Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
This is in response to applicant’s Claims filed on 06/05/2019 to Application #16/431,944 filed on 06/05/2019 in which 1-20 are pending.  Claims 5, 15, 17 are canceled.

Status of Claims
Claims 1-20 are pending, of which Claims 1-4, 6-14, 16, 18-20 are allowable via Examiner’s Amendment.  Claims 5, 15, 17 are canceled.

Applicant’s Most Recent Claim Set of 06/05/2019
Applicant’s most recent claim set of 06/05/2019 is considered to be the latest claim set under consideration by the examiner.

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

David Schell on November 3, 2021.
 
The application has been amended as follows:

In the Claims:

Claim 1: (Currently Amended)
An information handling system, comprising:
a self-encrypting storage device configured to store data in an encrypted state; and
a storage controller configured to:
manage the self-encrypting storage device;
generate a passphrase;
share the passphrase with a baseboard management controller via a shared memory architecture transfer mechanism;
receive an encrypted message from the baseboard management controller;
decrypt the encrypted message using the passphrase to obtain a message, a sent hash, and a nonce value, the message including an encryption key to access the self-encrypting storage device;
compare the nonce value to a counter to determine if the nonce value is an old nonce value;
calculate an observed hash of the message;

accept the message when the nonce value is not an old nonce value and the observed hash matches the received hash;
the baseboard management controller in communication with the storage controller using a sideband interface and configured to:
receive the passphrase from the storage controller via shared memory architecture transfer mechanism;
generate the sent hash of the message;
encrypt the message, the sent hash, and the nonce value using the passphrase to form the encrypted message; and
transmit the encrypted message to the storage controller over the sideband interface.


Claim 5: (Currently Canceled)


Claim 8: (Currently Amended)
A method of encrypting communication, comprising:
managing a self-encrypting storage device;
generating a passphrase;
sharing the passphrase with a service processor via a shared memory architecture transfer mechanism;
receiving an encrypted message from the service processor over a sideband interface;
decrypting the encrypted message using the passphrase to obtain a message, a received hash, and a nonce value, the message including an encryption key to access a self-encrypting storage device;
comparing the nonce value to a counter to determine if the nonce value is an old nonce value;
calculating an observed hash of the message;
comparing the observed hash with the received hash; and 
accepting the message when the nonce value is not an old nonce value and the observed hash matches the received hash.


Claim 14: (Currently Amended)
A method of encrypting communication, comprising:
receiving a passphrase from an endpoint device via shared memory architecture transfer mechanism;
generating a hash of a message;
encrypting the message, the hash, and a nonce value using the passphrase to form an encrypted message; and
transmitting the encrypted message to the endpoint device over a sideband interface; 
receiving an encrypted message from the endpoint device over the sideband interface;
decrypting the encrypted message using the passphrase to obtain a message, a received hash, and a nonce value;
comparing the nonce value to a counter to determine if the nonce value is an old nonce value;
calculating an observed hash of the message;
comparing the observed hash with the received hash; 
accepting the message when the nonce value is not an old nonce value and the observed hash matches the received hash; and 
storing the passphrase and a current counter value in a persistent memory location and reestablishing communication using the passphrase and current counter after a reboot.


Claim 15: (Currently Canceled)


Claim 17: (Currently Canceled)


Reasons For Allowance
The following is an examiner’s statement of reasons for allowance:
Claims 1-4, 6-14, 16, 18-20 are considered allowable.

The instant invention is directed to a system and methods for securing the transmission of data between a service processor and an end point over sideband communications.

The closest prior art, as recited, Kim et al. US Patent Application Publication No. 2006/0270449 and Abdulhamid et al. US Patent Application Publication No. 2018/0060077, are also generally directed to various aspects of securing the transmission of data between devices over sideband communications.  However, Kim et al. or Abdulhamid et al. does not teach or suggest, either singularly or in combination, the particular combination of steps or elements as recited in the independent claim(s) 1, 8, 14.  For example, none of the cited prior art teaches or suggests the steps of:
Regarding Claim 1:
a storage controller that manages a self-encrypting storage device, generates a passphrase and shares the passphrase with a baseboard management controller via a shared memory architecture transfer mechanism, the storage controller receives an encrypted message from the baseboard management controller, the storage controller decrypts the encrypted message using the passphrase to retrieve a message, send hash, and nonce value, along with retrieving an encryption key from the message that enables access to the self-encrypting storage device, the storage controller compares the nonce value to a counter to establish if the nonce value is an old nonce value and calculates a hash of the message, which is then compared with the hash received in the message, with the message being accepted if the nonce value is current and the calculated hash matches the hash received in the message, then over the sideband interface, the baseboard management controller retrieves the passphrase from the storage controller via the shared memory architecture transfer mechanism, generates a hash of the message, encrypts the hash, the message, and the nonce value using the retrieved passphrase, and sends the encrypted message over the sideband interface to the storage controller
When combined with the additional limitations found in Claim 1.

Regarding Claim 8:
managing a self-encrypting storage device, generates a passphrase and sharing the passphrase with a service processor via a shared memory architecture transfer mechanism, receiving an encrypted message from the service processor over a sideband interface, decrypting the encrypted message using the passphrase to retrieve a message, received hash, and nonce value, along with retrieving an encryption key from the message that enables access to the self-encrypting storage device, comparing the nonce value to a counter to establish if the nonce value is an old nonce value and calculating a hash of the message, which is then compared with the hash received in the message, with the message being accepted if the nonce value is current and the calculated hash matches the hash received in the message
When combined with the additional limitations found in Claim 8.

Regarding Claim 14:
receiving a passphrase from an endpoint device via a shared memory architecture transfer mechanism, generating a hash of a message and encrypting the message, the hash, and a nonce value using the received passphrase to form an encrypted message, transmitting the encrypted message to the endpoint device over a sideband interface, receiving an encrypted message from the endpoint device over the sideband interface, decrypting the encrypted message using the received passphrase to obtain a message, a received hash, and a nonce value, comparing the nonce value to a counter to determine if the nonce value is current nonce value, calculating a hash of the message, comparing the calculated hash with the received hash, accepting the message when the nonce value is a current nonce value and the calculated hash matches the received hash, storing the passphrase and a current counter value in a persistent memory location and reestablishing communication using the passphrase and current counter after a reboot
When combined with the additional limitations found in Claim 14.

Therefore Claims 1-4, 6-14, 16, 18-20 of the instant application are allowable over the cited prior art.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Guise et al - US_11080675_B1: Guise et al teaches a point of sale system with a secure sideband over I2C communications.
Castell et al - US_20140298411_A1_I: Castell et al teaches secure communications utilizing NFC and I2C communication methods.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRADLEY HOLDER whose telephone number is 571-270-3789.  The examiner can normally be reached on Monday-Friday 10:00AM-7:00PM EST.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw, can be reached on 571-272-8878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/BRADLEY W HOLDER/
Primary Examiner, Art Unit 2498