Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
                                                   DETAILED ACTION
This is in response to the communication filed on 11/25/2019. Claims 1-20 were pending in the application. Claims 20-28 are newly added and claims 2 and 13-19 are cancelled through examiner’s amendments made in this office action. Claims 1, 3-12 and 20-28 have been allowed.  
      Examiner’s Amendment 
An examiner’s amendment to the record appears below. Should the changes and/ or additions be unacceptable to the applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee. Authorization for this examiner’s amendment was given in a telephone interview with the applicant’s representative Mr.  Anup A. Suresh (Reg. No. 65,338) on September 24, 2021. Claims 1-3, 5-6, 8, 13-28 have been amended as follows: 
Claim 1.	(Currently Amended) A memory sub-system comprising:
a set of memory devices; and
a processing device, operatively coupled to the set of memory devices, configured to perform operations comprising:
receiving, from a host system, a request for an asymmetric public key stored on the memory sub-system; 

receiving, from the host system, encrypted data that comprises a first access key and a current host salt value; 
decrypting, by an asymmetric private key, the encrypted data to obtain the first access key and the current host salt value from the encrypted data, each of the asymmetric private key and the current host salt value used being stored on the memory sub-system;
determining whether the first access key matches a second access key stored on the memory sub-system; 
determining whether the current host salt value matches a current memory sub-system salt value stored on the memory sub-system; [[and]]
in response to determining that the first access key matches the second access key and the current host salt value matches the current memory sub-system salt value, granting the host system access to the set of memory devices; and
after granting the host system access to the set of memory devices:
receiving, from the host system, a second request comprising encrypted request data;
decrypting, by a symmetric key, the encrypted request data to obtain unencrypted request data from the encrypted request data, the symmetric key comprising the current memory sub-system salt value currently stored on the memory sub-system; and
processing the second request based on the unencrypted request data.  

Claim 2.	(Canceled) 

Claim 3.	(Currently Amended) The memory sub-system of claim 1[[2]], wherein the second request is received from the host system according to a non-deterministic memory protocol.

Claim 5.	(Currently Amended) The memory sub-system of claim 1[[2]], wherein the operations further comprise: 
after granting the host system access to the set of memory devices:
generating response data based on the processing of the second request;
encrypting, by the symmetric key, the response data to generate encrypted response data; and
sending, to the host system, a response comprising the encrypted response data. 
Claim 6.	(Currently Amended) The memory sub-system of claim 1[[2]], wherein the memory sub-system uses a particular memory address of the memory 
setting the current memory sub-system salt value to a new salt value by writing the new salt value to the particular memory address, the unencrypted request data specifying the new salt value and the particular memory address.

Claim 8.	(Currently Amended) The memory sub-system of claim 1[[2]], wherein the unencrypted request data comprises at least one of memory command data or memory address data.  

Claims. 13-19.	(Canceled) 

Claim 20.	(Currently Amended) A non-transitory computer-readable storage medium comprising instructions that, when executed by a processing device of a memory sub-system, cause the processing device to perform operations comprising:
receiving, from a host system, a request to read an asymmetric public key from reserved memory space of the memory sub-system;
sending, to the host system, the asymmetric public key in response to the request;
receiving, from the host system, encrypted data that comprises a first access key and a current host salt value; 
host salt value used being stored on the memory sub-system;
determining whether the first access key matches a second access key stored on the memory sub-system; 
determining whether the current host salt value matches a current memory sub-system salt value stored on the memory sub-system; [[and]]
in response to determining that the first access key matches the second access key and the current host salt value matches the current memory sub-system salt value, granting the host system access to a set of memory devices of the memory sub-system; and
after granting the host system access to the set of memory devices:
receiving, from the host system, a second request comprising encrypted request data;
decrypting, by a symmetric key, the encrypted request data to obtain unencrypted request data from the encrypted request data, the symmetric key comprising the current memory sub-system salt value currently stored on the memory sub-system; and
processing the second request based on the unencrypted request data.  
Claim 21.	(New) The non-transitory computer-readable storage medium of claim 20, wherein the second request is received from the host system according to a non-deterministic memory protocol.

Claim 22.	(New) The non-transitory computer-readable storage medium of claim 21, wherein the non-deterministic memory protocol comprises a Non-Volatile Dual In-Line Memory Module-P (NVDIMM-P) memory protocol.

Claim 23.	(New) The non-transitory computer-readable storage medium of claim 20, wherein the operations further comprise: 
after granting the host system access to the set of memory devices:
generating response data based on the processing of the second request;
encrypting, by the symmetric key, the response data to generate encrypted response data; and
sending, to the host system, a response comprising the encrypted response data. 

Claim 24.	(New) The non-transitory computer-readable storage medium of claim 20, wherein the memory sub-system uses a particular memory address of the memory sub-system to store the current memory sub-system salt value, and 
setting the current memory sub-system salt value to a new salt value by writing the new salt value to the particular memory address, the unencrypted request data specifying the new salt value and the particular memory address.

Claim 25.	(New) The non-transitory computer-readable storage medium of claim 24, wherein the particular memory address is associated with a mode register, the mode register being in accordance with a Non-Volatile Dual In-Line Memory Module-P (NVDIMM-P) memory protocol.  

Claim 26.	(New) The non-transitory computer-readable storage medium of claim 20, wherein the request for the asymmetric public key specifies a particular memory address associated with a mode register of the memory sub-system, the mode register being in accordance with a Non-Volatile Dual In-Line Memory Module-P (NVDIMM-P) memory protocol. 

Claim 27.	(New) The non-transitory computer-readable storage medium of claim 20, wherein the second access key is initially stored on the memory sub-system as part of manufacturing the memory sub-system, or wherein the current memory sub-system salt value is initially stored on the memory sub-system as part of manufacturing the memory sub-system.  
Claim 28.	(New)  A method comprising:
receiving, at a memory sub-system, a request from a host system to read an asymmetric public key from reserved memory space of the memory sub-system;
sending, from the memory sub-system to the host system, the asymmetric public key in response to the request;
receiving, at the memory sub-system, encrypted data from the host system that comprises a first access key and a current host salt value; 
decrypting, by an asymmetric private key, the encrypted data at the memory sub-system to obtain the first access key and the current host salt value from the encrypted data, each of the asymmetric private key and the current host salt value used being stored on the memory sub-system;
determining, by the memory sub-system, whether the first access key matches a second access key stored on the memory sub-system; 
determining, by the memory sub-system, whether the current host salt value matches a current memory sub-system salt value stored on the memory sub-system;
in response to determining that the first access key matches the second access key and the current host salt value matches the current memory sub-system salt value, granting the host system access to a set of memory devices of the memory sub-system; and
after granting the host system access to the set of memory devices:
receiving, at the memory sub-system, a second request from the host system comprising encrypted request data;

processing, by the memory sub-system, the second request based on the unencrypted request data.  
                                   Examiner’s Reasons for Allowance
Independent claims 1, 20 and 28 are patentable over the cited prior arts because they do not anticipate nor fairly and reasonably teach independently or in combination a method comprising besides other limitations: decrypting, by an asymmetric private key, the encrypted data to obtain the first access key and the current host salt value from the encrypted data, each of the asymmetric private key and the current host salt value used being stored on the memory sub-system; and in response to determining that the first access key matches the second access key and the current host salt value matches the current memory sub-system salt value, granting the host system access to a set of memory devices of the memory sub-system; and after granting the host system access to the set of memory devices: receiving, from the host system, a second request comprising encrypted request data; decrypting, by a symmetric key, the encrypted request data to obtain unencrypted request data from the encrypted request data, the symmetric key 
             Closet prior art in the record, Allo et al, US 10.460,110 B1 teaches a key management device that may be part of a computer or server system and can have a first secure area protected by a cryptographic module (e.g. hardware integrated circuit). The first secure area can store a key to access  a second secure area, which may function as a local key management server (LKMS) and store access  information to authenticate another data storage device coupled to the computer. For example, the LKMS may store an access key to provide the computer with access to another data storage device (See Abstract) However,  Allo et al fails to teach expressly in response to determining that both the first access key matches the second access key and the current host salt value matches the current memory sub-system salt value, granting the host system access to a set of memory devices of the memory sub-system; and after granting the host system access to the set of memory devices: receiving, from the host system, a second request comprising encrypted request data; decrypting, by a symmetric key, the encrypted request data to obtain unencrypted request data from the encrypted request data, the symmetric key comprising the current memory sub-system salt value currently stored on the memory sub-system; and processing the second request based on the unencrypted request data.  
                Closet prior art in the record, Iyer, US 2009/0046858 A1 teaches Systems and methods of storage device data encryption and data access via a hardware key wherein Iyer  fails to teach expressly in response to determining that both the first access key matches the second access key and the current host salt value matches the current memory sub-system salt value, granting the host system access to a set of memory devices of the memory sub-system; and after granting the host system access to the set of memory devices: receiving, from the host system, a second request comprising encrypted request data; decrypting, by a symmetric key, the encrypted request data to obtain unencrypted request data from the encrypted request data, the symmetric key comprising the current memory sub-system salt value currently stored on the memory sub-system; and processing the second request based on the unencrypted request data.  
                                                        Conclusion
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays should be clearly labeled “Comments on Statement of Reasons for Allowance.”
          Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHANTO ABEDIN whose telephone number is 571-

/SHANTO ABEDIN/Primary Examiner, Art Unit 2494