DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 10/14/2020 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in an email by Arthur J. Bobel (Reg. 69,031) on 10/28/2021.
The application has been amended as follows (on top of the latest amendments submitted by Applicant on 09/16/2020):

Listing of Claims:
(Currently Amended): A system for generating an escrow session key SK1 and a private session key SK2 for encoding digital communications, the system comprising:
a secure server;
a device i; and
another device j;
wherein the secure server is configured to generate a master secret key (MSK) and global system parameters (GSP) for an Identity Based Cryptography (IBC) scheme, wherein the MSK and GSP are utilized together with an identity of a requesting device to generate an IBC private key IBC-K for the requesting device;
wherein the device i is configured to:
encrypt a first element ga with an identity IDj associated with the another device j using an Identity Based Encryption (IBE) scheme associated with the IBC scheme to generate an encrypted first element ga, wherein “g” is a generator of a cyclic multiplicative group G and “a” is a random number generated by the device i; and
communicate, to the another device j, a communication comprising the encrypted first element ga, an identity IDi associated with the device i, and a session key request; 
wherein upon receiving the communication from the device i, the another device j is configured to:
use the IBE scheme to decrypt the encrypted first element ga with an IBC private key IBC-Kj, wherein the IBC private key IBC-Kj is requested and obtained by the another device j from the secure server; and
generate a second element gb, wherein “g” is the generator of the cyclic multiplicative group G and “b” is a random number generated by the another device j; 
compute the escrow session key SK1 using the first element ga;
compute the private session key SK2 using the first element ga and the random number b; and
communicate the second element gb and the identity IDj associated with the another device j to the device i;
wherein the device i is further configured to:
1 using the first element; [[and]] 
compute the private session key SK2 using the second element gb and the random number a;
compute a first combined key SK11 by obtaining a coproduct of the escrow session key SK1 and the private session key SK2;
generate a key confirmation value using the first combined key SK11; and
communicate the key confirmation value to the another device j; and
wherein upon receiving the key confirmation value from the device i, the another device j is configured to:
compute a second combined key SK22 by obtaining a coproduct of the escrow session key SK1 and the private session key SK2; 
verify the key confirmation value using the second combined key SK22; and 
validate the escrow session key SK1 and the private session key SK2  in response to the key confirmation value being is verified.

(Cancelled) 

(Previously Presented): The system according to claim 1, wherein the another device j being configured to communicate the second element gb and the identity IDj associated with the another device j to the device i comprises: 
using the IBE scheme to encrypt the second element gb with an identity IDi associated with the device i to generate an encrypted second element gb; and
communicating the encrypted second element gb and the identity IDj associated with the another device j to the device i;
b and the identity IDj associated with the another device j from the another device j, the device i is configured to:
use the IBE scheme to decrypt the encrypted second element gb with an IBC private key IBC-Ki, wherein the IBC private key IBC-Ki is requested and obtained by the device i from the secure server. 

(Currently Amended): The system according to claim [[3]] 1, 
wherein computing the escrow session key SK1 by the another device j comprises: using the first element ga and the second element gb to generate the escrow session key SK1; and 
wherein computing the escrow session key SK1 by the device i comprises: using the first element ga and the second element gb to generate the escrow session key SK1.

(Previously Presented): The system according to claim 1, wherein the another device j communicating the second element gb and the identity IDj associated with the another device j to the device i comprises: 
using a Public Key Infrastructure (PKI) scheme to encrypt the second element gb with a PKI Public Key PBKi associated with the device i to generate an encrypted second element gb; and 
communicating the encrypted second element gb and the identity IDj associated with the another device j to the device i;
wherein upon receiving the encrypted second element gb and the identity IDj associated with the another device j, the device i is configured to:
use the PKI scheme to decrypt the encrypted second element gb with a PKI Private Key PRKi associated with the device i.

(Previously Presented): The system according to claim 1, wherein communicating by the device i the encrypted first element ga, the identity IDi associated with the device i, and the session key request to the another device j comprises: 
signing the encrypted first element ga using an IBC private signing key IBC-Ki associated with the device i to generate a signed encrypted first element ga; and 
transmitting the signed encrypted first element ga to the another device j;
wherein upon receiving the the signed encrypted first element ga, the another device j is configured to:
verify the signed encrypted first element ga using the identity IDi associated with the device i and a verification function associated with the IBC scheme, wherein the first element ga is decrypted in response to the signed encrypted first element ga being verified.

(Currently Amended): A device i for generating an escrow session key SK1 and a private session key SK2 for encoding digital communications between the device i and another device j, comprising:
a processor; and 
a non-transitory media readable by the processor, the non-transitory media storing instructions that when executed by the processor, cause the processor to:
use an Identity Based Encryption (IBE) scheme associated with an Identity Based Cryptography (IBC) scheme to encrypt a first element ga with an identity IDj associated with the another device j to generate an encrypted first element ga, wherein “g” is a generator of a cyclic multiplicative group G and “a” is a random number generated by the device i, wherein the IBC scheme comprises a master secret key (MSK) and global system parameters (GSP), and wherein the MSK and GSP are utilized together with an identity of a requesting device to generate an IBC private key IBC-K for the requesting device;
j, the encrypted first element ga, an identity IDi associated with the device i, and a session key request; 
receive, from the another device j,  a second element gb and the identity IDj associated with the another device j;
compute the escrow session key SK1 using the first element ga; [[and]]
compute the private session key SK2 using the second element gb and the random number a, wherein “g” is the generator of the cyclic multiplicative group G and “b” is a random number generated by the another device j;
compute a first combined key SK11 by obtaining a coproduct of the escrow session key SK1 and the private session key SK2;
generate a key confirmation value using the first combined key SK11, wherein the key confirmation value is communicated to the another device j; and
validate the key confirmation value in response to a key confirmation validation value associated with the another device j being received. 

(Cancelled)

(Previously Presented):	The device according to claim 7, wherein the second element gb is encrypted using the IBE scheme and the identity IDi associated with the device i to generate an encrypted second element gb, wherein the device i uses the IBE scheme to decrypt the encrypted second element gb with an IBC private key IBC-Ki, wherein the IBC private key IBC-Ki is requested and generated in accordance with the IBC scheme.

(Currently Amended): 	The device according to claim [[9]] 7, wherein computing the escrow session key SK1 by the device i comprises the device i being configured to use the first element ga and the second element gb to generate the escrow session key SK1.

(Previously Presented):	The device according to claim 7, wherein the second element gb is encrypted using a Public Key Infrastructure (PKI) scheme with a PKI Public Key PBKi associated with the device i to generate an encrypted second element gb, wherein the device i uses the PKI scheme to decrypt the encrypted second element gb with the PKI Private Key PRKi associated with the device i.

(Previously Presented):	The device according to claim 7, wherein communicating the encrypted first element ga, the identity IDi associated with the device i, and the session key request to the another device j comprises:
signing the encrypted first element ga using an IBC private signing key IBC-Ki associated with the device i to generate a signed encrypted first element ga; and 
transmitting the signed encrypted first element ga to the another device j.

(Currently Amended): A method for generating an escrow session key SK1 and a private session key SK2 for encoding digital communications between a device i and another device j, comprising:
encrypting, by the device i, a first element ga with an identity IDj associated with the another device j using an Identity Based Encryption (IBE) scheme associated with an Identity Based Cryptography (IBC) scheme to generate an encrypted first element ga, wherein “g” is a generator of a cyclic multiplicative group G and “a” is a random number generated by the device i, wherein the IBC scheme comprises a master secret key (MSK) and global system parameters (GSP), and wherein the MSK and 
communicating, by the device i to the another device j, the encrypted first element ga, an identity IDi associated with the device i, and a session key request; 
receiving, by the device i from the another device j, a second element gb and the identity IDj associated with the another device j; 
computing, by the device i, the escrow session key SK1 using the first element ga;  [[and]] 
computing, by the device i, the private session key SK2 using the second element gb and the random number a;
computing, by the device i, a first combined key SK11 by obtaining a coproduct of the escrow session key SK1 and the private session key SK2;
generating, by the device i, a key confirmation value using the first combined key SK11, wherein the key confirmation value is communicated to the another device j; and
validating, by the device i, the key confirmation value in response to a key confirmation validation value associated with the another device j being received.

(Cancelled)

(Previously Presented): The method according to claim 13, wherein the second element gb is encrypted using the IBE scheme and the identity IDi associated with the device i to generate an encrypted second element gb, wherein the device i uses the IBE scheme to decrypt the encrypted second element gb with an IBC private key IBC-Ki, wherein the IBC private key IBC-Ki is requested and generated in accordance with the IBC scheme.

(Currently Amended): The method according to claim [[15]] 13, wherein computing the escrow session key SK1 by the device i comprises the device i being configured to use the first element ga and the second element gb to generate the escrow session key SK1.

(Previously Presented): The method according to claim 13, wherein the second element gb is encrypted using a Public Key Infrastructure (PKI) scheme with a PKI Public Key PBKi associated with the device i to generate an encrypted second element gb, wherein the device i uses the PKI scheme to decrypt the encrypted second element gb with the PKI Private Key PRKi associated with the device i.

(Previously Presented): The method according to claim 13, wherein communicating the encrypted first element ga, the identity IDi associated with the device i, and the session key request to the another device j comprises:
signing, by the device i, the encrypted first element ga using an IBC private signing key IBC-Ki associated with the device i to generate a signed encrypted first element ga; and 
transmitting, by the device i, the signed encrypted first element ga to the another device j.

Allowable Subject Matter
Claim(s) 1-18 is/are allowed.
Regarding claim 1, the prior art of record (Xiufeng Zhao, Qiuliang Xu and Hao Wang, "Provably secure identity-based key agreement protocols under simple assumption," 2010 IEEE International Conference on Information Theory and Information Security, 2010, pp. 506-509 (hereinafter “Zhao ‘2010” in view of Perlman, US-20110093721-A1 (hereinafter “Perlman ‘721”)) does not disclose compute a first combined key SK11 by obtaining a coproduct of the escrow session key SK1 and the private session key SK2;
generate a key confirmation value using the first combined key SK11; and
communicate the key confirmation value to the another device j; and
wherein upon receiving the key confirmation value from the device i, the another device j is configured to:
compute a second combined key SK22 by obtaining a coproduct of the escrow session key SK1 and the private session key SK2; 
verify the key confirmation value using the second combined key SK22; and 
validate the escrow session key SK1 and the private session key SK2 in response to the key confirmation value being is verified” in the recited context. Rather, Zhao ‘2010 teaches that both a sender side and a receiver side establish shared secrets called session keys to be shared between the two parties by depending upon an escrow session key and a private session key based on an identity-based agreement protocol, but Zhao ‘2010 is silent on a combination of the escrow session key and private session key for validating them. To this, Perlman ‘721 introduces the escrow agent which performs cryptographic operations including encrypting, decrypting, communicating messages (e.g., encrypted with a session key) based on an identity-based encryption system between two parties, but it does not teach the features associated with the combinations of the escrow session key and private session key.
For the reasons described above, the prior art of record does not disclose, with respect to claim(s) 7 and 13, features corresponding to those of claim 1 in the respective context(s).
Dependent claims 3-6, 9-12, and 15-18 are allowed in view of their respective dependence from claims.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SANGSEOK PARK whose telephone number is (571)272-4332. The examiner can normally be reached Monday-Thursday 7:30-5:30 and Alternate Fridays 8:30-5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung Kim can be reached on (571) 272-3804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/SANGSEOK PARK/Examiner, Art Unit 2494                                                                                                                                                                                         
/JUNG W KIM/Supervisory Patent Examiner, Art Unit 2494