Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of Claims
2.	This Office Action is issued in response to the claims filed on 03/19/2021.
Claims 1, 3, 5-7, 9, 10, 12-15, 17-20, 23, 27, 28, 31, and 34 are pending in this Office Action.
Claims 2, 4, 8, 11, 16, 21, 22, 24-26, 29, 30, 32, 33, 35, and 36 have been cancelled.	

Priority
3.	Acknowledgement is made of applicant’s claim of priority to U.S. Patent Application No. 62/628,770, filed February 9, 2018, U.S. Patent Application No. 62/635,537, filed February 26, 2018, and U.S. Patent Application No. 62/642,164, filed March 13, 2018.

Objections
4.	The specification is objected to because:
Paragraph [0249], lines 4-5 of the originally filed specification recites “such operations can be advantageous ino preventing…” which has a typo and should be “such operations can be advantageous [[ino]] in
Paragraph [0256] of the originally filed specification recites “As also shown in FIG. 8, device 110…” which has a typo and should be “As also shown in FIG. 8, device [[110]] 810…” 
Paragraph [0268] of the originally filed specification recites “At operation 920, a request (e.g., an authentication request) can be generated/transmitted (e.g., by client 820) and/or received (e.g., by decentralized network 850 and/or one or more nodes 820)” which has a typo and should be “At operation 920, a request (e.g., an authentication request) can be generated/transmitted (e.g., by client [[820]] 810) and/or received (e.g., by decentralized network 850 and/or one or more nodes 820).”
Paragraph [0274], line 3 of the originally filed specification recites “…verification (e.g., at 960) that that the generated proof…” which has a typo and should be “…verification (e.g., at 960) [[that]] that the generated proof…”
Appropriate corrections are required.

Claim Objections
5.	Claims 1, 6, 7, 12, 18, 19, 27, 28, and 34 are objected to because of the following issues:
a.	Claim 1 (lines 14 and 16), claim 10 (line 1), claim 15 (line 1), and claim 18 (line 18) recites 'authenticated operation' which should be 'authenticating operation or authentication operation'.  Appropriate corrections are required.
	b. 	Claim 6 recites “…wherein receiving a proof of possession of a first authentication credential comprises receiving a zero-knowledge proof of the possession the proof of possession of [[a]] the first authentication credential comprises receiving a zero-knowledge proof of the possession of the first authentication credential.”  Appropriate corrections are required.
	c.	Claim 7 recites “…wherein the memory further stores instructions to cause the system to perform operations comprising receiving, from the client, a public session key, wherein transmitting an encrypted output comprises transmitting an output encrypted with the public session key to the client.”  The emphasized term lacks proper antecedent basis and the Examiner suggests the claim as “…wherein the memory further stores instructions to cause the system to perform operations comprising receiving, from [[the]] a client, a public session key, wherein transmitting an encrypted output comprises transmitting an output encrypted with the public session key to the client.”  Appropriate correction is required.
	d.	Claim 12 recites “The system of claim 1, wherein the memory further stores instructions to cause the system to perform operations comprising at least one of: transmitting an encrypted output to the client, recording, on a blockchain, one or more attempts to authenticate via the decentralized authentication network, .” The claim seems to have typos and lacks proper antecedent basis.  The Examiner suggests the claim as “The system of claim 1, wherein the memory further stores instructions to cause the system to perform operations comprising at least one of: transmitting an encrypted output to [[the]] a client[[,]] or recording, on a blockchain, one or more 
	e.	Claim 18 recites “…and associated with the network” which lacks proper antecedent basis because the term has not been previously positively recited.  Since claim 1 which claim 18 depends from recites “a decentralized authentication network” (line 6), the Examiner suggests changing the term “the network” in claim 18 to “the decentralized authentication network.” Appropriate correction is required.
f.	Claim 19 recites “The system of claim 1 where user authentication…” which seems to have typo and should be ““The system of claim 1, [[where]] wherein user authentication…”  Appropriate correction is required.
	g.	Claim 27 recites “…wherein generating a proof of a possession of a first authentication credential comprises generating a zero-knowledge proof of a possession of a first authentication credential” which should be “…wherein generating [[a]] the proof of [[a]] the possession of [[a]] the first authentication credential comprises generating a zero-knowledge proof of a possession of a first authentication credential” because claim 23 which claim 27 depends from has already recited “…generating a proof of a possession of a first authentication credential…” Appropriate corrections are required.
	h.	Claim 28 recites: “The non-transitory computer readable medium of claim 23, further comprising at least one of: receiving, from at least one of the one or more nodes, an encrypted output, decrypting the one or more shares with the private session key.”  The claim seems to miss a conjunction “or”.  The Examiner suggests the claim as “The non-transitory computer readable medium of claim 23, further comprising at least one of: receiving, from at least one of the one or more nodes, an encrypted output[[,]] or 
	i.	Claim 34 seems to miss a conjunction “and” before the last limitation.  The last two limitations of the claim should be:
	“based on a verification that the generated proof conforms to the authentication protocol, receiving one or more shares of a cryptographic key associated with the user identifier, each of the one or more shares being stored at one of the one or more nodes of the decentralized authentication network; and 
based on a determination that the one or more shares meet a defined cryptographic threshold, initiating one or more cryptographic operations with respect to the cryptographic key.” Appropriate correction is required.

Claim Rejections - 35 USC § 112
6.	The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.




7.	Claims 5, 14, and 20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
weak keys.”  The relative term “weak key” renders the claim indefinite because the claim or the specification does not define or provide sufficient information for the relative term “weak keys”.  Therefore, the claim is rejected under 35 U.S.C. 112(b).  For purpose of examination, the Examiner considers all keys are weak keys.
b.	Claim 14 is recited as ‘canceled’ and ‘amended’ and the amended claim 14 recites “…wherein the authentication protocol comprises at least of: a smart contract or the first challenge, one or more other challenges, and one or more parameters that define aspects of the utilization of the first challenge and the one or more other challenges.”  The term “the first challenge” lacks antecedent basis.  Since claim 1 which claim 14 depends from recites “first authentication challenge”, the Examiner assumes the term “the first challenge” in claim 14 has a typo and it should be “the first authentication challenge”.  Furthermore, the term “at least of” and the conjunctions “or” and “and” make the claim ambiguous.  Therefore, claim 14 is rejected under 35 U.S.C. 112(b).  For purpose of examination and for clarity, the examiner assumes the claim is amended and “the authentication protocol comprises at least one of: a smart contract, the first authentication challenge, one or more other authentication challenges, or one or more parameters that define aspects of the utilization of the first authentication challenge and the one or more other authentication challenges.”
	c. 	Claim 20 recites “The system of claim 1, wherein one or more aspects of the authentication protocol are determined according to the state of the execution of the authentication protocol, by the first node and one or more other nodes within the decentralized network.”  The emphasized parts lacks proper antecedent basis and make the claim ambiguous.  Therefore, the claim is rejected under 35 U.S.C. 112(b).  For purpose of examination, the examiner assumes the claim as “The system of claim 1, wherein one or more aspects of the authentication protocol are determined according to [[the]] a state of [[the]] execution of the authentication protocol[[,]] by the first node and one or more other nodes within the decentralized authentication network.”

Claim Rejections - 35 USC § 103
8.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

9.	Claims 1, 3, 5, 9, 12-15, 17-20, and 34 are rejected under 35 U.S.C. 103 as being unpatentable over Unnikrishnan et al. (U.S. Pub. No. 2016/0094531), hereinafter “Unnikrishnan” and in view of Le Saint (U.S. Pub. No. 2021/0111875), hereinafter “Le Saint ‘875”.
Regarding claim 1, Unnikrishnan discloses a system comprising: 
a processing device (Fig. 5 with associated text: computing device 502); and a memory coupled to the processing device and storing instructions that, when executed by the processing device (Fig. 5 with associated text: system memory 506), cause the system to perform one or more operations comprising: 
receiving, within a first node of a [decentralized] authentication network, an authentication request associated with a user identifier (paragraphs [0028]-[0030] and [0065]: client 102 sends an access request which needed authentication to authentication component 104-first node.  The authentication component 104 receives and processes the request.  Paragraph [0082]: client 102 could be a mobile telephone, a smart phone or a tablet personal computer which belongs and is associated to a specific user.  Note: the mobile telephone, the smart phone or the tablet personal computer could be a user’s identifier); 
generating, in accordance with an authentication protocol associated with the user identifier, a first authentication challenge (paragraphs [0029]- [0031] and [0066]: The authentication component manages authentication challenges set by authentication protocol that is based on information of the client 102); 
receiving, in response to the first authentication challenge, a proof of possession of a first authentication credential (paragraphs [0038]- [0039]: The client constructs a response with a proof of possession of the required authentication credential; paragraphs [0051] and [0068]: The authentication component evaluates the received authentication response); 
verifying that the received proof conforms to the authentication protocol (paragraphs [0051]-[0054] and [0068]: The authentication component evaluates and validates the authentication response based on authentication protocol); and 
based on a verification that that the received proof conforms to the authentication protocol, initiating an authenticated operation [with respect to a share of a cryptographic key stored at the first node and associated with the user identifier] (paragraphs [0057]-[0058] and [0068]: generating validation result; paragraph [0069]: after successful authentication, the client is granted access to the secure resource); 

Unnikrishnan discloses after being successfully authenticated, the client is granted the operation that it requests to be authenticated for as presented above.  Unnikrishnan does not explicitly disclose the first node is of a decentralized authentication network, the authenticated operation is with respect to a share of a cryptographic key stored at the first node and associated with the user identifier and the authenticated operation is completed in conjunction with one or more other shares of the cryptographic key that satisfy a defined cryptographic threshold.  However, authentication for accessing a share of a cryptographic key stored at a node and associated with a user identifier in a decentralized manner and the authenticated operation is completed in conjunction with one or more other shares of the cryptographic key that satisfy a defined cryptographic threshold is known in the art before the effective filing date of the claimed invention and Le Saint ‘875’s teaching is an example (paragraph [0003]:key shares are stored in a decentralized manner; paragraph [0051]: “each of the N devices can be communicably coupled to a registry of certificates that correspond to devices that belong to the trusted network, thereby enabling any one of the N devices to authenticate another device as being in the trusted network.” Key shares are received by the requesting device if the key share holders determine the requesting device is included in the trusted network –authenticating the requesting device based on device’s identifier. Paragraph [0005]: Shamir’s Secret Sharing Scheme.  Paragraph [0037]: a predetermined threshold number of shares are needed).
(Title and paragraph [0003]).
	Regarding claim 3, Unnikrishnan and Le Saint ‘875 disclose the system of claim 1. Le Saint ‘875 further discloses wherein the authentication request comprises at least one of: a document to be signed with the cryptographic key, a transaction to be signed with the cryptographic key, or a request for the cryptographic key (Le Saint ‘875, paragraphs [0049]-[0050]: requesting shares of an encryption key).
	Regarding claim 5, Unnikrishnan and Le Saint ‘875 disclose the system of claim 1.  Unnikrishnan further discloses wherein the first authentication challenge comprises a request to authenticate using one or more weak keys (Unnikrishnan, paragraphs [0029] and [0039]: authentication credential is associated with a key).
Regarding claim 9, Unnikrishnan and Le Saint ‘875 disclose the system of claim 1. Le Saint ‘875 further discloses wherein the one or more other shares of the cryptographic key are stored at one or more other nodes of the decentralized authentication network (Le Saint ‘875, paragraphs [0003] and [0005]: shares are stored in devices of a decentralized network).
Regarding claim 12, Unnikrishnan and Le Saint ‘875 disclose the system of claim 1.  Le Saint ‘875 further discloses wherein the memory further stores instructions to cause the system to perform operations comprising at least one of: transmitting an encrypted output to the client (Le Saint ‘875, paragraph [0051]: the requesting device receives encryption key share that is encrypted with public key of the requesting device), recording, on a blockchain, one or more attempts to authenticate via the decentralized authentication network.
Regarding claim 13, Unnikrishnan and Le Saint ‘875 disclose the system of claim 1.  Le Saint ‘875 further discloses wherein the cryptographic key is not known to any of the nodes within the decentralized authentication network (Le Saint ‘875, paragraphs [0068]-[0070]: after being created, split into shares and being distributed to plurality of devices, the encryption key is destroyed. Each device stores only one key share and the encryption key only can be reproduced by obtain additional key shares from other devices; therefore, the encryption key is not known to any of the nodes within the decentralized authentication network).
Regarding claim 14, Unnikrishnan and Le Saint ‘875 disclose the system of claim 1.  Unnikrishnan further discloses wherein the authentication protocol comprises at least of: a smart contract or the first challenge (Unnikrishnan, paragraph [0030]: challenges are based on policy rules set by the authentication protocol.  Paragraph [0031]: an authentication challenge is generated and sent to the client), one or more other challenges, and one or more parameters that define aspects of the utilization of the first challenge and the one or more other challenges.
Regarding claim 15, Unnikrishnan and Le Saint ‘875 disclose the system of claim 1.  Le Saint ‘875 further discloses wherein the authenticated operation comprises signing an access token that provides the user identifier with access to the system (Le Saint ‘875, paragraph [0045]: encryption key is used to decrypt encrypted password so that a user is authenticated and granted to a web application.  Paragraph [0048]: encryption key is used to encrypt/decrypt password or other private data.  Note: password is an access token which could provide a user access to an application of a system).
Regarding claim 17, Unnikrishnan and Le Saint ‘875 disclose the system of claim 1.  Le Saint ‘875 further discloses wherein the processing device cannot access or reveal the cryptographic key (Le Saint ‘875, paragraph [0038]: after generating the encryption key from key shares collected from other devices, there requesting device uses the encryption key to perform the necessary cryptographic function.  The requesting device does not reveal the encryption key to other devices).
Regarding claim 18, Unnikrishnan and Le Saint ‘875 disclose the system of claim 1.  Le Saint ‘875 further discloses wherein the authenticated operation comprises signing an access token with the share of the cryptographic key stored at the first node and associated with the network (Le Saint ‘875, paragraph [0038]: encryption key is generated from key shares collected from other devices of the network.  Paragraph [0045]: encryption key is used to decrypt encrypted password so that a user is authenticated and granted to a web application.  Paragraph [0048]: encryption key is used to encrypt/decrypt password or other private data.  Note: password is an access token which could provide a user access to an application of a system.  Encryption is a form of signing data.  Each device holding a key share is considered as a node.  Key shares from multiple devices are needed to generate the encryption key and each device holding a respective key share authenticates the requesting device before sending the key share to the requesting device; therefore, the key share is associated with the decentralized authentication network).
Regarding claim 19, Unnikrishnan and Le Saint ‘875 disclose the system of claim 1 where user authentication is conditioned on a multi- party consensus that reflects that the user has proven its identity (Unnikrishnan discloses challenge-based authentication that needs proof of user credential - paragraphs [0038]- [0039], [0051] and [0068].  Le Saint ‘875 discloses collecting key shares from multiple devices which each device authenticates the requesting device-paragraph [0051].  It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention that the combination of Unnikrishnan and Le Saint ‘875’s teaching would result in a predictable result of a user authentication is conditioned on a multi- party consensus that reflects that the user has proven its identity because the requesting device need to be authenticated by all the devices that it requests key shares).
Regarding claim 20, Unnikrishnan and Le Saint ‘875 disclose the system of claim 1, wherein one or more aspects of the authentication protocol are determined according to the state of the execution of the authentication protocol, by the first node and one or more other nodes within the decentralized network (a). Unnikrishnan, paragraph [0030]: the authentication component considers authentication protocols by identifying whether the client’s application is able to be authenticated using a specific authentication-state of execution of the authentication protocol. b).Le Saint ‘875, paragraph [0003]: key shares are stored in a decentralized manner; paragraph [0051]: collecting key shares from multiple devices which each device authenticates the requesting device.  It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Unnikrishnan’s teaching in (a) and Le Saint ‘875’s teaching in (b) to have a predictable result of one or more aspects of the authentication protocol are determined according to the state of the execution of the authentication protocol, by the first node and one or more other nodes within the decentralized network).
Regarding claim 34, Unnikrishnan discloses a method comprising: 
transmitting an authentication request associated with a user identifier to one or more nodes within a [decentralized] authentication network (paragraphs [0028]-[0030] and [0065]: client 102 sends an access request which needed authentication to authentication component 104-first node.  Paragraph [0082]: client 102 could be a mobile telephone, a smart phone or a tablet personal computer which belongs and is associated to a specific user. Note: the mobile telephone, the smart phone or the tablet personal computer could be a user’s identifier); 
receiving a prompt for a first authentication challenge generated in accordance with an authentication protocol (paragraphs [0029]- [0031] and [0066]: The authentication component manages authentication challenges set by authentication protocol that is based on information of the client 102;  paragraph [0038]: the client receive notification of authentication challenge); 
generating a proof of a possession of a first authentication credential (paragraphs [0038]- [0039]: The client constructs a response with a proof of possession of the required authentication credential; paragraphs [0051] and [0068]: The authentication component evaluates the received authentication response);
broadcasting the generated proof and the authentication request to at least one of the one or more nodes within the [decentralized] authentication network (paragraphs [0039] and [0050]: The client device sends the challenge response to the authentication token);
(paragraphs [0051]-[0054] and [0068]: The authentication component evaluates and validates the authentication response based on authentication protocol; paragraphs [0057]-[0058] and [0068]: generating validation result; paragraph [0069]: after successful authentication, the client is granted access to the secure resource); 
[based on a determination that the one or more shares meet a defined cryptographic threshold, initiating one or more cryptographic operations with respect to the cryptographic key.]
Unnikrishnan discloses after being successfully authenticated, the client is granted the operation that it requests to be authenticated for as presented above.  Unnikrishnan does not explicitly disclose the first node is of a decentralized authentication network, the authenticated operation is with respect to a share of a cryptographic key stored at the first node and associated with the user identifier and the authenticated operation is completed in conjunction with one or more other shares of the cryptographic key that satisfy a defined cryptographic threshold.  However, authentication for accessing a share of a cryptographic key stored at a node and associated with a user identifier in a decentralized manner and the authenticated operation is completed in conjunction with one or more other shares of the cryptographic key that satisfy a defined cryptographic threshold is known in the art before the effective filing date of the claimed invention and Le Saint ‘875’s teaching is (paragraph [0003]:key shares are stored in a decentralized manner; paragraph [0051]: “each of the N devices can be communicably coupled to a registry of certificates that correspond to devices that belong to the trusted network, thereby enabling any one of the N devices to authenticate another device as being in the trusted network.” Key shares are received by the requesting device if the key share holders determine the requesting device is included in the trusted network –authenticating the requesting device based on device’s identifier. Paragraph [0005]: Shamir’s Secret Sharing Scheme.  Paragraph [0037]: a predetermined threshold number of shares are needed).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Unnikrishnan’s teaching of challenge-based authentication with Le Saint ‘875’s teaching of authentication for accessing a share of a cryptographic key stored at a node and associated with a user identifier in a decentralized manner and the authenticated operation is completed in conjunction with one or more other shares of the cryptographic key that satisfy a defined cryptographic threshold.  The motivation to do so would be for secure shared key establishment as taught by Le Saint ‘875 (Title and paragraph [0003]).
10.	Claim 6 is rejected under 35 U.S.C. 103 as being unpatentable over Unnikrishnan et al. (U.S. Pub. No. 2016/0094531), hereinafter “Unnikrishnan”, in view of Le Saint (U.S. Pub. No. 2021/0111875), hereinafter “Le Saint ‘875”, and in view of Brown et al. (U.S. Pub. No. 2018/0270065), hereinafter “Brown”.
Regarding claim 6, Unnikrishnan and Le Saint ‘875 disclose the system of claim 1.  Unnikrishnan and Le Saint ‘875 do not explicitly disclose wherein receiving a proof of possession of a first authentication credential comprises receiving a zero-knowledge (paragraphs [0009]-[0010]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Unnikrishnan and Le Saint ‘875’s teachings of decentralized challenge-based authentication for accessing shares of a cryptographic key with Brown’s teaching of authentication utilizing a zero-knowledge proof of the possession of an authentication credential.  The motivation to do so would be for authenticating user credentials without a trusted execution environment as taught by Brown (paragraph [0002]).
11.	Claims 7, 23, and 28 are rejected under 35 U.S.C. 103 as being unpatentable over Unnikrishnan et al. (U.S. Pub. No. 2016/0094531), hereinafter “Unnikrishnan”, in view of Le Saint (U.S. Pub. No. 2021/0111875), hereinafter “Le Saint ‘875”, and in view of Le Saint (U.S. Pub. No. 2015/0200774), hereinafter “Le Saint ‘774”.
Regarding claim 7, Unnikrishnan and Le Saint ‘875 disclose the system of claim 1, wherein the memory further stores instructions to cause the system to perform operations comprising receiving, from the client, a public [session] key, wherein transmitting an encrypted output comprises transmitting an output encrypted with the public [session] key to the client (Unnikrishnan, paragraphs [0079]-[0082]: the requesting device sends each share request including its certificate.  Each of the key holders uses the requesting device’s public key associated with the requesting device’s certificate to encrypt the key share that each key holder has before sending the key share to the requesting device). (paragraphs [0025], [0061], [0076]: public key pair is used in one communication session and is deleted at the end of the communication session).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Unnikrishnan and Le Saint ‘875’s teachings of decentralized challenge-based authentication for accessing shares of a cryptographic key with Le Saint ‘774’s teaching of utilizing session public key.  The motivation to do so would be to make it harder for unauthorized party to access current public key when the public key has limited lifetime.
Regarding claim 23, Unnikrishnan discloses a non-transitory computer readable medium having instructions stored thereon that, when executed by a processing device (Fig. 5 with associated text: computing device 502.  Paragraph [0080]: computer readable media), cause the processing device to perform operations comprising: 
[generating, with respect to a user identifier, a public session key and a private session key]; 
transmitting an authentication request associated with the user identifier to one or more nodes within a [decentralized] authentication network (paragraphs [0028]-[0030] and [0065]: client 102 sends an access request which needed authentication to authentication component 104-first node.  Paragraph [0082]: client 102 could be a mobile telephone, a smart phone or a tablet personal computer which belongs and associated to a specific user);
paragraphs [0029]- [0031] and [0066]: The authentication component manages authentication challenges set by authentication protocol that is based on information of the client 102;  paragraph [0038]: the client receive notification of authentication challenge); 
generating a proof of a possession of a first authentication credential (paragraphs [0038]- [0039]: The client constructs a response with a proof of possession of the required authentication credential; paragraphs [0051] and [0068]: The authentication component evaluates the received authentication response); 
broadcasting the generated proof and authentication request to at least one of the one or more nodes within the decentralized authentication network (paragraphs [0039] and [0050]: The client device sends the challenge response to the authentication token); 
based on a verification that the generated proof conforms to the authentication protocol, [receiving one or more shares of a cryptographic key associated with the user identifier, each of the one or more shares being stored at one of the one or more nodes of the decentralized authentication network] (paragraphs [0051]-[0054] and [0068]: The authentication component evaluates and validates the authentication response based on authentication protocol; paragraphs [0057]-[0058] and [0068]: generating validation result; paragraph [0069]: after successful authentication, the client is granted access to the secure resource); and 
[based on a determination that the one or more shares meet a defined cryptographic threshold, initiating one or more cryptographic operations with respect to the cryptographic key].
(paragraph [0003]:key shares are stored in a decentralized manner; paragraph [0051]: “each of the N devices can be communicably coupled to a registry of certificates that correspond to devices that belong to the trusted network, thereby enabling any one of the N devices to authenticate another device as being in the trusted network.” Key shares are received by the requesting device if the key share holders determine the requesting device is included in the trusted network –authenticating the requesting device based on device’s identifier. Paragraph [0005]: Shamir’s Secret Sharing Scheme.  Paragraph [0037]: a predetermined threshold number of shares are needed).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Unnikrishnan’s teaching of challenge-based authentication with Le Saint ‘875’s teaching of authentication for (Title and paragraph [0003]).
Unnikrishnan (paragraph [0082]) discloses client 102 could be a mobile telephone, a smart phone or a tablet personal computer. Le Saint ‘875 (paragraphs [0058]-[0059]) discloses generating public key pairs utilizing device identifier.  Since a mobile telephone, a smart phone or a tablet personal computer belongs and is associated to a specific user, the mobile telephone, the smart phone or the tablet personal computer could be a user’s identifier; therefore, generating public key pairs utilizing device identifier would also associate the public key pair to user identifier.
Unnikrishnan and Le Saint ‘875 do not explicitly disclose the public key is a session public key.  However, utilizing session public key is known in the art before the effective filing date of the claimed invention and Le Saint ‘774’s teaching is an example (paragraphs [0025], [0061], [0076]: public key pair is used in one communication session and is deleted at the end of the communication session).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Unnikrishnan and Le Saint ‘875’s teachings of decentralized challenge-based authentication for accessing shares of a cryptographic key with Le Saint ‘774’s teaching of utilizing session public key.  The motivation to do so would be to make it harder for unauthorized party to access current public key when the public key has limited lifetime.
Regarding claim 28, Unnikrishnan, Le Saint ‘875, and Le Saint ‘774 disclose the non-transitory computer readable medium of claim 23, further comprising at least one of: receiving, from at least one of the one or more nodes, an encrypted output, decrypting the one or more shares with the private session key (Le Saint ‘875, paragraph [0052]: requesting device receives encrypted key shares and uses its private key to decrypt them. Le Saint ‘774, paragraphs [0025], [0061], [0076]: utilizing session public key.  The combination of Le Saint ‘875 and Le Saint ‘774’s teachings result in predictable result of the requesting device uses its private session key to decrypt the encrypted key shares).
12.	Claims 27 is rejected under 35 U.S.C. 103 as being unpatentable over Unnikrishnan et al. (U.S. Pub. No. 2016/0094531), hereinafter “Unnikrishnan”, in view of Le Saint (U.S. Pub. No. 2021/0111875), hereinafter “Le Saint ‘875”, in view of Le Saint (U.S. Pub. No. 2015/0200774), hereinafter “Le Saint ‘774”, and in view of Brown et al. (U.S. Pub. No. 2018/0270065), hereinafter “Brown”.
Regarding claim 27, Unnikrishnan, Le Saint ‘875, and Le Saint ‘774 disclose the non-transitory computer readable medium of claim 23.  Unnikrishnan, Le Saint ‘875, and Le Saint ‘774 do not explicitly disclose wherein generating a proof of a possession of a first authentication credential comprises generating a zero-knowledge proof of a possession of a first authentication credential.  However, authentication utilizing a zero-knowledge proof of the possession of an authentication credential is known in the art before the effective filing date of the claimed invention and Brown’s teaching is an example (paragraphs [0009]-[0010]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Unnikrishnan, Le Saint ‘875, and (paragraph [0002]).
13.	Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Unnikrishnan et al. (U.S. Pub. No. 2016/0094531), hereinafter “Unnikrishnan”, in view of Le Saint (U.S. Pub. No. 2021/0111875), hereinafter “Le Saint ‘875”, and in view of Wright (U.S. Pub. No. 2020/0213099), hereinafter “Wright”.
Regarding claim 10, Unnikrishnan and Le Saint ‘875 disclose the system of claim 1.  Unnikrishnan and Le Saint ‘875 do not explicitly disclose wherein the authenticated operation comprises at least one of: signing a document with the share of the cryptographic key stored at the first node and associated with the user identifier, or signing a transaction with the share of the cryptographic key stored at the first node and associated with the user identifier (Note: Le Saint ‘875, paragraphs [0042] and [0077]: cryptographic key generated from key shares collected from multiple devices is used in different applications/services).  However, using key shares for signing a transaction is known in the art before the effective filing date of the claimed invention and Wright’s teaching is an example (paragraph [0059]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Unnikrishnan and Le Saint ‘875’s teachings of decentralized challenge-based authentication for accessing shares of a cryptographic key with Wright’s teaching of using key shares for signing a (paragraph [0064]).
14.	Claim 31 is rejected under 35 U.S.C. 103 as being unpatentable over Unnikrishnan et al. (U.S. Pub. No. 2016/0094531), hereinafter “Unnikrishnan”, in view of Le Saint (U.S. Pub. No. 2021/0111875), hereinafter “Le Saint ‘875”, in view of Le Saint (U.S. Pub. No. 2015/0200774), hereinafter “Le Saint ‘774”, and in view of Wright (U.S. Pub. No. 2020/0213099), hereinafter “Wright”.
Regarding claim 31, Unnikrishnan, Le Saint ‘875, and Le Saint ‘774 disclose the non-transitory computer readable medium of claim 23.  Unnikrishnan, Le Saint ‘875, and Le Saint ‘774 do not explicitly disclose wherein initiating one or more cryptographic operations comprises at least one of: generating, based on the one or more shares, the cryptographic key, generating, based on the one or more shares, a document signed with the cryptographic key, or based on the one or more shares, signing a transaction with the cryptographic key (Note: Le Saint ‘875, paragraphs [0042] and [0077]: cryptographic key generated from key shares collected from multiple devices is used in different applications/services). However, using key shares for signing a transaction is known in the art before the effective filing date of the claimed invention and Wright’s teaching is an example (paragraph [0059]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Unnikrishnan, Le Saint ‘875, and Le Saint ‘774’s teachings of decentralized challenge-based authentication utilizing session public key for accessing shares of a cryptographic key with Wright’s teaching of (paragraph [0064]).

Conclusion
15.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to THANH T LE whose telephone number is (571)270-0279.  The examiner can normally be reached on Monday-Thursday 8:00 am - 2:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 





/THANH T LE/Examiner, Art Unit 2495