Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 02/03/2020 and 04/29/2021.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner. 

Drawings
The drawings were received on 02/03/2020.  These drawings are accepted.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 19, 23, 27-29, 32 and 34-36 are rejected under 35 U.S.C. 103 as being unpatentable over Erickson (US 20090199002 A1, IDS listed) in view of Viggiano et al. (US 20070239986 A1 hereinafter “Viggiano”, IDS listed).
Regarding claim 19, (New) Erickson discloses an authentication system comprising (Fig. 2): 
a first device (Fig. 2, 203); and a second device (Fig.2, 201); 
Fig. 1, operations 101-107 [“challenge- response scheme”, since the challenge–response authentication, in the art, is a family of protocols in which one party presents a question and another party must provide a valid answer to be authenticated]; Fig. 2, presenting a shortened hash authentication process; [0035-0036]); 
the first device includes (Fig. 2, 203): 
a first storage that stores first key information for authentication (Fig. 1, operation 103; Fig. 2, [0036] server 203 and Sc [“first storage device and Key information”]; [0132] The transformed data can be saved to storage generally and the manipulation can be performed by a processor); 
a first communication circuit that sends and receives communication data with a payload length L ([0035] FIG. 2 shows a shortened hash authentication [“payload length L”] process; [0030] This embodiment may be utilized when a duplex communication channel [“sends and receives”] exists between the client system and the server system. In such a duplex communication channel, bi-directional communication is possible between the client and server systems [See Fig. 3 Duplex]); and 
a first arithmetic circuit (Fig. 2 and [0035], server 203 [“first arithmetic circuit”]; [0132] The transformed data can be saved to storage generally and the manipulation can be performed by a processor [“arithmetic circuit”]); 
the second device includes (Fig. 2, 201): 
a second storage that stores second key information (Fig. 1, operation 101; Fig. 2, [0035] client 201 and Sc [“second storage device and Key information”]; [0132] The transformed data can be saved to storage generally and the manipulation can be performed by a processor); 
a second communication circuit that sends and receives communication data with the payload length L ([0035] FIG. 2 shows a shortened hash authentication [“payload length L”] process; [0030] This embodiment may be utilized when a duplex communication channel [“sends and receives”]exists between the client system and the server system. In such a duplex communication channel, bi-directional communication is possible between the client and server systems [See Fig. 3 Duplex]); and 
a second arithmetic circuit (Fig. 2 and [0035] client 201; [0132] The transformed data can be saved to storage generally and the manipulation can be performed by a processor [“arithmetic circuit”]); 
the first and second storages further store a common function used in an authentication process ([0035-0036] The client 201 [“second storage”] combines the client's secret code (SC) with a monotonic nonce code (TC) [“common function”] to generate a client code word (ΣC). The server 203 [“first storage”] combines the server's secret code (SS), where (SS=SC), with the shared monotonic nonce code (TC) [“common function”] to generate a server code word (ΣS)); 
the second arithmetic circuit of the second device sends an authentication request to the first device (Fig. 3, Msg Ready from Client to Server [“from the 2nd device to the 1st device”]); 
the first arithmetic circuit receives the response data from the second device, and checks the response data with the data D1 to perform authentication (Fig. 1; 109; [0036] The server 203 [“first arithmetic circuit”] compares the client-generated authentication code (HC′) to the server-generated authentication code (HS′) and declares a successful authentication of the client 201 to the server 203 if HS′=HC′).  
Although Erickson teaches, in paragraph 0038, “the authentication code (H) originates from a strong hash algorithm and is truncated (H′) to minimize the bandwidth burden on low-bandwidth channels”, it does not explicitly disclose “the second arithmetic circuit performs computation using the function taking the challenge data and the second key information as input values to generate data having a data length Ha longer than the payload length L, generates response data having a data length Hb shorter than or equal to the payload length L from the data having the data length Ha using a predetermined conversion rule, and sends the response data to the first device, the first arithmetic 
In same field of endeavor, Viggiano teaches a secure authentication ADS-B system and method of this invention requires ADS-B systems to respond to authentication challenges, verifying the identity of the ADS-B systems using an authentication challenge-response format.
Viggiano further discloses the system, wherein the first arithmetic circuit of the first device sends challenge data to the second device in response to the authentication request ([0012] The authentication challenge 12 is transmitted from an ADS-B equipped aircraft, vehicle, vessel or ground station (hereinafter Authenticator [“first device”]));
the second arithmetic circuit performs computation using the function taking the challenge data and the second key information as input values to generate data with a data length Ha longer than the payload length L, generates response data with a data length Hb shorter than or equal to the payload length L from the data with the data length Ha using a predetermined conversion rule, and sends the response data to the first device (Fig. 1; [0013] The Authenticator's system generates a unique identifier and transmits an authentication challenge 12 [“challenge data”], which includes the unique identifier to the ADS-B transmitter 20. the authentication processing of the ADS-B transmitter system comprises a secret-key 36 [“second key information”], a secure hash generator 40 [“perform computation] and a Message Authentication Code (MAC) generator 35, which transform the input data into a MAC 38; [0017] The secure hash generators, 40 and 50 [respectively “first and second arithmetic circuit”], contain a secure hash algorithm [“perform computation using the function taking the challenge data and second key information (See Fig. 1, 12, 14 and 36, 36a)”], and generate a secure hash value, 30 [“Ha” in second arithmetic circuit] and 52, as its output. However, according to the present invention the secure hash value, 30 [“Ha” in second arithmetic circuit] and 52, is input into the second secure process, which includes the MAC generator, 35 and 55, that modifies, reduces, and/or truncates the secure hash value to generate the MAC, 38 [“Hb” in second arithmetic circuit]. The ADS-B transmitter 20 transmits MAC 38 to the Authenticator 10 in its authentication response 18 to the Authenticator's authentication challenge 12);
According to paragraph 0020-0022 and 0030-0031 in the current application, Examiner interpreted the “performing computation using the function by the second arithmetic circuit” as a hash function in a computer system. In the prior art, Viggiano states the authentication challenge 12 unique identifier is 16-bits in length and a hash size of 128 bits in paragraph 0025-0027. In the art, the hash function converts data of arbitrary length to a fixed length. In this case, the input data is shorter that the fixed output through the hash conversion. For this reason, the Examiner asserts that the secure hash generators is analogous to the second arithmetic circuit computation of the current claim. In addition, Viggiano also teaches a MAC generator reduces the power of the long secure hash value in paragraph 0017-0018 and 0026. Therefore, the Examiner asserts that the MAC generator is analogous to the predetermined conversion rule of the current claim.
the first arithmetic circuit performs computation using the function taking the challenge data sent to the second device and the first key information as input values to generate data with the data length Ha, and generates data D1 having the data length Hb from the data with the data length Ha using the conversion rule ([0017] The secure hash generators, 40 and 50, contain a secure hash algorithm, which may be implemented in hardware or software and generate a secure hash value, 30 and 52, as its output. However, according to the present invention the secure hash value, 30 and 52 [“Ha” in first arithmetic circuit], is input into the second secure process, which includes the MAC generator, 35 and 55, that modifies, reduces, and/or truncates the secure hash value to generate the MAC, 38 and 58 [“D1 having the data length Hb” in first arithmetic circuit]).
the MAC generator, 35 and 55 [or the arithmetic circuits], that modifies, reduces, and/or truncates the secure hash value to generate the MAC, 38 and 58 [or Ha in the respective arithmetic circuits] (¶0017). Although the application of a MAC generator, 35 and 55, reduces the power of the long secure hash value, it is impractical for an attacker to correctly guess the MAC and limiting the size of the MAC 38 [or Hb in the respective arithmetic circuits] to a designated subset of bits alleviates the impact of the authentication scheme of the present invention on the bandwidth of Mode S, UAT or VDL Mode 4, for example (¶0018).

Regarding claim 23, (New) the combination of Erickson, Viggiano discloses the authentication system according to claim 19, wherein the function is a private function or a hash function ([Erickson: 0024] Shortened hash authentication methods [“hash function”] are disclosed herein for strong authentication security while reducing the communication burden between two entities).

Regarding claim 27, the combination of Erickson, Viggiano discloses the authentication system according to claim 19, wherein the first and second storages store a common conversion rule ([Erickson: 0035-0036]; Fig. 2, mod 2L C in 201 and 2L S [“common conversion rule”] in 203).

Regarding claim 28, (New) the combination of Erickson, Viggiano discloses the authentication system according to claim 27, wherein 
[Erickson: Fig. 2 and 0035-0036] hash algorithm (HashS), where (HashS=HashC)); and 
the conversion rule is to extract continuous data with the data length Hb from a predetermined position of the data with the data length Ha ([Erickson: Fig. 2, mod 2L C in 201 and 2L S [“conversion rule”] in 203; [0035-0036] Truncation of the long authentication code (HC) is mathematically equivalent to the operation HC mod 2L C, where LC is the specified truncation size [“Hb”]. Truncation of the long authentication code (HS) is mathematically equivalent to the operation HS mod 2L S, where (LC=LS); [Viggiano: 0017-0018] The ADS-B transmitter 20 transmits MAC 38 to the Authenticator 10 in its authentication response 18 [“response data having Hb”] to the Authenticator's authentication challenge 12. The MAC 38 is the last 8-bits [“predetermined position”] of the computed secure hash value 30).

Regarding claim 29, (New) the combination of Erickson, Viggiano discloses the authentication system according to claim 19, wherein the function is a hash function ([Erickson: Fig. 2 and 0035-0036] hash algorithm (HashS), where (HashS=HashC)), and the second arithmetic circuit extracts continuous partial data having a data length Y from a predetermined position of the data having the data length Ha, and generates information specifying the predetermined position, information indicating the data length Y, and the partial data, as the response data having the data length Hb ([Viggiano: 0017-0018] The ADS-B transmitter 20 transmits MAC 38 to the Authenticator 10 in its authentication response 18 [“response data having Hb”] to the Authenticator's authentication challenge 12. The MAC 38 is the last 8-bits [“a data length Y”] of the computed secure hash value 30).

Regarding claim 32, (new) the combination of Erickson, Viggiano discloses the authentication system according to claim 19, wherein after the first device has successfully authenticated the second [Viggiano: 0011] the authentication system includes a user interface to enter a pilot's personal identification number (PIN); [0021] there will be multiple ADS-B transmitters 20 being authenticated during any reporting cycle), 
the second arithmetic circuit of the second device sends, to the first device, challenge data for authentication of the first device ([Viggiano: 0013] the Authenticator's system generates a unique identifier and transmits an authentication challenge 12, which includes the unique identifier to the ADS-B transmitter 20), 
the first arithmetic circuit performs computation using the function taking the challenge data for authentication of the first device and the first key information as input values to generate data with a data length Ha longer than the payload length L, generates response data for authentication of the first device having a data length Hb shorter than or equal to the payload length L, from the data with the data length Ha using the conversion rule, and sends the response data to the second device (Viggiano: Fig. 1; [0013] The Authenticator's system generates a unique identifier and transmits an authentication challenge 12 [“challenge data”], which includes the unique identifier to the ADS-B transmitter 20. the authentication processing of the ADS-B transmitter system comprises a secret-key 36 [“second key information”], a secure hash generator 40 [“perform computation] and a Message Authentication Code (MAC) generator 35, which transform the input data into a MAC 38; [0017] The secure hash generators, 40 and 50 [respectively “first and second arithmetic circuit”], contain a secure hash algorithm [“perform computation using the function taking the challenge data and first key information (See Fig. 1, 12, 14 and 36, 36a)”], and generate a secure hash value, 30 and 52, as its output. However, according to the present invention the secure hash value, 30 and 52, is input into the second secure process, which includes the MAC generator, 35 and 55, that modifies, reduces, and/or truncates the secure hash value to generate the MAC, 38. The ADS-B transmitter 20 transmits MAC 38 to the Authenticator 10 in its authentication response 18 to the Authenticator's authentication challenge 12), 
in response to reception of the response data for authentication of the first device, the second arithmetic circuit performs computation using the function taking the challenge data for authentication of the first device sent to the first device and the second key information as input values to generate data with the data length Ha, and generates data D2 with the data length Hb from the data with the data length Ha using the conversion rule ([Viggiano: 0017] The secure hash generators, 40 and 50, contain a secure hash algorithm, which may be implemented in hardware or software and generate a secure hash value, 30 and 52, as its output. However, according to the present invention the secure hash value, 30 and 52, is input into the second secure process, which includes the MAC generator, 35 and 55, that modifies, reduces, and/or truncates the secure hash value to generate the MAC, 38 and 58), and 
the second arithmetic circuit checks the response data for authentication of the first device received from the first device with the data D2 to perform authentication on the first device ([Viggiano: 0015] The Authenticator's system applies the received ADS-B transmitter-generated MAC 38 and the Authenticator-generated MAC 58 to comparator 60 to authenticate the ADS-B transmitter's 20 identity).

Regarding claim 34, (new) the combination of Erickson, Viggiano discloses an electronic device which is the first device in the authentication system according to claims 19 ([Erickson: Fig. 2, 203; 0003] Equality between the truncated first hash result as transmitted to the server system and the truncated second hash result generated at the server system authenticates the client system to the server system).

Regarding claim 35, (new) the combination of Erickson, Viggiano discloses an electronic device which is the second device in the authentication system according to claim 19 ([Erickson: Fig. 2, 201; 0003] Equality between the truncated first hash result as transmitted to the server system and the truncated second hash result generated at the server system authenticates the client system to the server system).

Regarding claim 36, (New) Erickson discloses an authentication method for causing a first device to perform authentication on a second device using a challenge-response scheme (Fig. 1-3, operations 101-107 [“challenge- response scheme”, since the challenge–response authentication, in the art, is a family of protocols in which one party presents a question and another party must provide a valid answer to be authenticated]), 
wherein the first device (Fig. 2, 203) includes a first storage that stores first key information for authentication, and a first arithmetic circuit (Fig. 1, operation 103; Fig. 2, [0036] server 203 and Sc [“first storage device and Key information”]; [0132] The transformed data can be saved to storage generally and the manipulation can be performed by a processor (“arithmetic circuit”)), 
the second device (Fig. 2, 201) includes a second storage that stores second key information, and a second arithmetic circuit (Fig. 1, operation 101; Fig. 2, [0035] client 201 and Sc [“second storage device and Key information”]; [0132] The transformed data can be saved to storage generally and the manipulation can be performed by a processor (“arithmetic circuit”)), 
the first and second devices communicate with each other using communication data with a payload length L ([0035] FIG. 2 shows a shortened hash authentication [“payload length L”] process; [0030] This embodiment may be utilized when a duplex communication channel exists between the client system and the server system. In such a duplex communication channel, bi-directional communication is possible between the client and server systems [See Fig. 3 Duplex]) and have a [0035-0036] The client 201 [“second storage”] combines the client's secret code (SC) with a monotonic nonce code (TC) [“common function”] to generate a client code word (ΣC). The server 203 [“first storage”] combines the server's secret code (SS), where (SS=SC), with the shared monotonic nonce code (TC) [“common function”] to generate a server code word (ΣS)), the method comprising [Fig. 2 and 3]: 
(a) causing the second arithmetic circuit of the second device to send an authentication request to the first device (Fig. 3, Msg Ready from Client to Server [“from 2nd device to 1st device”]); 
 (d) causing the first arithmetic circuit to receive the response data (Fig. 2, [0035] The client 201 [“second arithmetic circuit”] transmits the nonce code (TC) and the client-generated authentication code (HC′) to the server 203 [“first arithmetic circuit”]); 
 (f) checking the response data received in (d) with the data D1 generated in (e) to perform authentication ([0036] The server 203 [“first arithmetic circuit”] compares the client-generated authentication code (HC′) to the server-generated authentication code (HS′) and declares a successful authentication of the client 201 to the server 203 if HS′=HC′).  
Although Erickson teaches, in paragraph 0038, “the authentication code (H) originates from a strong hash algorithm and is truncated (H′) to minimize the bandwidth burden on low-bandwidth channels”, it does not explicitly disclose “(b) causing the first arithmetic circuit of the first device to send challenge data to the second device in response to the authentication request; (c) causing the second arithmetic circuit to perform computation using the function taking the challenge data and the second key information as input values to generate data with a data length Ha longer than the payload length L, generate response data with a data length Hb shorter than or equal to the payload length L from the data with the data length Ha using a conversion rule, and send the response data to the first device; (e) causing the first arithmetic circuit to perform computation using the function taking the challenge data sent to the second device and the first key information as input values to generate data with the data 
In same field of endeavor, In same field of endeavor, Viggiano teaches a secure authentication ADS-B system and method of this invention requires ADS-B systems to respond to authentication challenges, verifying the identity of the ADS-B systems using an authentication challenge-response format.
Viggiano further discloses the system, wherein (b) causing the first arithmetic circuit of the first device to send challenge data to the second device in response to the authentication request ([0012] The authentication challenge 12 is transmitted from an ADS-B equipped aircraft, vehicle, vessel or ground station (hereinafter Authenticator [“first device”])); 
(c) causing the second arithmetic circuit to perform computation using the function taking the challenge data and the second key information as input values to generate data with a data length Ha longer than the payload length L, generate response data with a data length Hb shorter than or equal to the payload length L from the data with the data length Ha using a conversion rule, and send the response data to the first device (Fig. 1; [0013] the authentication processing of the ADS-B transmitter system comprises a secret-key 36 [“second key information”], a secure hash generator 40 [“perform computation] and a Message Authentication Code (MAC) generator 35, which transform the input data into a MAC 38; [0017] The secure hash generators, 40 and 50, contain a secure hash algorithm [“perform computation using the function taking the challenge data and second key information”], and generate a secure hash value, 30 [“Ha” in second arithmetic circuit] and 52, as its output. However, according to the present invention the secure hash value, 30 [“Ha” in second arithmetic circuit] and 52, is input into the second secure process, which includes the MAC generator, 35 and 55, that modifies, reduces, and/or truncates the secure hash value to generate the MAC, 38 [“Hb” in second arithmetic ]. The ADS-B transmitter 20 transmits MAC 38 to the Authenticator 10 in its authentication response 18 to the Authenticator's authentication challenge 12); 
According to paragraph 0020-0022 and 0030-0031 in the current application, Examiner interpreted the “performing computation using the function by the second arithmetic circuit” as a hash function in a computer system. In the prior art, Viggiano states the authentication challenge 12 unique identifier is 16-bits in length and a hash size of 128 bits in paragraph 0025-0027. In the art, the hash function converts data of arbitrary length to a fixed length. In this case, the input data is shorter that the fixed output by the hash conversion. For this reason, the Examiner asserts that the secure hash generators is analogous to the second arithmetic circuit computation of the current claim. In addition, Viggiano explicitly teaches a MAC generator reduces the power of the long secure hash value in paragraph 0017-0018 and 0026. Therefore, the Examiner asserts that the MAC generator is analogous to the predetermined conversion rule of the current claim.
(e) causing the first arithmetic circuit to perform computation using the function taking the challenge data sent to the second device and the first key information as input values to generate data with the data length Ha, and generate data D1 with the data length Hb from the data with the data length Ha using the conversion rule ([0017] The secure hash generators, 40 and 50, contain a secure hash algorithm, which may be implemented in hardware or software and generate a secure hash value, 30 and 52, as its output. However, according to the present invention the secure hash value, 30 and 52 [“Ha” in first arithmetic circuit], is input into the second secure process, which includes the MAC generator, 35 and 55, that modifies, reduces, and/or truncates the secure hash value to generate the MAC, 38 and 58 [“D1 having the data length Hb” in first arithmetic circuit]).
At the time of filing it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Erickson with the teachings of Viggiano to generate response data having a data length Hb shorter than or equal to the payload length L from the data having the data the MAC generator, 35 and 55 [or the arithmetic circuits], that modifies, reduces, and/or truncates the secure hash value to generate the MAC, 38 and 58 [or Ha in the respective arithmetic circuits] (¶0017). Although the application of a MAC generator, 35 and 55, reduces the power of the long secure hash value, it is impractical for an attacker to correctly guess the MAC and limiting the size of the MAC 38 [or Hb in the respective arithmetic circuits] to a designated subset of bits alleviates the impact of the authentication scheme of the present invention on the bandwidth of Mode S, UAT or VDL Mode 4, for example (¶0018).


Claims 20 and 22 are rejected under 35 U.S.C. 103 as being unpatentable over Erickson (US 20090199002 A1, IDS listed) in view of Viggiano et al. (US 20070239986 A1 hereinafter “Viggiano”, IDS listed) as applied to claim 19 above, and further in view of Coulter et al. (US 20190046373 A1 hereinafter “Cont-Coulter”, which continuation-in-part of application No. 15/600703, filed on May 20, 2017, herein after “Coulter”). 
Regarding Claim 20 (new), the combination of Erickson and Viggiano discloses the authentication system according to claim 19 except “the authentication system according to claim 19, wherein the first device further includes a motor including a mover; the first communication circuit receives an instruction from an external device; and the first arithmetic circuit controls movement of the mover according to the instruction.”
In a same field of endeavor, Cont-Coulter discloses the authentication system according to claim 19, wherein the first device further includes a motor including a mover ([Cont-Coulter: 0012 and Coulter: 0010] The powered balancing mobility device [including the “powerbase processor” below] can optionally include an all-terrain wheel pair); 
[Cont-Coulter 0014 and Coulter: 0012] The powerbase processor can optionally include a mobility device wireless processor enabling communications with an external application electronically remote from the mobility device); and 
the first arithmetic circuit controls movement of the mover according to the instruction ([Cont-Coulter 0014 and Coulter: 0012] the mobility device wireless processor receiving and decoding incoming messages from a wireless radio, the powerbase processor controlling the mobility device based at least one the decoded incoming messages).  
At the time of filing, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Erickson and Viggiano with the teachings of Cont-Coulter to include a motor having a mover, the first communication circuit receives an instruction from an external device, and the first arithmetic circuit controls movement of the mover according to the instruction. One of ordinary skill in the art would have been motivated to make this modification because the powerbase processor may control the mobility device [or the first device] based at least one the decoded incoming messages [or the instruction] and may include a secure wireless communications system including data obfuscation and challenge-response authentication [Cont-Coulter 0014 and Coulter: 0012].

Regarding claim 22, the combination of Erickson, Viggiano and Cont-Coulter discloses the authentication system according to claim 20, wherein the second device is a computer that sends an instruction to operate the motor ([Cont-Coulter 0014 and Coulter: 0012] the mobility device wireless processor receiving and decoding incoming messages from a wireless radio, the powerbase processor controlling the mobility device based at least one the decoded incoming messages).


Claim 21 is rejected under 35 U.S.C. 103 as being unpatentable over Erickson (US 20090199002 A1) in view of Viggiano et al. (US 20070239986 A1 hereinafter “Viggiano”, IDS listed) in view of Coulter et al. (US 20190046373 A1 hereinafter “Cont-Coulter”, which continuation-in-part of application No. 15/600703, filed on May 20, 2017) as applied to claim 20 above, and further in view of SHOTA et al. (WO 2016104378 A1 hereinafter “Shota”, English translated version attached (Published on 2016-06-30)).
Regarding claim 21, (New) the combination of Erickson, Viggiano and Cont-Coulter teaches all features of the authentication system according to claim 20 except “the first key information is motor fingerprint information that varies depending on manufacturing variations of the motor and is unique to the motor.”
In a same field of endeavor, Shota discloses the authentication system according to claim 20, wherein the first key information is motor fingerprint information that varies depending on manufacturing variations of the motor and is unique to the motor ([the Highlighted section on Page 16 at the attached file; same as WIPO, Japanese version [021 0]] Suppose that It is assumed that the measurement data obtained in this way is stored in the recording device as a table. In this case, by referring to the measurement data from the detected segment number, the mechanical angle (true value) corresponding to the segment can be obtained. Such a sequence of mechanical angle values is unique to each motor and can function as a so-called “fingerprint” of the motor).  
At the time of filing, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Erickson Viggiano and Cont-Coulter with the teachings of Shota to include motor fingerprint information that varies depending on manufacturing variations of the motor and is unique to the motor. One of ordinary skill in the art would have been motivated to make this modification because the motor fingerprint information may match against the motor fingerprint information that has been transmitted from the external device. Authentication judgement may be made based on whether both match or not.


Claims 24 and 25 are rejected under 35 U.S.C. 103 as being unpatentable over Erickson (US 20090199002 A1, IDS listed) in view of Viggiano et al. (US 20070239986 A1 hereinafter “Viggiano”, IDS listed) as applied to claim 19 above, and further in view of Newsome et al. (US 20120303973 A1 hereinafter “Newsome”).
Regarding claim 24, (New) the combination of Erickson, Viggiano may not explicitly teach, but Newsome, which is a same field of endeavor, discloses the authentication system according to claim 19, wherein the function is the hash function SHA-256, and the data length Ha is 32 bytes ([0078] a general hash function, such as SHA-256, or a message authentication code (MAC), such as CBC MAC, to be used in the protocol. However, those realization options would all lead to higher expenditure [The output of the hash function, SHA-256, is 256 bits which is 32 bytes. Therefore, the output of the hash function, SHA-256, is same as the data length Ha]).
In the art, the electronic control unit (ECU), also known as an electronic control module (ECM), is an embedded system in automotive electronics [analogous to “motor”, See ¶0017, motor vehicle] that controls one or more of the electrical systems or subsystems in a vehicle.
At the time of filing, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Erickson and Viggiano with the teachings of Newsome to include the function is the hash function SHA-256, and the data length Ha is 32 bytes. One of ordinary skill in the art would have been motivated to make this modification because HMAC [or SHA-256] may be considered in the context of safeguarding a sensor, but it is considerably more costly than the solution ultimately proposed in the specific exemplary embodiment [0122].

Regarding claim 25, (New) the authentication system according to claim 24, wherein the data length Hb is 13 bytes or less ([Viggiano: 0017] a MAC, 38 and 58, for example, contains a designated 16-bit or 8-bit block [less than 13 byte (104 bits)] from the secure hash value, 30 and 52).


Claim 26 is rejected under 35 U.S.C. 103 as being unpatentable over Erickson (US 20090199002 A1, IDS listed) in view of Viggiano et al. (US 20070239986 A1 hereinafter “Viggiano”, IDS listed), in view of Newsome et al. (US 20120303973 A1 hereinafter “Newsome”) as applied to claim 25 above, and further in view of Mizrah (US 20050050323 A1).
Regarding claim 26, (new) the combination of Erickson, Viggiano and Newsome may not explicitly teach, but Mizrah, which is a same field of endeavor, disclose the authentication system according to claim 25, wherein the data length Hb is 8 bytes ([0012] three 64-bit "responses" [8 bytes](the "challenge" encrypted with DES keys as described above) are sent back to the server (the authenticator), where they are compared with the similar outputs calculated at the server).
At the time of filing, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Erickson Viggiano and Newsome with the teachings of Mizrah to include the data length Hb which is 8 bytes. One of ordinary skill in the art would have been motivated to make this modification because if the values [or 8 bytes] match, the authentication is acknowledged; otherwise the connection should be terminated [0012].  


Clam 30 is rejected under 35 U.S.C. 103 as being unpatentable over Erickson (US 20090199002 A1, IDS listed) in view of Viggiano et al. (US 20070239986 A1 hereinafter “Viggiano”, IDS listed) as 
Regarding claim 30, (New) the combination of Erickson, Viggiano discloses the authentication system according to claim 19, wherein if authentication of the second device is successful ([Erickson: 0027] If the comparison yields equality between the truncated first hash result as transmitted to the server system and the truncated second hash result generated at the server system, the client system is authenticated to the server system). 
However, the combination may not explicitly teach, “the second device sends an instruction to control an operation of the first device; and the first device operates according to the instruction.”
In a same field of endeavor, Cont-Coulter discloses the authentication system according to claim 19, wherein the second device sends an instruction to control an operation of the first device; and the first device operates according to the instruction ([Cont- Coulter: 0647 and Coulter: 0408] If the user authenticates, service update screen 1083 can be displayed with an indication that the user is allowed to connect wirelessly. The user can be given up to a pre-selected number [“instruction”] of times to authenticate]).
At the time of filing, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Erickson and Viggiano with the teachings of Coulter to include the second device that sends an instruction to control an operation of the first device; and the first device operates according to the instruction if authentication of the second device is successful. One of ordinary skill in the art would have been motivated to make this modification because UC 130 [or second device] may include a means to prevent unauthorized use of the MD [or first device, Cont- Coulter: 0477 and Coulter: 0318].


Clam 31 is rejected under 35 U.S.C. 103 as being unpatentable over Erickson (US 20090199002 A1, IDS listed) in view of Viggiano et al. (US 20070239986 A1 hereinafter “Viggiano”, IDS listed) as applied to claim 19 above, and further in view of Guthrie et al. (US 6161185 A hereinafter “Guthrie”).
Regarding claim 31, (New) the combination of Erickson, Viggiano and may not explicitly teach, but Coulter, which is a same field of endeavor, discloses the authentication system according to claim 19, wherein if authentication of the second device has successively failed at least a predetermined number of times, the first device rejects a subsequent authentication process for at least a predetermined period of time (col. 2, ln. 28-33, The exemplary embodiment automatically locks out a user for a time out period where the user has attempted authentication for a predetermined number of successive attempts and failed. As the number of authentication failures increases, the time out period increases).
At the time of filing, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Erickson and Viggiano with the teachings of Guthrie to the first device that rejects a subsequent authentication process for at least a predetermined period of time if authentication of the second device has successively failed at least a predetermined number of times. One of ordinary skill in the art would have been motivated to make this modification because the purpose of the lock-out timer is to thwart an unauthorized user from repeatedly "hammering" the server 104 manually or through an automated application with authorization attempts [col. 8, ln. 24-27].

Clam 33 is rejected under 35 U.S.C. 103 as being unpatentable over Erickson (US 20090199002 A1, IDS listed) in view of Viggiano et al. (US 20070239986 A1 hereinafter “Viggiano”, IDS listed), in view of Guthrie et al. (US 6161185 A hereinafter “Guthrie”) as applied to claim 31 above, and further in view 
Regarding claim 33, (new) the combination of Erickson, Viggiano and Guthrie discloses the authentication system according to claim 19, wherein if authentication of the first device is successful: ([Erickson: 0027] If the comparison yields equality between the truncated first hash result as transmitted to the server system and the truncated second hash result generated at the server system, the client system is authenticated to the server system).
However, the combination may not explicitly teach, “the second device sends an instruction to control an operation of the first device; and the first device operates according to the instruction”.
In a same field of endeavor, Cont-Coulter discloses the authentication system according to claim 19, wherein the second device sends an instruction to control an operation of the first device; and the first device operates according to the instruction ([Cont- Coulter: 0647 and Coulter: 0408] If the user authenticates, service update screen 1083 can be displayed with an indication that the user is allowed to connect wirelessly. The user can be given up to a pre-selected number [“instruction”] of times to authenticate]]).
At the time of filing, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Erickson, Viggiano and Guthrie with the teachings of Coulter to include the second device that sends an instruction to control an operation of the first device; and the first device operates according to the instruction if authentication of the second device is successful. One of ordinary skill in the art would have been motivated to make this modification because UC 130 [or second device] may include a means to prevent unauthorized use of the MD [or first device, Cont- Coulter: 0477 and Coulter: 0318].

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
• “Challenge-Response Authentication Using a Masked Response Value”, Lambert (US 20140156998 A1): [0040] At step 64, the processor 12 of the first device 2 then determines whether the expected masked response value xmaskres matches (e.g. is equal to or equivalent to) the masked response value maskres from the second device 4.
• “Dual-Interface Key Management”, Habraken (US 20110035604 A1): [0010]  the challenge-response data strings serve as vehicles for carrying the key-management information; [0037] the administration server can require the entry of some biometric data, such as a through a portable fingerprint reader 22 connected to portable computer 10.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ANDREW SUH whose telephone number is (571)270-5524. The examiner can normally be reached campus 9:00 AM- 5:00 PM, alternate Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on (571) 272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and 





/A.S./Examiner, Art Unit 2493                                                                                                                                                                                                        
/Michael Simitoski/Primary Examiner, Art Unit 2493