovery public encryption key is a single recovery public encryption key. (Fig. 13, ¶123, “the endpoint computing device 1101 or 1201 may transmit a symmetric key, or the public key from a private /public key pair, to the security server 1103 or 1203 (or to secure access service provider 1207)”, i.e. public encryption key is single recovery public encryption key).

Regarding Claim 42 rejection of Claim 41 is included and for the same motivation combination of Setty does not teach explicitly,
The system of claim 41, wherein the second computing device is configured to decrypt using an Elliptic Curve Diffie Hellman (ECDH) operation, comprising:
determining at least one recovery ECDH key, each determined based on a respective recovery public signature key and a respective one of the at least one recovery private decryption key; 
for each recovery ECDH key, determining an Advanced Encryption Standard (AES) key as a hash of the respective recovery ECDH key, a respective recovery public signature key, and a respective recovery public encryption key; and 
decrypt each of the at least one recovery encrypted share, combined with a corresponding recovery AES key, into a respective one of the first plurality of un-encrypted shares.
However, Le Saint teaches,
determining at least one recovery ECDH key, each determined based on a respective recovery public signature key and a respective one of the at least one recovery private decryption key; (¶71, “using a public key of each corresponding device (i.e. public keys of server Si 510, server Sj 511, and server Sk 513), key wrap module 512C may yield encrypted DEK shares eDEKi, eDEKj, and eDEKk.”)
for each recovery ECDH key, determining an Advanced Encryption Standard (AES) key as a hash of the respective recovery ECDH key, a respective recovery public signature key, and a respective recovery public encryption key; (¶71, each DEK share may be encrypted using the public key of its corresponding server. For example, an AES key wrap algorithm or other wrapping technique can be used”).
Combination of Setty and Le Saint does not teach explicitly,
decrypt each of the at least one recovery encrypted share, combined with a corresponding recovery AES key, into a respective one of the first plurality of un-encrypted shares.
However, Irwan teaches,
decrypt each of the at least one recovery encrypted share, combined with a corresponding recovery AES key, into a respective one of the first plurality of un-encrypted shares. (Fig. 7B (716), CL(14), LN(55-62), “At step 716, the requesting security gateway 170 may receive the re-encrypted share from the available security gateway 170, as well as the requesting security gateway's corresponding encrypted share from the blockchain 150, and decrypt the shares using the requesting security gateway's private key”, i.e. first of plurality of un-encrypted shares are created).






Claim 54 is rejected under 35 U.S.C. 103 as being unpatentable over, Setty et al. (US PGPUB. # US 2018/0375653, hereinafter “Setty”), and further in view of Irwan et al. (US PAT. # US 10,084,600, hereinafter “Irwan”), and further in view of Eric Le Saint (USPGPUB. # US 2021/0111875, hereinafter “Le Saint”).

Regarding Claim 54, rejection of Claim 53 is included and Setty does not teach explicitly,
The computerized method of claim 53, wherein decrypting comprises using an Elliptic Curve Diffie Hellman (ECDH) operation, comprising: 
decrypt each encrypted share, combined with a corresponding recovery AES key, into a respective un-encrypted share.
However, Irwan teaches,
decrypt each encrypted share, combined with a corresponding recovery AES key, into a respective un-encrypted share. (Fig. 7B (716), CL(14), LN(55-62), “At step 716, the requesting security gateway 170 may receive the re-encrypted share from the available security gateway 170, as well as the requesting security gateway's corresponding encrypted share from the blockchain 150, and decrypt the shares using the requesting security gateway's private key”, i.e. first of plurality of un-encrypted shares are created).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.

Setty teaches, splitting a secret into plurality of shares and encrypting each share with different public key. Irwan teaches, receiving subset of plurality of encrypted shares and decrypting the shares utilizing a private key and forming a secret from the decrypted shares. Therefore, it would have been obvious to have receiving subset of plurality of encrypted shares and decrypting the shares utilizing a private key and forming a secret from the decrypted shares of Irwan with splitting a secret into plurality of shares and encrypting each share with different public key of Setty so an attacker cannot access the secret. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 
Combination of Setty and Irwan does not teach explicitly,
determining at least one ECDH key, each determined based on a public signature key and a respective one of the at least one private decryption key; 
for each recovery ECDH key, determining an Advanced Encryption Standard (AES) key as a hash of the respective ECDH key, the public signature key, and a respective one of the at least one public encryption key; and 
However, Le Saint teaches,
determining at least one ECDH key, each determined based on a public signature key and a respective one of the at least one private decryption key; (¶71, “using a public key of each corresponding device (i.e. public keys of server Si 510, server Sj 511, and server Sk 513), key wrap module 512C may yield encrypted DEK shares eDEKi, eDEKj, and eDEKk.”)
for each recovery ECDH key, determining an Advanced Encryption Standard (AES) key as a hash of the respective ECDH key, the public signature key, and a respective one of the at least one public encryption key; (¶71, each DEK share may be encrypted using the public key of its corresponding server. For example, an AES key wrap algorithm or other wrapping technique can be used”).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Le Saint with the invention of Setty in view of Irwan. 
Setty in view of Irwan teaches, splitting a secret into plurality of shares and encrypting each share with different public key and receiving subset of plurality of encrypted shares and decrypting the shares utilizing a private key and forming a secret from the decrypted shares. Le Saint teaches, determining at least one ECDH key, Therefore, it would have been obvious to have determining at least one ECDH key of Le Saint into the teachings of Setty in view of Irwan so an attacker cannot access the secret. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 



Claims 18-25, 43-50 and 58 are rejected under 35 U.S.C. 103 as being unpatentable over Irwan et al. (US PAT. # US 10,084,600, hereinafter “Irwan”), and further in view of Bendersky et al. (US PGPUB. # US 2020/0052889, hereinafter “Bendersky”). 

Referring to Claims 18, 43 and 58:
Regarding Claim 18, Irwan teaches,
A user computing device comprising: (Fig. 8)
at least one processor; (Fig. 8(804), LN(6-16), “At least one hardware processor 804”)  
at least one memory communicatively coupled to the at least one processor; (Fig. 8(806), CL(9), LN(6-16), ”Computer system 800 includes one or more units of memory 806”)
at least one network interface communicatively coupled to the at least one processor and configured to communicate with at least one remotely located computing device; (Fig. 8(818),, CL(9), LN(17-42),  “communication interface 818 may be an Ethernet networking interface, integrated-services digital network (ISDN) card, cable modem, satellite modem, or a modem to provide a data communication connection to a corresponding type of communications line, for example an Ethernet cable or a metal cable of any kind or a fiber-optic line or a telephone line” )
wherein the at least one network interface is configured to receive at least a subset of a first plurality of encrypted shares from the at least one remotely located computing device; (CL(14), LN(29-31), “Of the total number of gateways, two is the subset that is sufficient to reveal the hidden security service data”, Fig. 7B (714), CL(14), LN(48-54), “The re-encrypted share may then be sent to the requesting security gateway 170 for decryption using the private key of the requesting security gateway”, i.e. receives subset of plurality of encrypted share) 
wherein the at least one processor is configured to: 
decrypt each of the subset of the first plurality of recovery encrypted shares to create a first plurality of un-encrypted shares based on the at least one recovery private decryption key corresponding to the at least one recovery public encryption key; (Fig. 7B (716), CL(14), LN(55-62), “At step 716, the requesting security gateway 170 may receive the re-encrypted share from the available security gateway 170, as well as the requesting security gateway's corresponding encrypted share from the blockchain 150, and decrypt the shares using the requesting security gateway's private key”, i.e. first of plurality of un-encrypted shares are created)
reconstruct the at least one secret using the first plurality of un-encrypted shares. (Fig. 7B (718), CL(14), LN(62-65),  “At step 718, a readable copy of the hidden security service data may be formed and stored by reconstructing the digital representation of the polynomial function”, i.e. hidden security data (one secret) is formed (reconstructed).
Irwan does not teach explicitly,
wherein the at least one network interface is configured to communicate at
least one recovery public encryption key to at least one remotely located computing device, wherein at least one recovery private decryption key corresponds to the at least one recovery public encryption key; 
However, Bendersky teaches,
wherein the at least one network interface is configured to communicate at least one recovery public encryption key to at least one remotely located computing device, (Fig. 11, Fig. 13(1303),  ¶119, “endpoint computing device 1101 may transmit the key (e.g., symmetric key, or public key from a private /public key pair) to security server 1103”, i.e. public encryption key is transmitted (communicated) to a security server (remotely located computing device))  wherein at least one recovery private decryption key corresponds to the at least one recovery public encryption key; (¶118, “endpoint computing device 1201 may access a previously created symmetric cryptographic key or asymmetric (public/private) key pair from key memory 1202. Alternatively, endpoint computing device 1201 may generate such keys”, ¶119, “the endpoint computing device 1101 or 1201 may transmit a symmetric key, or the public key from a private /public key pair”, i.e. public key corresponds to a private key).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.

Irwan teaches, receiving subset of plurality of encrypted shares and decrypting the shares utilizing a private key and forming a secret from the decrypted shares. Bendersky teaches, providing a public key to a remote computing device to encrypt the shares with the public key. Therefore, it would have been obvious to have providing a public key to a remote computing device to encrypt the shares with the public key of Bendersky with receiving subset of plurality of encrypted shares and decrypting the shares utilizing a private key and forming a secret from the decrypted shares of Irwan so an attacker cannot access the secret. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 43, it is a system claim of above user computing device Claim 18 and therefore Claim 43 is rejected with the same rationale as applied against Claim 18 above.

Regarding Claim 58, it is a method claim of above user computing device Claim 18 and therefore Claim 58 is rejected with the same rationale as applied against Claim 18 above.

Referring to Claims 19 and 44:
Regarding Claim 19, rejection of Claim 18 is included and for the same motivation Irwan teaches,
The user computing device of claim 18, wherein the at least one recovery private decryption key is a single recovery private decryption key; (Fig. 7B (716), CL(14), LN(55-62), “At step 716, the requesting security gateway 170 may receive the re-encrypted share from the available security gateway 170, as well as the requesting security gateway's corresponding encrypted share from the blockchain 150, and decrypt the shares using the requesting security gateway's private key”, i.e. decryption key is a single recovery private decryption key) and 
[wherein the at least one recovery public encryption key is a single recovery public encryption key].
Irwan does not teach explicitly,
wherein the at least one recovery public encryption key is a single recovery public encryption key;
However, Bendersky teaches,
wherein the at least one recovery public encryption key is a single recovery public encryption key; (Fig. 13, ¶123, “the endpoint computing device 1101 or 1201 may transmit a symmetric key, or the public key from a private /public key pair, to the security server 1103 or 1203 (or to secure access service provider 1207)”, i.e. public encryption key is single recovery public encryption key).

Regarding Claim 44, rejection of Claim 43 is included and Claim 44 is rejected with the same rationale as applied against Claim 19 above.

Referring to Claims 20 and 45:
Regarding Claim 20, rejection of Claim 18 is included and for the same motivation Irwan does not teach explicitly,
	The user computing device of claim 18, wherein the un-encrypted shares are Shamir secret shares.
However, Bendersky teaches,
The user computing device of claim 18, wherein the un-encrypted shares are Shamir secret shares. (¶111, “a secret splitting algorithm such as Shamir's secret-sharing scheme, Blakley's scheme, or various other types of schemes may be used to split the secret into N pieces”, ¶126).

Regarding Claim 45, rejection of Claim 43 is included and Claim 45 is rejected with the same rationale as applied against Claim 20 above.

Referring to Claims 21 and 46:
Regarding Claim 21, rejection of Claim 18 is included and for the same motivation Irwan does not teach explicitly,
The user computing device of claim 18, wherein the at least one processor is configured to reconstruct the at least one secret using the first plurality of un-encrypted shares through at least one of polynomial interpolation or Shamir secret sharing.
However, Bendersky teaches,
The user computing device of claim 18, wherein the at least one processor is configured to reconstruct the at least one secret using the first plurality of un-encrypted shares through at least one of polynomial interpolation or Shamir secret sharing. (¶111, “a secret splitting algorithm such as Shamir's secret-sharing scheme, Blakley's scheme, or various other types of schemes may be used to split the secret into N pieces”, ¶126).

Regarding Claim 46, rejection of Claim 43 is included and Claim 46 is rejected with the same rationale as applied against Claim 21 above.

Referring to Claims 22 and 47:
Regarding Claim 22, rejection of Claim 18 is included and for the same motivation Irwan does not teach explicitly,
The user computing device of claim 18, wherein the un-encrypted shares are Shamir shares; and 
wherein the at least one processor is configured to reconstruct the at least one secret using the second plurality of shares using Shamir secret sharing.
However, Bendersky teaches,
The user computing device of claim 18, wherein the un-encrypted shares are Shamir shares; (¶111) and 
wherein the at least one processor is configured to reconstruct the at least one secret using the second plurality of shares using Shamir secret sharing. (¶111, “a secret splitting algorithm such as Shamir's secret-sharing scheme, Blakley's scheme, or various other types of schemes may be used to split the secret into N pieces”, ¶126).

Regarding Claim 47, rejection of Claim 43 is included and Claim 47 is rejected with the same rationale as applied against Claim 22 above.

Referring to Claims 23 and 48:
Regarding Claim 23, rejection of Claim 18 is included and for the same motivation Irwan teaches,
The user computing device of claim 18, wherein the at least one secret includes at least one of: a key, a cryptographic keys, a private key, a public encryption key, an encryption key, a signature key, and a password. (CL(6), LN(30-35), Claim 12, “security service data may be usernames and passwords, keys, tokens, certificates, audit logs, or any other security service data”).
Regarding Claim 48, rejection of Claim 43 is included and Claim 48 is rejected with the same rationale as applied against Claim 23 above.

Referring to Claims 24 and 49:
Regarding Claim 24, rejection of Claim 18 is included and for the same motivation Irwan teaches,
The user computing device of claim 18, wherein the at least one secret can be used to encrypt data, decrypt data, and sign transactions. (CL(6), LN(30-35), Claim 12, “security service data may be usernames and passwords, keys, tokens, certificates, audit logs, or any other security service data”, i.e. keys are used to encrypt/decrypt and sign data).

Regarding Claim 49, rejection of Claim 43 is included and Claim 49 is rejected with the same rationale as applied against Claim 24 above.

Referring to Claims 25 and 50:
Regarding Claim 25, rejection of Claim 18 is included and for the same motivation Irwan does not teach explicitly,
The user computing device of claim 18, wherein each different recovery public encryption key of the at least one recovery public encryption key is part of a different recovery encryption key pair with a different recovery private decryption key of the at least one recovery private decryption key.
However, Bendersky teaches,
The user computing device of claim 18, wherein each different recovery public encryption key of the at least one recovery public encryption key is part of a different recovery encryption key pair with a different recovery private decryption key of the at least one recovery private decryption key. (Fig. 13, ¶123, “the endpoint computing device 1101 or 1201 may transmit a symmetric key, or the public key from a private /public key pair, to the security server 1103 or 1203 (or to secure access service provider 1207)”, i.e. different public keys are paired with different private keys).

Regarding Claim 50, rejection of Claim 43 is included and Claim 50 is rejected with the same rationale as applied against Claim 25 above.

Claims 26, 51 and 59-61 are rejected under 35 U.S.C. 103 as being unpatentable over Irwan et al. (US PAT. # US 10,084,600, hereinafter “Irwan”), and further in view of Bendersky et al. (US PGPUB. # US 2020/0052889, hereinafter “Bendersky”), and further in view of Eric Le Saint (US PGPUB. # US 2021/0111875, hereinafter “Le Saint”).

Referring to Claims 26, 51 and 61:
Regarding Claim 26 rejection of Claim 18 is included, and Irwan teaches,
The user computing device of claim 18, wherein the at least one processor is configured to decrypt using an Elliptic Curve Diffie Hellman (ECDH) operation, comprising: 
decrypt each of the subset of the first plurality of recovery encrypted shares, combined with a corresponding recovery AES key, into a respective un-encrypted share. (Fig. 7B (716), CL(14), LN(55-62), “At step 716, the requesting security gateway 170 may receive the re-encrypted share from the available security gateway 170, as well as the requesting security gateway's corresponding encrypted share from the blockchain 150, and decrypt the shares using the requesting security gateway's private key”, i.e. first of plurality of un-encrypted shares are created).
Combination of Irwan and Bendersky does not teach explicitly,
determining at least one recovery ECDH key, each determined based on a respective recovery public signature key and a respective one of the at least one recovery private decryption key; 
for each recovery ECDH key, determining an Advanced Encryption Standard (AES) key as a hash of the respective recovery ECDH key, a respective recovery public signature key, and a respective one of the at least one recovery public encryption key; and 
However, Le Saint teaches,
determining at least one recovery ECDH key, each determined based on a respective recovery public signature key and a respective one of the at least one recovery private decryption key; (¶71, “using a public key of each corresponding device (i.e. public keys of server Si 510, server Sj 511, and server Sk 513), key wrap module 512C may yield encrypted DEK shares eDEKi, eDEKj, and eDEKk.”)
for each recovery ECDH key, determining an Advanced Encryption Standard (AES) key as a hash of the respective recovery ECDH key, a respective recovery public signature key, and a respective one of the at least one recovery public encryption key; (¶71, each DEK share may be encrypted using the public key of its corresponding server. For example, an AES key wrap algorithm or other wrapping technique can be used”).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Le Saint with the invention of Irwan in view of Bendersky. 
KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 51, rejection of Claim 43 is included and Claim 51 is rejected with the same rationale as applied against Claim 26 above.

Regarding Claim 61, rejection of Claim 58 is included and Claim 61 is rejected with the same rationale as applied against Claim 26 above.

Regarding Claim 59, rejection of Claim 58 is included and combination of Irwan and Bendersky does not teach explicitly, 
The computerized method of claim 58, further comprising: 
encrypting a first plurality of shares at one or more trusted computing devices based on the at least one recovery public encryption key into the at least a subset of the first plurality of recovery encrypted shares prior to communicating the subset of the first plurality of recovery encrypted shares to the user computing device from the at least one remotely located computing device. 
However, Le Saint teaches,
encrypting a first plurality of shares at one or more trusted computing devices based on the at least one recovery public encryption key into the at least a subset of the first plurality of recovery encrypted shares prior to communicating the subset of the first plurality of recovery encrypted shares to the user computing device from the at least one remotely located computing device. . (¶71, “For example, an AES key wrap algorithm or other wrapping technique can be used, such as elliptic curve Diffie-hellman (ECDH). Upon encrypting each DEK share (e.g. DEKi, DEKj, DEKk, etc.) using a public key of each corresponding device (i.e. public keys of server Si 510”).

As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Le Saint with the invention of Irwan in view of Bendersky. 
Irwan in view of Bendersky teaches, receiving subset of plurality of encrypted shares and decrypting the shares utilizing a private key and forming a secret from the decrypted shares and providing a public key to a remote computing device to encrypt the shares with the public key. Le Saint teaches, determining at least one ECDH key, Therefore, it would have been obvious to have determining at least one ECDH key of Le Saint into the teachings of Irwan in view of Bendersky so an attacker cannot access the KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 60, rejection of Claim 59 is included and for the same motivation Irwan teaches,  
The computerized method of claim 59, wherein encrypting comprises using an Elliptic Curve Diffie Hellman (ECDH) operation, comprising: 
encrypting each of the plurality of un-encrypted shares, along with a respective AES key, into a respective one of the first plurality of recovery encrypted shares. (Fig. 7A (706), CL(13), LN(65-67), CL(14), LN(1-15), “At step 706, the security broker 130 encrypts each share of the plurality of shares using a separate public key from among a plurality of public keys corresponding to each of a plurality of second computing devices, to generate a plurality of encrypted shares”).
Combination of Irwan and Bendersky does not teach explicitly,
determining a plurality of recovery ECDH keys, each determined based on a respective recovery private signature key and a respective recovery public encryption key; 
determining a plurality of Advanced Encryption Standard (AES) keys, each determined as a hash of a respective recovery ECDH key, a respective recovery public signature key, and a respective recovery public encryption key; and 
However, Le Saint teaches,
determining a plurality of recovery ECDH keys, each determined based on a respective recovery private signature key and a respective recovery public encryption key; (¶71, “using a public key of each corresponding device (i.e. public keys of server Si 510, server Sj 511, and server Sk 513), key wrap module 512C may yield encrypted DEK shares eDEKi, eDEKj, and eDEKk.”)
determining a plurality of Advanced Encryption Standard (AES) keys, each determined as a hash of a respective recovery ECDH key, a respective recovery public signature key, and a respective recovery public encryption key; (¶71, each DEK share may be encrypted using the public key of its corresponding server. For example, an AES key wrap algorithm or other wrapping technique can be used”).

Claim 55 - Objected
Claim 55 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Setty et al. (US PGPUB. # US 2018/0375653, hereinafter “Setty”) discloses, generates multiple shares of a protected key for a recovery. Encrypts each generated share with a public key and stores the encrypted shares in a remote storage. (Fig. 5, ¶120-¶125). 
Irwan et al. (US PAT. # US 10,084,600, hereinafter “Irwan”) discloses, receiving plurality of encrypted shares at a client device and decrypting the plurality of encrypted shares with private key and generates a secure data. Based on recovered secure data, authenticates device. (Fig. 7B, CL(14), LN(44-67)), CL(15), LN(1-15))
Bendersky et al. (US PGPUB. # US 2020/0052889, hereinafter “Bendersky”) discloses, splitting a key into “N” pieces and encrypting each secret piece. Merging secret pieces for an authentication to grant or deny access.  (Fig. 13, ¶119-¶127).
Chi Sing Chum-Xiaowen Zhang (“Hash function based secret sharing scheme designs) discloses, multi party secret sharing utilizing hash function. (Page -2). It provides threshold scheme and recovering secret based on hash. (Fig. 2). It also discloses, verifiable scheme.
However, none of the art teaches, recited claim limitations in claim 55.
Claim 56 – Objected
Claim 56 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Claim 57 - Objected 
Claim 57 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.  Refer to PTO-892, Notice of References Cited for a listing of analogous art.
Johnson et al. (US PAT. # US 6,052,469) discloses, a cryptographic key recovery system that is interoperable with existing systems for establishing keys between communicating parties. The sender uses a reversible key inversion function to generate key recovery values P, Q and (optionally) R as a function of a session key and public information, so that the session key may be regenerated from the key recovery values P, Q and (if generated) R. Key recovery values P and Q are encrypted using the respective public recovery keys of a pair of key recovery agents. The encrypted P and Q values are included along with other recovery information in a session header accompanying an encrypted message sent from the sender to the receiver. The key recovery agents may recover the P and Q values for a law enforcement agent by decrypting the encrypted P and Q values in the session header, using their respective private recovery keys corresponding to the public keys. The R value, if generated, is not made available to the key recovery agents, but is ascertained using standard cryptanalytic techniques in order to provide a nontrivial work factor for law enforcement agents. The receiver checks the session header of a received message to ensure that the sender has included valid recovery information. Only when the receiver has verified that the sender has included valid recovery information does the receiver decrypt the received message.
	Bellala (US PGPUB. # US 2018/0205707) discloses, a method comprising: dividing, by a computing device at a first party among a plurality of parties, local data into a plurality of data segments; recursively encrypting, by the computing device, each data segment using a plurality of public keys corresponding to the plurality of parties and a mediator; sharing, by the computing device, the local data comprising the 
D'Souza (US PGPUB. # US 2013/0212393) discloses, a method for securing a secret are disclosed. One method includes receiving a secret from the user and generating encrypted shares based on the secret, a policy, and a plurality of public keys. The encrypted shares are provided to a custodian, wherein the custodian verifies that the encrypted shares can be used to reconstitute the secret upon receiving the encrypted shares.
Vakili et al. (US PGPUB. # US 2019/0342080) discloses, methods for hybrid secret sharing are disclosed. In accordance with embodiments, a computing device may encrypt the secret message using a first encryption key to generate an encrypted secret message. The computing device may also split a second encryption key into a plurality of key shares in accordance with a threshold number. The threshold number is less than or equal to the number of the plurality of key shares. Then, the computing device may transmit a plurality of messages. Each message of the plurality of messages comprises the encrypted secret message and one of the plurality of key shares.
Jager et al. (US PGPUB. # US 2021/0105136) discloses, a method for enabling a secure data exchange between a number of nodes of a network of nodes, wherein 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DARSHAN I DHRUV whose telephone number is (571)272-4316.  The examiner can normally be reached on M-F 9:00 AM-5:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 571-272-8878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-





/DARSHAN I DHRUV/          Primary Examiner, Art Unit 2498