Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claim(s) 1-5, 8-15, & 18-20 is/are rejected under 35 U.S.C. 102(a)(2) as being antedated by United States Patent Application Publication No.: US 2016/0191241 A1 (Allen).

As Per Claim 1: Allen teaches: A computing system that that includes a mechanism for deauthorizing a private key associated with a decentralized identity, the computing system comprising: one or more processors; and one or more computer-readable media having thereon computer-executable instructions that are structured such that, when executed by the one or more processors, cause the computing system to perform a method for deauthorizing a private key associated with a decentralized identifier, the method comprising:
	(Allen, Paragraph [0018], “Techniques described and suggested herein include methods, systems and processes for managing cryptographic resources on systems and the executable code operating thereon. In particular, techniques are disclosed for utilizing processor capabilities to distribute, manage and revoke cryptographic resources for operational elements of computer systems, including, but not limited to, servers, host machines, hypervisors, operating systems, guest virtual machines, applications, 


- authenticating a user of the computing system as a decentralized identifier; 
	(Allen, Paragraph [0034], “An example of how key metadata may be used in association with keys, key events and signing keys is an embodiment with a cryptographic key "key 1" with metadata that may contain a second cryptographic key "key 2." A cryptographic key server may then have an authenticated way to link key 2 to key 1. A revocation message for key 1 may arrive at the entry point server signed by key 1, in an embodiment described herein where a key may serve as its own signing key for key revocation events. However, if the signing portion of key 1 has been lost, then it may not be possible to use key 1 as its own signing key for key revocation events. In such a situation, key 2 may be used as a signing key for the revocation of key 1 and, because key 2 is in the metadata of key 1 and the revocation server can link key 2 to key 1, thereby allowing key 2 as a signing key for the key revocation event.”).

- while the user remains authenticated into the computing system, detecting that the user has provided user input to the computing system;
- determining that the private key associated with the decentralized identity is to be revoked based on the detected user input; and
	(Allen, Paragraph [0022], “Revocation of cryptographic keys may be managed by a variety of techniques including, but not limited to, revocation lists, webs of trust, privilege of revocation, denial of service, point of failure certificates and/or other such techniques. A revocation list (or certificate revocation list) for example, is a list of identifiers for cryptographic key certificates that have been revoked and thus, are no longer useable or trustworthy. In public key cryptography systems, a certificate is a link between a public key and an identity of the owner of that key. A web of trust is similar to a revocation list in that it may help a key subscriber determine whether a public key has been revoked and who owns the key, but rather than maintaining certificates and lists of certificates, the trust model is maintained in a decentralized model. A user, through their cryptographic key, may be a member of a plurality of webs of trust. As may be contemplated, these examples of revocation management techniques are merely illustrative examples and other methods of revocation management techniques may be considered as within the scope of the present disclosure.”).
	(Allen, Paragraph [0033], “Also at some point after connecting the subscribers to the key insertion points, the first revocation server may receive one or more revocation events for the cryptographic key. The first revocation server may seek to confirm the revocation event by at least querying one or more services to validate the revocation event for the key in order to mitigate the possibility of false revocation events. The first revocation server may confirm the revocation event by consulting one or more revocation servers closely and/or directly connected with the key owner. The first revocation server may also traverse up the directed graph of revocation servers until reaching one or more revocation servers that are closely and/or directly connected to the service that issued the key revocation event. The first revocation server 

- in response to determining that the private key is to be revoked, deauthorizing the private key so that the private key cannot be used to perform actions for the decentralized identity at least until the private key is restored.
	(Allen, Paragraph [0021], “Public keys may be issued by key publishers and public keys may also be revoked and/or suspended. When a public key is revoked, it may become permanently unavailable for use to public key subscribers. A public key may be revoked because the key owner is no longer part of the system, or because the key owner is no longer trusted, or because the key was only temporary, or because the corresponding private key was compromised, or because of a security breach of a system that possibly enabled unauthorized access to the private key or for a variety of other such reasons. Public keys may be suspended (temporarily revoked) for similar reasons. For example a system may detect that a certain cryptographic key is being used in an unusual, suspect and/or potentially dangerous manner. The system may suspend the public key while further investigations are made to determine if the cryptographic key 
	(Allen, Paragraph [0037], “In some embodiments the first revocation server may make a temporary revocation that may serve to, for example, suspend a key. For example, a key owner may wish to temporarily revoke a public key while investigating whether the key has been compromised. The revocation server may permit the key owner to later republish the key to restore its use. The determination of whether the revocation is temporary or permanent may be based on the revocation event. In some embodiments, the revocation servers may use tombstone records to implement temporary revocations. When a key is temporarily revoked, the presence of the tombstone record will allow a revocation server to provide an authoritative determination of key revocations for the temporarily revoked key and may, in some embodiments, include an indication that the revocation is temporary. If a temporarily revoked key is later restored, a key revocation server may use data stored in the tombstone to restore the revoked key, so that a new key does not need to be created. Temporarily revoked keys may be made permanent if it is discovered, for example, that the key has been compromised.”).

As Per Claim 2: The rejection of claim 1 is incorporated and further Allen teaches: 
- the authenticating of the user at the computing system being performed using a derived key that is derived from the private key.

	(Allen, Paragraph [0034], “An example of how key metadata may be used in association with keys, key events and signing keys is an embodiment with a cryptographic key "key 1" with metadata that may contain a second cryptographic key "key 2." A cryptographic key server may then have an authenticated way to link key 2 to key 1. A revocation message for key 1 may arrive at the entry point server signed by key 1, in an embodiment described herein where a key may serve as its own signing key for key revocation 

As Per Claim 3: The rejection of claim 2 is incorporated and further Allen teaches: 
- the derived key being a device-specific key that is specific to the computing system.
	(Allen, Paragraph [0033], “Also at some point after connecting the subscribers to the key insertion points, the first revocation server may receive one or more revocation events for the cryptographic key. The first revocation server may seek to confirm the revocation event by at least querying one or more services to validate the revocation event for the key in order to mitigate the possibility of false revocation events. The first revocation server may confirm the revocation event by consulting one or more revocation servers closely and/or directly connected with the key owner. The first revocation server may also traverse up the directed graph of revocation servers until reaching one or more revocation servers that are closely and/or directly connected to the service that issued the key revocation event. The first revocation server may consult the one or more closely and/or directly connected revocation servers to determine whether more than a threshold number of directly connected revocation servers received and/or agrees with the revocation. The criteria of a plurality or threshold number may be specified by the key metadata, or by the system or by some other such method. The first revocation server may confirm the revocation event by validating a signature for the event notice. The first revocation server may validate that the signing key is one of a plurality of approved signing keys specified by the key metadata. For example, the public key may act as its own signing key for revocation. In some embodiments, the key metadata may specify additional signing keys in order to support revocation of a public key for which the private key has been lost. As may be contemplated, these methods of verifying a key revocation event are merely illustrative 
	(Allen, Paragraph [0034], “An example of how key metadata may be used in association with keys, key events and signing keys is an embodiment with a cryptographic key "key 1" with metadata that may contain a second cryptographic key "key 2." A cryptographic key server may then have an authenticated way to link key 2 to key 1. A revocation message for key 1 may arrive at the entry point server signed by key 1, in an embodiment described herein where a key may serve as its own signing key for key revocation events. However, if the signing portion of key 1 has been lost, then it may not be possible to use key 1 as its own signing key for key revocation events. In such a situation, key 2 may be used as a signing key for the revocation of key 1 and, because key 2 is in the metadata of key 1 and the revocation server can link key 2 to key 1, thereby allowing key 2 as a signing key for the key revocation event.”).

As Per Claim 4: The rejection of claim 2 is incorporated and further Allen teaches: 
- the derived key being a public key corresponding to the private key.
	(Allen, Paragraph [0033], “Also at some point after connecting the subscribers to the key insertion points, the first revocation server may receive one or more revocation events for the cryptographic key. The first revocation server may seek to confirm the revocation event by at least querying one or more services to validate the revocation event for the key in order to mitigate the possibility of false revocation events. The first revocation server may confirm the revocation event by consulting one or more revocation servers closely and/or directly connected with the key owner. The first revocation server may also traverse up the directed graph of revocation servers until reaching one or more revocation servers that are closely and/or directly connected to the service that issued the key revocation event. The first revocation server may consult the one or more closely and/or directly connected revocation servers to determine whether more than a threshold number of directly connected revocation servers received and/or agrees with the 

As Per Claim 5: The rejection of claim 1 is incorporated and further Allen teaches: 
- the detected user input comprising the user inputting an input story.
	(Allen, Paragraph [0033], “Also at some point after connecting the subscribers to the key insertion points, the first revocation server may receive one or more revocation events for the cryptographic key. The first revocation server may seek to confirm the revocation event by at least querying one or more services to validate the revocation event for the key in order to mitigate the possibility of false revocation events. The first revocation server may confirm the revocation event by consulting one or more revocation servers closely and/or directly connected with the key owner. The first revocation server may also traverse up the directed graph of revocation servers until reaching one or more revocation servers that are closely and/or directly connected to the service that issued the key revocation event. The first revocation server may consult the one or more closely and/or directly connected revocation servers to determine whether more than a threshold number of directly connected revocation servers received and/or agrees with the revocation. The criteria of a plurality or threshold number may be specified by the key metadata, or by the system or by some other such method. The first revocation server may confirm the revocation event 

As Per Claim 8: The rejection of claim 1 is incorporated and further Allen teaches: 
- restoring the private key so that the private key can again be used to perform actions for the decentralized identity.
	(Allen, Paragraph [0021], “Public keys may be issued by key publishers and public keys may also be revoked and/or suspended. When a public key is revoked, it may become permanently unavailable for use to public key subscribers. A public key may be revoked because the key owner is no longer part of the system, or because the key owner is no longer trusted, or because the key was only temporary, or because the corresponding private key was compromised, or because of a security breach of a system that possibly enabled unauthorized access to the private key or for a variety of other such reasons. Public keys may be suspended (temporarily revoked) for similar reasons. For example a system may detect that a certain cryptographic key is being used in an unusual, suspect and/or potentially dangerous manner. The system may suspend the public key while further investigations are made to determine if the cryptographic key has become compromised. If the investigations reveal that the public and/or the corresponding private key is still secure, it can be restored but if the investigations reveal that the cryptographic key has become compromised, the public key can be permanently revoked. Key revocation is an important component of cryptographic key management systems because it is undesirable to maintain suspect and/or 

As Per Claim 9: The rejection of claim 1 is incorporated and further Allen teaches: 
- the computing system being a portable device.
	(Allen, Paragraph [0039], “The computer system entity may connect to one or more cryptographic key servers 108 (referred to herein simply as "servers", "key servers", "cryptographic key servers", "revocation servers" and/or other such terms) via one or more networks 106 and/or entities associated therewith, such as servers connected to the network, either directly or indirectly. The computer system client device 104 that may request access to the host computer system may include any device that is capable of connecting with a computer system via a network, including at least servers, laptops, mobile devices such as smartphones or tablets, other smart devices such as smart watches, smart televisions, set-top boxes, video game consoles and other such network enabled smart devices, distributed computing systems and components thereof, abstracted components such as guest computer systems or virtual machines and/or other types of computing devices and/or components. The network may include, for example, a local network, an internal network, a public network such as the Internet, a wide-area network, a wireless network, a mobile network, a satellite network, a distributed computing system with a plurality of network nodes and/or the like. The network may also operate in accordance with various protocols, such as those listed below, Bluetooth, WiFi, cellular network protocols, satellite network protocols and/or others.”).

As Per Claim 10: The rejection of claim 1 is incorporated and further Allen teaches: 
- the computing system being a handheld device.


As Per Claims 11-15 & 18-19: Claims 11-15 & 18-19 are substantially a restatement of the system of claims 1-5 & 8-9 as a method, and are rejected under substantially the same reasoning.

As Per Claim 20: Claim 20 is substantially a restatement of the system of claim 1 as a computer program product, and is rejected under substantially the same reasoning.

Claim Rejections - 35 USC § 103

A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 6-7 & 16-17 is/are rejected under 35 U.S.C. 103 as being unpatentable over United States Patent Application Publication No.: US 2016/0191241 A1 (Allen) in view of United States Patent No.: US 7,610,491 B1 (Tsao).

As Per Claim 6: The rejection of claim 5 is incorporated and further Allen does not explicitly teach the following limitation however Tsao in analogous art does teach the following limitation:
- the input story comprising a plurality of random words and a plurality of filler words.
	(Tsao, Column 4, Lines 45-51, “Next, the system generates an account recovery key (block 304). In some embodiments, generation of an account recovery key starts with the generation of a random number by a random number generator (also sometimes referred to as a pseudorandom number generator). The random number is then mapped into multiple subkeys, one component for each word that is to be used for the account recovery key.”).
	(Tsao, Column 5, Lines 9-15, “Further, in some embodiments, multiple random numbers may be generated, one for each subkey. In these embodiments, segmenting a single random number is not used, rather the account recovery key comprises each of the randomly generated subkeys. Each of these subkeys may then be used as an index into a word list or multiple word lists as described above.”).
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Tsao into the method of Allen as an interchangeable 

As Per Claim 7: The rejection of claim 6 is incorporated and further Examiner is giving Official Notice that:
- the number of random words generated being based on an entropy level indicated by the user.
	Would be obvious to one of ordinary skill in the art before the effective filing date of the claimed invention based on the combination of Tsao and Allen. Similar in nature to password strength where a user may set a password between the minimum required length and the maximum accepted length. 

As Per Claims 16-17: The rejection of claim 15 is incorporated and further claims 16-17 are substantially a restatement of the system of claims 6-7 as a method and are rejected under substantially the same reasoning.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BENJAMIN A KAPLAN whose telephone number is (571)270-3170. The examiner can normally be reached 9:00 a.m. - 5:00 p.m.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571)272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.






/BENJAMIN A KAPLAN/Examiner, Art Unit 2434