Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .	
Restriction Requirement and Election.
	In response to Restriction Requirement mailed on 07/13/2021, Applicant has chosen Group I consisting of claims 1-10 and has withdrawn Group II consisting of claims 11-16 (please see the Applicant response/Remarks filed on 08/27/2021 for details). Examiner. hence. Examined claims 1-10.
Claim Objection
	Claims 1-3 & 6, & 8-10 recite abbreviation  CERT_TBS but does not provide full name. Applicant is requested to provide full name along with abbreviation.
Claims 7 & 10 recite abbreviation ACCUM_HANDSHAKE_MSGS  but does not provide full name. The Applicant is requested to provide full name along with abbreviation.
Claims 1-3 & 6, 8-10 recite CERT_TBS but the disclosure does not describe how it is generated but only states that it is based on “wherein the CERT_TBS is generated in the issuing device based on contents associated with a certificate issuance and the public key of the client device” but does not disclose how these two parameters are used to generate CET_TBS although it states that it is function of two parameters but does not disclose how this function works (algorithm) to generate CERT-TBS . Examiner assumes  for the purpose of Examination  that CERT_TBS is combination of device ID and public key.
Claim 6 is objected as it recites “transmitting the certificate to a server to communicate with, wherein the certificate is verified using a private key of the CA 
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Claims  1-5, & 8-10 are rejected under 35 USC 103 as being unpatentable over Schrijen (NPL, “Physical Unclonable Functions to the Rescue”, as mentioned in IDS dated 6/11/2020) in view of Satpathy (US 20200104101) 
Regarding claim 1, Schrijen teaches a communication method of a client device, the method comprising: generating a public key and a private key of the client device using a physical unclonable function (PUF) value in a PUF chip included in the client device; [page 7, left column,  2) setup phase : As part of this enrollment step, the Fuzzy Extractor reads out the SRAM PUF values (step 3) and generates Helperdata (step 4), which is stored in non-volatile memory. The device-unique cryptographic key K is output by the Fuzzy Extractor and used with a Key Derivation Function in the TLS crypto library to derive an asymmetric elliptic curve device key pair do/Qo. The private key of this key pair is never stored in any non-volatile memory and reconstructed on the fly only when needed. The public device key Qo is sent via the contract manufacturer PC or Automated Test Equipment to the Certificate Authority service (step 6).]
transmitting the public key of the client device to an issuing device; [page 7, left column,  2) setup phase : As part of this enrollment …. The private key of this key pair is never stored in any non-volatile memory and reconstructed on the fly only when needed. The public device key Qo is sent via the contract manufacturer PC or Automated Test Equipment to the Certificate Authority service (step 6).]
wherein the certificate is generated in the issuing device based on CERT_TBS generated in the issuing device and SIGNATURE_BY_CA generated in a certification authority (CA) device. [page 7, right column, 1st paragraph: The CA generates a device certificate, which includes the device public key Qo as well as a signature created with the CA private key dcA. Optionally the certificate may include other chip or device IDs. The device certificate, denoted as $[dcA](Qo), is stored in non-volatile memory on the device (step 7). After this step the device has an "identity" in the form of a public-key certificate. It is obvious to a skilled person that though cited or issuing device and CA device may also be combined into one device n called CA device.]
Although, Schrijen teaches certificate generation, he does not teach explicitly, however, Satpathy teaches receiving a certificate from the issuing device,  [para 0041]: In some embodiments ….public key 122.  A Verification Authority 116 is to verify the identity of entities requesting their digital certificates, provided by the Certificate authority 114. ]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Schrijen with the disclosure of Satpathy. The motivation or suggestion would have been to implement a system that will provide efficient techniques for preventing attack on PUF circuits. (para  0029 & 0035,  Satpathy)  
Regarding claim 2, Schrijen teaches wherein the CERT TBS is generated in the issuing device based on contents associated with a certificate issuance and the public key of the client device.  [page 7, right column, 1st paragraph: The CA generates a device certificate, which includes the device public key Qo as well as a signature created with the CA private key dcA. Optionally the certificate may include other chip or device IDs. The device certificate, denoted as $[dcA](Qo), is stored in non-volatile memory on the device (step 7). Above narration teaches generation of CET-TBS as Examiner assumes that CERT_TBS is a combination of public key and device ID as stated above in “Claim Objection” section. It is obvious to a skilled person that though cited reference teaches generation of certificate in the CA device, the same certificate may also be generated in the separate device (issuing device)  or issuing device and CA device may also be combined into one device n called CA device
Regarding claim 3, Schrijen teaches wherein the SIGNATURE_BY_CA is a result value obtained by signing for the CERT_TBS using a private key of the CA device.  [page 7, right column, 1st paragraph: The CA generates a device certificate, which includes the device public key Qo as well as a signature created with the CA private key dcA. Optionally the certificate may include other chip or device IDs. The device certificate, denoted as $[dcA](Qo), is stored in non-volatile memory on the device (step 7).
Regarding claim 4, Schrijen teaches storing the certificate in the PUF chip.  [The CA generates a device certificate, which includes the device public key Qo as well as a signature created with the CA private key dcA. Optionally the certificate may include other chip or device IDs. The device certificate,
denoted as $[dcA](Qo), is stored in non-volatile memory on the device (step 7). After this step the device has an "identity" in the form of a public-key certificate. Please Figure 6, element (7) & (12). It is obvious that the IoT device consists of SRAM (please see elements 3 & 8) PUF- please see the Title of Fig 6.]
Regarding claim 5, Schrijen teaches wherein the private key is not transmitted external to the PUF chip.  [ To securely authenticate a device that is connecting to a cloud service or for unmanned machine-to-machine  connectivity, every single device must provide a strong cryptographic identity. Such identity typically consists of an asymmetric key pair, composed of a public key and a private key. The private key must be kept secret in the device (that has PUF- please see Fig 6) and  ideally should never leave the device security boundary.
Regarding claim 8,   communication method of an issuing device, the method comprising: receiving, from a client device including a physical unclonable function (PUF) chip, a public key of the client device generated using a PUF value; [page 7, left column,  2) setup phase : As part of this enrollment step, the Fuzzy Extractor reads out the SRAM PUF values (step 3) and generates Helperdata (step 4), which is stored in non-volatile memory. The device-unique cryptographic key K is output by the Fuzzy Extractor and used with a Key Derivation Function in the TLS crypto library to derive an asymmetric elliptic curve device key pair do/Qo. The private key of this key pair is never stored in any non-volatile memory and reconstructed on the fly only when needed. The public device key Qo is sent via the contract manufacturer PC or Automated Test Equipment to the Certificate Authority service (step 6).]
generating CERT_TBS based on contents associated with a certificate issuance and the public key of the client device; ; [page 7, right column, 1st paragraph: The CA generates a device certificate, which includes the device public key Qo as well as a signature created with the CA private key dcA. Optionally the certificate may include other chip or device IDs.
transmitting the CERT_TBS to a certification authority (CA) device; . [page 7, right column, 1st paragraph: The CA generates a device certificate, which includes the device public key Qo as well as a signature created with the CA private key dcA. Optionally the certificate may include other chip or device IDs.
generating a certificate based on the CERTTBS and SIGNATUREBYCA received from the CA device; [page 7, right column, 1st paragraph: The CA generates a device certificate, which includes the device public key Qo as well as a signature created with the CA private key dcA. Optionally the certificate may include other chip or device IDs. The device certificate, denoted as $[dcA](Qo), is stored in non-volatile memory on the device (step 7). After this step the device has an "identity" in the form of a public-key certificate. It is obvious to skilled person that though cited reference reaches generation of certificate in the CA device, the same certificate may also be generated in the separate device (issuing device)  or issuing device and Ca device may also be combined into one device.]
Although, Schrijen teaches certificate generation, he does not teach explicitly, however, Satpathy teaches transmitting the certificate to the client device.  [para 0041]: In some embodiments ….public key 122.  A Verification Authority 116 is to verify the identity of entities requesting their digital certificates, provided by the Certificate authority 114. ]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Schrijen with the disclosure of Satpathy. The motivation or suggestion would have been to implement a system that will provide efficient techniques for preventing attack on PUF circuits. (para  0029 & 0035,  Satpathy)  
Regarding claim 9, Schrijen teaches:
 a communication method of a server, the method comprising: receiving a certificate from a client device to communicate with; [page 8, ;eft column, 1st paragraph: The connectivity library contacts the Internet service via the URL that is fixed in the OEM software image (step 11). A TLS connection is then set up where the server is authenticated toward the device based on the public key Qs that is stored in the OEM SW image (fetched via step 11). The Device Certificate (obtained via step 12) is used to authenticate the client IoT device toward the OEM IoT cloud service.] 
acquiring CERTTBS for the client device and a public key of a certification authority (CA) device by parsing the certificate; [page 8, ;eft column, 1st paragraph: The connectivity library contacts the Internet service via the URL that is fixed in the OEM software image (step 11). A TLS connection is then set up where the server is authenticated toward the device based on the public key Qs that is stored in the OEM SW image (fetched via step 11). The Device Certificate (obtained via step 12) is used to authenticate the client IoT device toward the OEM IoT cloud service.] 
verifying the certificate using the CERT_TBS and the public key of the CA device.  [page 8, ;eft column, 1st paragraph: The connectivity library contacts the Internet service via the URL that is fixed in the OEM software image (step 11). A TLS connection is then set up where the server is authenticated toward the device based on the public key Qs that is stored in the OEM SW image (fetched via step 11). The Device Certificate (obtained via step 12) is used to authenticate the client IoT device toward the OEM IoT cloud service. It is obvious to a skilled person that as authentication is done using device certificate – this certificate will have device Id and the public key of the device  ] 

Claims 6-7 & 10 are rejected under 35 USC 103 as being unpatentable over Schrijen in view of Satpathy and Barr (US 20140196108 )
Regarding claim 6, although Schrijen and Satpathy teaches transmitting the certificate to a server to communicate with, they do not teach explicitly, however, Barr teaches wherein the certificate is verified using a private key of the CA device and the CERTTBS acquired from the certificate in the server.  [0049] FIG. 9 is a flowchart of a method of operating the network message interceptor 200 for optionally enforcing an authentication policy in accordance with a preferred embodiment of the present invention. At step 902 the interceptor 200 intercepts the " Server Certificate" (or "Client Certificate") handshake message. At step 904 the interceptor 200 extracts a certificate from the handshake message. At step 906 the certificate validator 504 checks if the certificate is current with reference to the current date and/or time 800. At step 908 the certificate validator 504 checks if the certificate is revoked with reference to CRL 804, OCSP server 806 or certificate authority 802. At step 910 the certificate validator 504 checks if the certificate authority 802 for the certificate is trusted. The interceptor 200 or certificate validator 504 keeps a list or reference to a list of trusted certificate authorities for this purpose. At step 912 the certificate validator 504 checks if the signature of the certifying authority in the certificate is valid. Validation of the signature can be achieved by decrypting the signature as a message digest using a public key associated with the certificate authority 802, and verifying the message digest. At step 914 the certificate validator 504 checks if a distinguished name in the certificate matches a distinguished name held by the certificate authority 802. Negative determinations at steps 906, 910, 912, 914 and a positive determination at step 908 results in the interceptor preventing communications between the first and second endpoints 201, 202 .]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Schrijen and Satpathy with the disclosure of Barr. The motivation or suggestion would have been to implement a system that will provide efficient techniques for device authentication using certificates and relevant security policies.. (abstract, paras  0002-0005, Barr)  
Regarding claims 7 & 10 ,although Schrijen and Satpathy teaches performing signing based on the private key, they do not teach expclitly, however, Barr teaches   performing signing based on the private key of the client device for ACCUM_HANDSHAKE_MSGS generated by collecting a cumulative handshake message; and transmitting a result of the signing to a server to communicate with, wherein the result of the signing is verified based on a public key of the client device parsed from the certificate and the ACCUM_HANDSHAKE MSGS generated by collecting the cumulative handshake message in the server.  [0054] If the second endpoint 202 is able to authenticate the client certificate, the server will authenticate the client and respond with a " Certificate Verify" message, which is transmitted from the second endpoint 202 to the first endpoint 201. A crucial part of the client authentication is inspection of the Certificate Verify message (Section 7.4.8 of the TLS 1.2 RFC). This is only sent from the client to the server and only when the client presents a certificate as part of the TLS handshake. This message is made up of a concatenation of all messages in the handshake so far, from the ClientHello up to but not including the Certificate Verify message, and is signed with the client's private key.]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Schrijen and Satpathy with the disclosure of Barr. The motivation or suggestion would have been to implement a system that will provide efficient techniques for device authentication using certificates and relevant security policies.. (abstract, paras  0002-0005, Barr)  
	Closes art cited in pto-892 but not used in this office action are as follows:
 1.Kirkparick (US20130254636) discloses a system and method for performing cryptographic functions in hardware using read-N keys comprising a cryptographic core, seed register, physically unclonable function (PUF), an error-correction core, a decryption register, and an encryption register. The PUF configured to receive a seed value as an input to generate a key as an output. The error-correction core configured to transmit the key to the cryptographic core. The encryption register and decryption register configured to receive the seed value and the output. The system, a PUF ROK, configured to generate keys that are used N times to perform cryptographic functions. 
2. Koebert (US 20140189890 ) teaches At least one machine accessible medium having instructions stored thereon for authenticating a hardware device is provided. When executed by a processor, the instructions cause the processor to receive two or more device keys from a physically unclonable function (PUF) on the hardware device, generate a device identifier from the two or more device keys, obtain a device certificate from the hardware device, perform a verification of the device identifier, and provide a result of the device identifier verification. In a more specific embodiment, the instructions cause the processor to perform a verification of a digital signature in the device certificate and to provide a result of the digital signature verification. The hardware device may be rejected if at least one of the device identifier verification and the digital signature verification fails. 
3. Tremlet (US20170005811) presents  systems, devices, and methods for reliably authenticating asymmetric cryptography-based ICs based on Physically Unclonable Functions ( PUFs) that are immune to reverse engineering. Various embodiments of the invention enhance the level of security in IC architectures without the need to connect to a remote certification authority, thereby, eliminating shortfalls associated with online authentication. Certain embodiments accomplish this by using a PUF-generated secure private key that need never be output by or exported from the PUF. 
4. Kim (US 20160065378) discloses an apparatus for generating a hardware-based OTP which is impossible to duplicate. The apparatus for generating the OTP can comprise a PUF for generating a unique PIN. In addition, provided is a method which is used for 2-Factor authentication with the apparatus for generating the OTP and existing secure elements. 

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHER KHAN whose telephone number is (571)272-8574.  The examiner can normally be reached on Monday-Friday-8:00am - 5:00pm (EST).If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on 571-272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SHER A KHAN/Primary Examiner, Art Unit 2497