DETAILED ACTION
This final office action is in response to claims 1-30 filed on 10/06/2021 for examination. Claims 1-30 are being examined and are pending.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Response to Amendment
The amendment filed October 6, 2021 has been entered. Claims 1-30 remain pending in the application. The claims have been amended. Applicants’ arguments and amendments to the claims are directed to the 35 U.S.C. 103 rejection previously set forth in the Non-Final Office Action mailed July 27, 2021. Claims 1, 9, 17, and 24 have been amended and have necessitated a new ground(s) of rejection in this Office Action. Further, Applicants’ arguments filed on 10/06/2021 have been fully considered by are not persuasive to differentiate over the prior art.
Particularly, Applicants’ opine that the combination of Zhang (US20090267730) and Connery (US6311276) fail to teach or suggest “determining whether the random value (RAND) included in the authentication request message matches another random value (RAND) stored as part of an ordered list of random values (RAND) in a memory of the wireless device in response to determining that the SQN_NN of the received authentication request message is not in the valid range” as recited in the Connery wherein random values are stored in a cache on the device and used to detect replay attacks (see column 8, lines 12-43). Random numbers are pushed into/out of the cache in the order of their receipt as more random values are received (see column 8, lines 44-55). I.e., the packets are in an ordered list in the cache (in order of receipt). A comparison is then made between the newly received message and the cache to determine whether the message matches one of the random numbers stored in the cache, so that a replay attack may be detected (see, e.g., column 8, lines 32-36). Accordingly, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement Zhang with the teachings of Connery, comprising determining whether the random value (RAND) included in the authentication request message matches another random value (RAND) stored as part of an ordered list of random values (RAND) in a memory of the wireless device in response to determining that the SQN_NN of the received authentication request message is not in the valid range, to detect replay attacks without needing to store the random values indefinitely (see, e.g., column 8, line 12-55).
In view of the foregoing, applicant’s arguments and amendments regarding the independent claims have been fully considered by are not persuasive to differentiate over the prior art. 

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 1, 4, 6-9, 12, 15-17, 20, 22-24, 27, and 29-30 is/are rejected under 35 U.S.C. 103 as being unpatentable over Zhang (US20090267730, Hereinafter “Zhang”) in view of Connery et al. (US6311276, Hereinafter “Connery”).
Regarding claim 1, Zhang teaches a method of detecting one or more adversarial network entities ([0002] and [0057] – system detects replay attacks <i.e., via adversarial entities> and/or desynchronization; [0023] – system operates on network 23), comprising: 
receiving, by a processor in a wireless device, an authentication request message that includes an authentication token (AUTN) and a random value (RAND) from a network entity ([0048] – VLR sends an authentication request to the USIM containing random value RAND and authentication token AUTN; [0049] and [0023] – USIM is of a wireless mobile device); 
determining whether a message authentication code (MAC) associated with the authentication token (AUTN) included in the received authentication request message is valid ([0049] – USIM determines authentication validity by computing an expected MAC value and compares this with the MAC value of the received AUTN); 
determining whether a sequence number (SQNNN) in the received authentication request message is in a valid range in response to determining that the MAC is valid ([0050] – when MAC is determined valid, SQN is checked and then determined valid if SQN is in the valid range); and
Zhang further teaches that when (1) the MAC is valid (see [0049]), and (2) the SQN is outside the range (see [0050]) – then it is unclear whether authentication failure is the result of a desynchronization between the terminals or of a replay attack (see Zhao at [0057]). 
Zhang appears to fail to specifically disclose determining whether the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in a memory of the wireless device in response to determining that the SQNNN of the received authentication request message is not in the valid range, and determining that the network entity is an NN of the received authentication request message is not in the valid range, and the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the memory of the wireless device.
However, Connery teaches a method for detecting a replay attack (see, e.g., column 12, lines 59-65), wherein the system determines a replay attack is occurring by determining whether the random value included in the received authentication request message matches another random value stored as part of an ordered list of random values (RAND) in a memory of the wireless device (column 2, lines 40-50 – system compares the random value received with the message authentication request with previously stored random values, when a match is found a replay attack is occurring; column 8, lines 12-43 – random values are stored in a cache on the device and used to detect replay attacks; column 8, lines 44-55 – Random numbers are pushed into/out of the cache in the order of their receipt as more random values are received <i.e., the packets are in an ordered list in the cache, in order of receipt>); and determining that the network entity is an adversarial network entity when the random value included in the received authentication request message matches another random value stored in the memory of the wireless device (column 2, lines 40-50 – system compares the random value received with the message authentication request with previously stored random values, when a match is found a replay attack by an intruder <i.e., an adversarial network entity> is occurring).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Zhang by adding the replay detection system teachings of Connery, particularly as to comprise determining whether the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in a memory of the wireless device (i.e., adding the known solution of Connery at column 2, lines 40-50 to resolve the identified problem in Zhang at [0057]) in response to determining that the SQNNN of the received authentication request message is not in the valid range (Zhang identifies the problem when the SQN is not within the valid range, see [0057]), and determining that the network entity is an adversarial network entity in response to determining that the MAC is valid (Zhang step 1, see [0049] – MAC is determined valid), the SQNNN of the received authentication request message is not in the valid range (Zhang step 2, see [0050] – SQN determined not in range, but means it is unclear whether the failure is the result of a desynchronization or of a replay attack in [0057]), and the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the memory of the wireless device (Connery solution at column 2, lines 35-50 – when random value is matched, attack detected) to prevent intruders from replaying messages to fool the authentication system (see, e.g., Zhang at [0057] with Connery at column 2, lines 34-50).

Regarding claim 4, the combination of Zhang and Connery teach the method of claim 1, wherein: 
determining whether the MAC is valid comprises following a standard approach of determining whether the MAC associated with the authentication token 35Attorney Docket No. 193313 (AUTN) included in the received authentication request message was generated based on a shared secret long-term key (Zhang at [0003] – AKA protocol is based on a secret authentication key shared between the SIM and the authentication center; [0033-044] – token AUTN is defined based on the MAC and the secret key k; [0049] – system then determines in MAC is valid based on a function using the key k); and 
determining whether the received authentication request message is recently generated comprises comparing a sequence number in the valid range used for authentication (SQNMs) stored in the memory of the wireless device with a sequence number (SQN) associated with the authentication token (AUTN) included in the received authentication request message (Zhang at [0050-051] – system determines whether the authentication request is within a particular range for authentication stored in .  

Regarding claim 6, the combination of Zhang and Connery teach the method of claim 1, further comprising: determining whether the random value (RAND) included in the received authentication request message is the same as a most recently stored random value (RAND) (Connery at column 2, lines 40-50 – system compares the random value received with the message authentication request with previously stored random values, when a match is found a replay attack by an intruder is occurring <i.e., match would also be determined when the most recently stored random value provides a match>); updating the memory of the wireless device to include the random value (RAND) included in the received authentication request message in response to determining that the random value (RAND) included in the received authentication request message is not the same as the most recently stored random value (RAND) (Connery at column 2, lines 40-50 – system compares the random value received with the message authentication request with previously stored random values, when a match is found a replay attack by an intruder is occurring; column 12, lines 59-65 – when the replay detection test is instead passed, the received random value is stored); and forgoing updating of the memory of the wireless device in response to determining that the random value (RAND) included in the received authentication request message is the same as the most recently stored random value (RAND) (Connery at column 2, lines 40-50 – system compares the random value received with the message authentication request with previously stored random values, when a match is found a replay attack by an intruder is occurring; column 12, lines 59-65 and fig. 6 – when the replay detection test is passed, the received random value is stored. On a failure the message is discarded, without the storage step 108).  
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement the combination of Zhang and Connery with the teachings of Connery, comprising: determining whether the random value (RAND) included in the received authentication request message is the same as a most recently stored random value (RAND); updating the memory of the wireless device to include the random value (RAND) included in the received authentication request message in response to determining that the random value (RAND) included in the received authentication request message is not the same as the most recently stored random value (RAND); and forgoing updating of the memory of the wireless device in response to determining that the random value (RAND) included in the received authentication request message is the same as the most recently stored random value (RAND), to prevent future intruders from successfully performing a replay attack (see, e.g., Connery at column 2, lines 35-50).

Regarding claim 7, the combination of Zhang and Connery teach the method of claim 6, wherein updating the memory of the wireless device to include the random value (RAND) included in the received authentication request message (Connery at column 2, lines 40-50 – system compares the random value received with the message authentication request with previously stored random values, when a match is found a replay attack by an intruder is occurring; column 12, lines 59-65 – when the replay detection test is instead passed, the received random value is stored) comprises: loading an oldest-entry random value (RAND) from a secondary memory of the wireless device to an in-process memory of the wireless device (Connery at column 8, lines 12-43 – random value is loaded into the replay-detection cache <i.e., in-process memory> and used in comparison from a linked list, all stored replay values compared <i.e., including the oldest stored random value>; column 9, lines 23-29 – cache entries store a value corresponding to the random number value; column 11, line 66 to column 12 line 30 – the random value is stored outside of the cache <i.e., secondary memory>); and storing the random value (RAND) included in the received authentication request message in the secondary memory of the wireless device (Connery at column 8, lines 12-43 – random value is loaded into the replay-detection cache <i.e., in-process memory> and used in comparison from a linked list; column 9, lines 23-29 – cache entries stores a value corresponding the random number value; column 11, line 66 to column 12 line 30 – the random value is stored outside of the cache <i.e., secondary memory>).  
	It would have been obvious to one of ordinary skill in the arte before the effective filing date of the claimed invention to implement the combination of Zhang and Connery with the teachings of Connery, comprising loading an oldest-entry random value (RAND) from a secondary memory of the wireless device to an in-process memory of the wireless device; and storing the random value (RAND) included in the received authentication request message in the secondary memory of the wireless device, to improve the memory efficiency of the replay detection system (see, e.g., Connery at column 11, line 66 to column 12 line 30).

Regarding claim 8, the combination of Zhang and Connery teach the method of claim 7, wherein determining whether the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the memory of the wireless device comprises determining whether the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the in-process memory of the wireless device (column 8, lines 12-43 – random value is loaded into the replay-detection cache <i.e., in-process memory> and used in comparison from a linked list, all stored replay values compared <i.e., including the oldest stored random value>; column 9, lines 23-29 – cache entries store a value corresponding the random number value; column 11, line 66 to column 12 line 30 – the random value is stored outside of the cache <i.e., secondary memory>).
Zhang and Connery with the teachings of Connery, comprising loading an oldest-entry random value (RAND) from a secondary memory of the wireless device to an in-process memory of the wireless device; and storing the random value (RAND) included in the received authentication request message in the secondary memory of the wireless device, to detect intruders attempting to performing a replay attack using previously received random values (see, e.g., Connery at column 2, lines 35-50).

Regarding claim 9, Zhang teaches A wireless device ([0049] and [0023] – wireless mobile device), comprising: a memory ([0091] – system comprises memory); and a processor coupled to the memory and configured with processor-executable software instructions ([0091] – system comprises memory configured with instructions to be executed via processor) to: 
receive an authentication request message that includes an authentication token (AUTN) and a random value (RAND) from a network entity ([0048] – VLR sends an authentication request to the USIM containing random value RAND and authentication token AUTN; [0049] and [0023] – USIM is of a wireless mobile device); 
determine whether a message authentication code (MAC) associated with the authentication token (AUTN) included in the received authentication request message is valid ([0049] – USIM determines authentication validity by computing an expected MAC value and compares this with the MAC value of the received AUTN); 
determine whether a sequence number (SQNNN) in the received authentication request message is in a valid range in response to determining that the MAC is valid ([0050] – when MAC is determined valid, SQN is checked and then determined valid if SQN is in the valid range).
Zhang further teaches that when (1) the MAC is valid (see [0049]), and (2) the SQN is outside the range (see [0050]) – then it is unclear whether authentication failure is the result of a desynchronization between the terminals or of a replay attack (see Zhao at [0057]). 
Zhang appears to fail to specifically disclose determining whether the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in a memory of the wireless device in response to determining that the SQNNN of the received authentication request message is not in the valid range, and determining that the network entity is an adversarial network entity in response to determining that the MAC is valid, the SQNNN of the received authentication request message is not in the valid range, and the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the memory of the wireless device.
However, Connery teaches a method for detecting a replay attack (see, e.g., column 12, lines 59-65), wherein the system determines a replay attack is occurring from instructions to determine whether the random value included in the received authentication request message matches another random value stored as part of an ordered list of random values (RAND) in a memory of the wireless device  (column 2, lines 40-50 – system compares the random value received with the message authentication request with previously stored random values, when a match is found a replay attack is occurring; column 8, lines 12-43 – random values are stored in a cache on the device and used to detect replay attacks; column 8, lines 44-55 – Random numbers are pushed into/out of the cache in the order of their receipt as more random values are received <i.e., the packets are in an ordered list in the cache, in order of receipt>); and determine that the network entity is an adversarial network entity when the random value included in the received authentication request message matches another random value stored in the memory of the wireless device (column 2, lines 40-50 – system compares the random value .
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Zhang by adding the replay detection system teachings of Connery, particularly as to determine whether the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in a memory of the wireless device (i.e., adding the known solution of Connery at column 2, lines 40-50 to resolve the identified problem in Zhang at [0057]) in response to determining that the SQNNN of the received authentication request message is not in the valid range (Zhang identifies the problem when the SQN is not within the valid range, see [0057]), and determine that the network entity is an adversarial network entity in response to determining that the MAC is valid (Zhang step 1, see [0049] – MAC is determined valid), the SQNNN of the received authentication request message is not in the valid range (Zhang step 2, see [0050] – SQN determined not in range, but means it is unclear whether the failure is the result of a desynchronization or of a replay attack in [0057]), and the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the memory of the wireless device (Connery solution at column 2, lines 35-50 – when random value is matched, attack detected) to prevent intruders from replaying messages to fool the authentication system (see, e.g., Zhang at [0057] with Connery at column 2, lines 34-50).

Regarding claim 12, the combination of Zhang and Connery teach The wireless device of claim 9, wherein the processor is further configured with processor-executable software instructions to: 
determine whether the MAC is valid by following a standard approach of determining whether the MAC associated with the authentication token (AUTN) included in the received authentication request message was generated based on a shared secret long-term key (Zhang at ; and 
determine whether the received authentication request message is recently generated by comparing a sequence number in the valid range used for authentication (SQNMs) stored in the memory with a sequence number (SQN) associated with the authentication token (AUTN) included in the received authentication request message (Zhang at [0050-051] – system determines whether the authentication request is within a particular range for authentication stored in the USIM; [0044] and [0049] – AUTN includes the SQN; [0007-0011] – sequence number determines the freshness of the authentication message, or whether it is outdated <i.e., whether the received authentication message request is recently generated>).  

Regarding claim 14, the combination of Zhang and Connery teach the wireless device of claim 9, wherein the processor is further configured with processor-executable software instructions to: determine whether the random value (RAND) included in the received authentication request message is the same as a most recently stored random value (RAND) (Connery at column 2, lines 40-50 – system compares the random value received with the message authentication request with previously stored random values, when a match is found a replay attack by an intruder is occurring <i.e., match would also be determined when the most recently stored random value provides a match>); 
update the memory to include the random value (RAND) included in the received authentication request message in response to determining that the random value (RAND) included in the received authentication request message is not the same as the most recently stored random value (RAND) (Connery at column 2, lines 40-50 – system compares the random value received with the message authentication request with previously stored random values, when a match is found a replay ; and 
forgo updating of the memory in response to determining that the random value (RAND) included in the received authentication request message is the same as the most recently stored random value (RAND) (Connery at column 2, lines 40-50 – system compares the random value received with the message authentication request with previously stored random values, when a match is found a replay attack by an intruder is occurring; column 12, lines 59-65 and fig. 6 – when the replay detection test is passed, the received random value is stored. On a failure the message is discarded, without the storage step 108).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement the combination of Zhang and Connery with the teachings of Connery, to determine whether the random value (RAND) included in the received authentication request message is the same as a most recently stored random value (RAND); update the memory of the wireless device to include the random value (RAND) included in the received authentication request message in response to determining that the random value (RAND) included in the received authentication request message is not the same as the most recently stored random value (RAND); and forgo updating of the memory of the wireless device in response to determining that the random value (RAND) included in the received authentication request message is the same as the most recently stored random value (RAND), to prevent future intruders from successfully performing a replay attack (see, e.g., Connery at column 2, lines 35-50).

Regarding claim 15, the combination of Zhang and Connery teach the wireless device of claim 14, wherein the processor is further configured with processor-executable software instructions to update the memory to include the random value (RAND) included in the received authentication request message  (Connery at column 2, lines 40-50 – system compares the random value received with the message authentication request with previously stored random values, when a match is found a replay attack by an intruder is occurring; column 12, lines 59-65 – when the replay detection test is instead passed, the received random value is stored) by: loading an oldest-entry random value (RAND) from a secondary memory to an in-process memory of the wireless device (Connery at column 8, lines 12-43 – random value is loaded into the replay-detection cache <i.e., in-process memory> and used in comparison from a linked list, all stored replay values compared <i.e., including the oldest stored random value>; column 9, lines 23-29 – cache entries store a value corresponding to the random number value; column 11, line 66 to column 12 line 30 – the random value is stored outside of the cache <i.e., secondary memory>); and storing the random value (RAND) included in the received authentication request message in the secondary memory (Connery at column 8, lines 12-43 – random value is loaded into the replay-detection cache <i.e., in-process memory> and used in comparison from a linked list; column 9, lines 23-29 – cache entries stores a value corresponding the random number value; column 11, line 66 to column 12 line 30 – the random value is stored outside of the cache <i.e., secondary memory>).  
It would have been obvious to one of ordinary skill in the arte before the effective filing date of the claimed invention to implement the combination of Zhang and Connery with the teachings of Connery, comprising loading an oldest-entry random value (RAND) from a secondary memory of the wireless device to an in-process memory of the wireless device; and storing the random value (RAND) included in the received authentication request message in the secondary memory of the wireless device, to improve the memory efficiency of the replay detection system (see, e.g., Connery at column 11, line 66 to column 12 line 30).

Regarding claim 16, the combination of Zhang and Connery teach the wireless device of claim 15, wherein the processor is further configured with processor-executable software instructions to determine whether the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the memory by determining whether the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the in-process memory (Connery at column 8, lines 12-43 – random value is loaded into the replay-detection cache <i.e., in-process memory> and used in comparison from a linked list, all stored replay values compared <i.e., including the oldest stored random value>; column 9, lines 23-29 – cache entries store a value corresponding the random number value; column 11, line 66 to column 12 line 30 – the random value is stored outside of the cache <i.e., secondary memory>).
It would have been obvious to one of ordinary skill in the arte before the effective filing date of the claimed invention to implement the combination of Zhang and Connery with the teachings of Connery, comprising loading an oldest-entry random value (RAND) from a secondary memory of the wireless device to an in-process memory of the wireless device; and storing the random value (RAND) included in the received authentication request message in the secondary memory of the wireless device, to detect intruders attempting to performing a replay attack using previously received random values (see, e.g., Connery at column 2, lines 35-50).

Regarding claim 17, Zhang teaches a non-transitory computer readable storage medium having stored thereon processor-executable software instructions configured to cause a processor in a wireless device to perform operations ([0091] – system comprises a computer memory configured with instructions to be executed via processor) comprising: 
receiving an authentication request message that includes an authentication token (AUTN) and a random value (RAND) from a network entity ([0048] – VLR sends an authentication request to ; 
determining whether a message authentication code (MAC) associated with the authentication token (AUTN) included in the received authentication request message is valid ([0049] – USIM determines authentication validity by computing an expected MAC value and compares this with the MAC value of the received AUTN); 
determining whether a sequence number (SQNN) in the received authentication request message is in a valid range in response to determining that the MAC is valid ([0050] – when MAC is determined valid, SQN is checked and then determined valid if SQN is in the valid range).
Zhang further teaches that when (1) the MAC is valid (see [0049]), and (2) the SQN is outside the range (see [0050]) – then it is unclear whether authentication failure is the result of a desynchronization between the terminals or of a replay attack (see Zhao at [0057]). 
Zhang appears to fail to specifically disclose determining whether the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in a memory of the wireless device in response to determining that the SQNNN of the received authentication request message is not in the valid range, and determining that the network entity is an adversarial network entity in response to determining that the MAC is valid, the SQNNN of the received authentication request message is not in the valid range, and the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the memory of the wireless device.
However, Connery teaches a method for detecting a replay attack (see, e.g., column 12, lines 59-65), wherein the system determines a replay attack is occurring by determining whether the random value included in the received authentication request message matches another random value stored as part of an ordered list of random values (RAND) in a memory of the wireless device (column 2, lines ; and determining that the network entity is an adversarial network entity when the random value included in the received authentication request message matches another random value stored in the memory of the wireless device (column 2, lines 40-50 – system compares the random value received with the message authentication request with previously stored random values, when a match is found a replay attack by an intruder <i.e., an adversarial network entity> is occurring).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Zhang by adding the replay detection system teachings of Connery, particularly as to comprise determining whether the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in a memory of the wireless device (i.e., adding the known solution of Connery at column 2, lines 40-50 to resolve the identified problem in Zhang at [0057]) in response to determining that the SQNNN of the received authentication request message is not in the valid range (Zhang identifies the problem when the SQN is not within the valid range, see [0057]), and determining that the network entity is an adversarial network entity in response to determining that the MAC is valid (Zhang step 1, see [0049] – MAC is determined valid), the SQNNN of the received authentication request message is not in the valid range (Zhang step 2, see [0050] – SQN determined not in range, but means it is unclear whether the failure is the result of a desynchronization or of a replay attack in [0057]), and the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the memory of the wireless device (Connery solution at column 2, lines 35-50 – when random value is Zhang at [0057] with Connery at column 2, lines 34-50).

Regarding claim 20, the combination of Zhang and Connery teach the non-transitory computer readable storage medium of claim 17, wherein the stored processor-executable software instructions are configured to cause the processor in the wireless device to perform operations such that: determining whether the MAC is valid comprises following a standard approach of determining whether the MAC associated with the authentication token (AUTN) included in the received authentication request message was generated based on a shared secret long-term key (Zhang at [0003] – AKA protocol is based on a secret authentication key shared between the SIM and the authentication center; [0033-044] – token AUTN is defined based on the MAC and the secret key k; [0049] – system then determines in MAC is valid based on a function using the key k); and 
determining whether the received authentication request message is recently generated comprises comparing a sequence number in the valid range used for authentication (SQNMs) stored in the memory of the wireless device with a sequence number (SQN) associated with the authentication token (AUTN) included in the received authentication request message (Zhang at [0050-051] – system determines whether the authentication request is within a particular range for authentication stored in the USIM; [0044] and [0049] – AUTN includes the SQN; [0007-0011] – sequence number determines the freshness of the authentication message, or whether it is outdated <i.e., whether the received authentication message request is recently generated>).  

Regarding claim 22, the combination of Zhang and Connery teach the non-transitory computer readable storage medium of claim 17, wherein the stored processor-executable software instructions are configured to cause the processor in the wireless device to perform operations further comprising: determining whether the random value (RAND) included in the received authentication request message is the same as a most recently stored random value (RAND) (Connery at column 2, lines 40-50 – system compares the random value received with the message authentication request with previously stored random values, when a match is found a replay attack by an intruder is occurring <i.e., match would also be determined when the most recently stored random value provides a match>); updating the memory of the wireless device to include the random value (RAND) included in the received authentication request message in response to determining that the random value (RAND) included in the received authentication 43Attorney Docket No. 193313request message is not the same as the most recently stored random value (RAND) (Connery at column 2, lines 40-50 – system compares the random value received with the message authentication request with previously stored random values, when a match is found a replay attack by an intruder is occurring; column 12, lines 59-65 – when the replay detection test is instead passed, the received random value is stored); and forgoing updating of the memory of the wireless device in response to determining that the random value (RAND) included in the received authentication request message is the same as the most recently stored random value (RAND) (Connery at column 2, lines 40-50 – system compares the random value received with the message authentication request with previously stored random values, when a match is found a replay attack by an intruder is occurring; column 12, lines 59-65 and fig. 6 – when the replay detection test is passed, the received random value is stored. On a failure the message is discarded, without the storage step 108).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement the combination of Zhang and Connery with the teachings of Connery, comprising: determining whether the random value (RAND) included in the received authentication request message is the same as a most recently stored random value (RAND); updating the memory of the wireless device to include the random value (RAND) included in the received authentication request message in response to determining that the random value (RAND) included in Connery at column 2, lines 35-50).

Regarding claim 23, the combination of Zhang and Connery teach the non-transitory computer readable storage medium of claim 22, wherein the stored processor-executable software instructions are configured to cause the processor in the wireless device to perform operations such that updating the memory of the wireless device to include the random value (RAND) included in the received authentication request message (Connery at column 2, lines 40-50 – system compares the random value received with the message authentication request with previously stored random values, when a match is found a replay attack by an intruder is occurring; column 12, lines 59-65 – when the replay detection test is instead passed, the received random value is stored) comprises: loading an oldest-entry random value (RAND) from a secondary memory of the wireless device to an in-process memory of the wireless device (Connery at column 8, lines 12-43 – random value is loaded into the replay-detection cache <i.e., in-process memory> and used in comparison from a linked list, all stored replay values compared <i.e., including the oldest stored random value>; column 9, lines 23-29 – cache entries store a value corresponding to the random number value; column 11, line 66 to column 12 line 30 – the random value is stored outside of the cache <i.e., secondary memory>); and storing the random value (RAND) included in the received authentication request message in the secondary memory of the wireless device (Connery at column 8, lines 12-43 – random value is loaded into the replay-detection cache <i.e., in-process memory> and used in comparison from a linked list; column 9, lines 23-29 – cache entries stores a value corresponding the random number value; column 11, line 66 to column 12 line 30 , and wherein the stored processor-executable software instructions are configured to cause the processor in the wireless device to perform operations such that determining whether the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the memory of the wireless device comprises determining whether the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the in-process memory of the wireless device (Connery at column 8, lines 12-43 – random value is loaded into the replay-detection cache <i.e., in-process memory> and used in comparison from a linked list, all stored replay values compared <i.e., including the oldest stored random value>; column 9, lines 23-29 – cache entries store a value corresponding the random number value; column 11, line 66 to column 12 line 30 – the random value is stored outside of the cache <i.e., secondary memory>).  
It would have been obvious to one of ordinary skill in the arte before the effective filing date of the claimed invention to implement the combination of Zhang and Connery with the teachings of Connery, comprising loading an oldest-entry random value (RAND) from a secondary memory of the wireless device to an in-process memory of the wireless device; and storing the random value (RAND) included in the received authentication request message in the secondary memory of the wireless device, and wherein the stored processor-executable software instructions are configured to cause the processor in the wireless device to perform operations such that determining whether the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the memory of the wireless device comprises determining whether the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the in-process memory of the wireless device, to improve the memory efficiency of the replay detection system and to detect intruders attempting to performing a replay attack (see, e.g., Connery at column 11, line 66 to column 12 line 30).

Regarding claim 24, Zhang teaches a wireless device, comprising: means for receiving an authentication request message that includes an authentication token (AUTN) and a random value (RAND) from a network entity ([0048] – VLR sends an authentication request to the USIM containing random value RAND and authentication token AUTN; [0049] and [0023] – USIM is of a wireless mobile device);  44Attorney Docket No. 193313 
means for determining whether a message authentication code (MAC) associated with the authentication token (AUTN) included in the received authentication request message is valid ([0049] – USIM determines authentication validity by computing an expected MAC value and compares this with the MAC value of the received AUTN); 
means for determining whether a sequence number (SQNN) in the received authentication request message is in the valid range in response to determining that the MAC is valid ([0050] – when MAC is determined valid, SQN is checked and then determined valid if SQN is in the valid range).
Zhang further teaches that when (1) the MAC is valid (see [0049]), and (2) the SQN is outside the range (see [0050]) – then it is unclear whether authentication failure is the result of a desynchronization between the terminals or of a replay attack (see Zhao at [0057]). 
Zhang appears to fail to specifically disclose means for determining whether the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in a memory of the wireless device in response to determining that the SQNNN of the received authentication request message is not in the valid range, and means for determining that the network entity is an adversarial network entity in response to determining that the MAC is valid, the SQNNN of the received authentication request message is not in the valid range, and the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the memory of the wireless device.
Connery teaches a method for detecting a replay attack (see, e.g., column 12, lines 59-65), wherein the system determines a replay attack is occurring by determining whether the random value included in the received authentication request message matches another random value stored as part of an ordered list of random values (RAND) in a memory of the wireless device (column 2, lines 40-50 – system compares the random value received with the message authentication request with previously stored random values, when a match is found a replay attack is occurring; column 8, lines 12-43 – random values are stored in a cache on the device and used to detect replay attacks; column 8, lines 44-55 – Random numbers are pushed into/out of the cache in the order of their receipt as more random values are received <i.e., the packets are in an ordered list in the cache, in order of receipt>); and determining that the network entity is an adversarial network entity when the random value included in the received authentication request message matches another random value stored in the memory of the wireless device (column 2, lines 40-50 – system compares the random value received with the message authentication request with previously stored random values, when a match is found a replay attack by an intruder <i.e., an adversarial network entity> is occurring).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Zhang by adding the replay detection system teachings of Connery, particularly as to comprise means for determining whether the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in a memory of the wireless device (i.e., adding the known solution of Connery at column 2, lines 40-50 to resolve the identified problem in Zhang at [0057]) in response to determining that the SQNNN of the received authentication request message is not in the valid range (Zhang identifies the problem when the SQN is not within the valid range, see [0057]), and means for determining that the network entity is an adversarial network entity in response to determining that the MAC is valid (Zhang step 1, see [0049] – MAC is determined valid), the SQNNN of the received authentication request message is not in the valid range (Zhang step 2, see [0050] – SQN determined not in range, but means it is unclear whether the failure is the result of a desynchronization or of a replay attack in [0057]), and the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the memory of the wireless device (Connery solution at column 2, lines 35-50 – when random value is matched, attack detected) to prevent intruders from replaying messages to fool the authentication system (see, e.g., Zhang at [0057] with Connery at column 2, lines 34-50).

Regarding claim 27, the combination of Zhang and Connery teach the wireless device of claim 24, wherein: means for determining whether the MAC is valid comprises means for following a standard approach of determining whether the MAC associated with the authentication token (AUTN) included in the received authentication request message was generated based on a shared secret long-term key (Zhang at [0003] – AKA protocol is based on a secret authentication key shared between the SIM and the authentication center; [0033-044] – token AUTN is defined based on the MAC and the secret key k; [0049] – system then determines in MAC is valid based on a function using the key k); and 
means for determining whether the received authentication request message is recently generated comprises means for comparing a sequence number in the valid range used for authentication (SQNMs) stored in the memory of the wireless device 46Attorney Docket No. 193313 with a sequence number (SQN) associated with the authentication token (AUTN) included in the received authentication request message (Zhang at [0050-051] – system determines whether the authentication request is within a particular range for authentication stored in the USIM; [0044] and [0049] – AUTN includes the SQN; [0007-0011] – sequence number determines the freshness of the authentication message, or whether it is outdated <i.e., whether the received authentication message request is recently generated>).  

Regarding claim 29, the combination of Zhang and Connery teach The wireless device of claim 24, further comprising: means for determining whether the random value (RAND) included in the received authentication request message is the same as a most recently stored random value (RAND) (Connery at column 2, lines 40-50 – system compares the random value received with the message authentication request with previously stored random values, when a match is found a replay attack by an intruder is occurring <i.e., match would also be determined when the most recently stored random value provides a match>); means for updating the memory of the wireless device to include the random value (RAND) included in the received authentication request message in response to determining that the random value (RAND) included in the received authentication request message is not the same as the most recently stored random value (RAND) (Connery at column 2, lines 40-50 – system compares the random value received with the message authentication request with previously stored random values, when a match is found a replay attack by an intruder is occurring; column 12, lines 59-65 – when the replay detection test is instead passed, the received random value is stored); and means for forgoing updating of the memory of the wireless device in response to determining that the random value (RAND) included in the received authentication request message is the same as the most recently stored random value (RAND) (Connery at column 2, lines 40-50 – system compares the random value received with the message authentication request with previously stored random values, when a match is found a replay attack by an intruder is occurring; column 12, lines 59-65 and fig. 6 – when the replay detection test is passed, the received random value is stored. On a failure the message is discarded, without the storage step 108).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement the combination of Zhang and Connery with the teachings of Connery, comprising: means for determining whether the random value (RAND) included in the received authentication request message is the same as a most recently stored random value (RAND); means for Connery at column 2, lines 35-50).

Regarding claim 30, the combination of Zhang and Connery teach the wireless device of claim 29, wherein means for updating the memory of the wireless device to include the random value (RAND) included in the received authentication request message (Connery at column 2, lines 40-50 – system compares the random value received with the message authentication request with previously stored random values, when a match is found a replay attack by an intruder is occurring; column 12, lines 59-65 – when the replay detection test is instead passed, the received random value is stored) comprises: means for loading an oldest-entry random value (RAND) from a secondary memory of the wireless device to an in-process memory of the wireless device (Connery at column 8, lines 12-43 – random value is loaded into the replay-detection cache <i.e., in-process memory> and used in comparison from a linked list, all stored replay values compared <i.e., including the oldest stored random value>; column 9, lines 23-29 – cache entries store a value corresponding to the random number value; column 11, line 66 to column 12 line 30 – the random value is stored outside of the cache <i.e., secondary memory>); and47Attorney Docket No. 193313 means for storing the random value (RAND) included in the received authentication request message in the secondary memory of the wireless device (Connery at column 8, lines 12-43 – random value is loaded into the replay-detection cache <i.e., in-process memory> and used in comparison from a linked list; column 9, lines 23-29 – cache entries stores a value corresponding the , and wherein means for determining whether the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the memory of the wireless device comprises means for determining whether the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the in-process memory of the wireless device (Connery at column 8, lines 12-43 – random value is loaded into the replay-detection cache <i.e., in-process memory> and used in comparison from a linked list, all stored replay values compared <i.e., including the oldest stored random value>; column 9, lines 23-29 – cache entries store a value corresponding the random number value; column 11, line 66 to column 12 line 30 – the random value is stored outside of the cache <i.e., secondary memory>).
It would have been obvious to one of ordinary skill in the arte before the effective filing date of the claimed invention to implement the combination of Zhang and Connery with the teachings of Connery, comprising means for loading an oldest-entry random value (RAND) from a secondary memory of the wireless device to an in-process memory of the wireless device; and storing the random value (RAND) included in the received authentication request message in the secondary memory of the wireless device, and wherein the stored processor-executable software instructions are configured to cause the processor in the wireless device to perform operations such that determining whether the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the memory of the wireless device comprises determining whether the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the in-process memory of the wireless device, to improve the memory efficiency of the replay detection system and to detect intruders attempting to performing a replay attack (see, e.g., Connery at column 11, line 66 to column 12 line 30).

Claim(s) 2, 10, 18, and 25 is/are rejected under 35 U.S.C. 103 as being unpatentable over Zhang in view of Connery, further in view of Liu et al. (US20200068391, Hereinafter “Liu”).
Regarding claim 2, the combination of Zhang and Connery teach the method of claim 1, further comprising: generating an authentication response message that includes a standard authentication failure error code that indicates that the SQNNN of the received authentication request message is not in the valid range (Zhang at [0050] – in cases when SQN sequence number is determined not to be within a range, a “synchronization failure message” is provided to the VLR; Note: synchronization failure message is a normal AKA protocol response message, while not presently relied upon for additional reference see, e.g., “RFC 4187”) in response to determining that the random value (RAND) included in the received authentication request 34Attorney Docket No. 193313 message does not match another random value (RAND) stored in the memory of the wireless device (Connery at column 2, lines 40-50 – received random value from authentication request is matched against stored random values. Replay attack is not determined when no match is found); and
sending the generated authentication response message to the network entity (Zhang at [0049-050] – authentication response messages is provided to the VLR).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement the combination of Zhang and Connery with the teachings of Connery, comprising generating an authentication response message that includes a standard authentication failure error code that indicates that the SQNNN of the received authentication request message is not in the valid range in response to determining that the random value (RAND) included in the received authentication request34Attorney Docket No. 193313 message does not match another random value (RAND) stored in the memory of the wireless device; and sending the generated authentication response message to the network entity, so a non-malicious device knows to retry the connection (see, e.g., Zhang at [0049-050]).
	The combination of Zhang and Connery further teach sending an authentication reject message when authentication information fails (see, e.g., Zhang at [0049]) and detecting a replay attack (see, e.g., Connery at column 2, lines 40-50). 
Yet, the combination of Zhang and Connery appear to specifically disclose generating the authentication response message to include an authentication failure error code in a way so that is it not possible to differentiate the targeted wireless device from other wireless devices as there is no differentiating error code in response to determining that the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the memory of the wireless device.
	However, Liu teaches a replay detection system (see, e.g., [0221-0222]), comprising generating the authentication reject message when a replay attacked is detected by an authentication system by determining that the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the memory of the wireless device ([0221] – “if, based on the replay detection value, a replay attack is detected, generate an authentication reject message […]”; [0033] – the replay detection value may be a random or pseudo-random number; [0222] – replay is determined when the random value used in detecting replay attacks has been previously received <i.e., if it matches another random value stored>).
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Zhang and Connery with the teachings of Liu to use the same authentication reject message, comprising generating the authentication response message to include an authentication failure error code in a way so that is it not possible to differentiate the targeted wireless device from other wireless devices as there is no differentiating error code <i.e., as it is just an “authentication reject message”> in response to determining that the random value (RAND) included in the received authentication request message matches another random value (RAND) stored Liu at [0033], [0222] with Zhang at [0049]).

Regarding claim 10, the combination of Zhang and Connery teach the wireless device of claim 9, wherein the processor is further configured with processor-executable software instructions to: generate an authentication response message that includes a standard authentication failure error code that indicates that the SQNN of the received authentication request message is not in the valid range (Zhang at [0050] – in cases when SQN sequence number is determined not to be within a range, a “synchronization failure message” is provided to the VLR; Note: synchronization failure message is a normal AKA protocol response message, while not presently relied upon for additional reference see, e.g., “RFC 4187”)  in response to determining that the random value (RAND) included in the received authentication request message does not match another random value (RAND) stored in the memory (Connery at column 2, lines 40-50 – received random value from authentication request is matched against stored random values. Replay attack is not determined when no match is found); 
generate the authentication response message to include an authentication failure error code in a way so that is it not possible to differentiate the targeted wireless device from other wireless devices as there is no differentiating error code in response to determining that the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the memory; and 
send the generated authentication response message to the network entity (Zhang at [0049-050] – authentication response messages is provided to the VLR).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement the combination of Zhang and Connery with the teachings of Connery, comprising generating an authentication response message that includes a standard Zhang at [0049-050]).
	The combination of Zhang and Connery further teach sending an authentication reject message when authentication information fails (see, e.g., Zhang at [0049]) and detecting a replay attack (see, e.g., Connery at column 2, lines 40-50). 
Yet, the combination of Zhang and Connery appear to specifically disclose generating the authentication response message to include an authentication failure error code in a way so that is it not possible to differentiate the targeted wireless device from other wireless devices as there is no differentiating error code in response to determining that the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the memory of the wireless device.
	However, Liu teaches a replay detection system (see, e.g., [0221-0222]), comprising instructions to generate the authentication reject message when a replay attacked is detected by an authentication system by determine that the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the memory of the wireless device ([0221] – “if, based on the replay detection value, a replay attack is detected, generate an authentication reject message […]”; [0033] – the replay detection value may be a random or pseudo-random number; [0222] – replay is determined when the random value used in detecting replay attacks has been previously received <i.e., if it matches another random value stored>).
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Zhang and Connery with the teachings of Liu to use Liu at [0033], [0222] with Zhang at [0049]).

Regarding claim 18, the combination of Zhang and Connery teach the non-transitory computer readable storage medium of claim 17, wherein the stored processor-executable software instructions are configured to cause the processor in the wireless device to perform operations further comprising: generating an authentication response message that includes a standard authentication failure error code that indicates that the SQNN of the received authentication request message is not in the valid range (Zhang at [0050] – in cases when SQN sequence number is determined not to be within a range, a “synchronization failure message” is provided to the VLR; Note: synchronization failure message is a normal AKA protocol response message, while not presently relied upon for additional reference see, e.g., “RFC 4187”) in response to determining that the random value (RAND) included in the received authentication request 41Attorney Docket No. 193313 message does not match another random value (RAND) stored in the memory of the wireless device (Connery at column 2, lines 40-50 – received random value from authentication request is matched against stored random values. Replay attack is not determined when no match is found); and sending the generated authentication response message to the network entity (Zhang at [0049-050] – authentication response messages is provided to the VLR).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement the combination of Zhang and Connery with the teachings of Connery, comprising generating an authentication response message that includes a standard authentication failure error code that indicates that the SQNNN of the received authentication request message is not in the valid range in response to determining that the random value (RAND) included in the received authentication request34Attorney Docket No. 193313 message does not match another random value (RAND) stored in the memory of the wireless device; and sending the generated authentication response message to the network entity, so a non-malicious device knows to retry the connection (see, e.g., Zhang at [0049-050]).
	The combination of Zhang and Connery further teach sending an authentication reject message when authentication information fails (see, e.g., Zhang at [0049]) and detecting a replay attack (see, e.g., Connery at column 2, lines 40-50). 
Yet, the combination of Zhang and Connery appear to specifically disclose generating the authentication response message to include an authentication failure error code in a way so that is it not possible to differentiate the targeted wireless device from other wireless devices as there is no differentiating error code in response to determining that the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the memory of the wireless device.
	However, Liu teaches a replay detection system (see, e.g., [0221-0222]), comprising generating the authentication reject message when a replay attacked is detected by an authentication system by determining that the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the memory of the wireless device ([0221] – “if, based on the replay detection value, a replay attack is detected, generate an authentication reject message […]”; [0033] – the replay detection value may be a random or pseudo-random number; [0222] – replay is determined when the random value used in detecting replay attacks has been previously received <i.e., if it matches another random value stored>).
Zhang and Connery with the teachings of Liu to use the same authentication reject message, comprising generating the authentication response message to include an authentication failure error code in a way so that is it not possible to differentiate the targeted wireless device from other wireless devices as there is no differentiating error code <i.e., as it is just an “authentication reject message”> in response to determining that the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the memory of the wireless device, to inform the receiving system the authentication attempt was unsuccessful (see, e.g., Liu at [0033], [0222] with Zhang at [0049]).

Regarding claim 25, the combination of Zhang and Connery teach the wireless device of claim 24, further comprising: means for generating an authentication response message that includes a standard authentication failure error code that indicates that the SQNN of the received authentication request message is not in the valid range (Zhang at [0050] – in cases when SQN sequence number is determined not to be within a range, a “synchronization failure message” is provided to the VLR; Note: synchronization failure message is a normal AKA protocol response message, while not presently relied upon for additional reference see, e.g., “RFC 4187”) in response to determining that the random value (RAND) included in the received authentication request message does not match another random value (RAND) stored in the memory of the wireless device (Connery at column 2, lines 40-50 – received random value from authentication request is matched against stored random values. Replay attack is not determined when no match is found); and  45Attorney Docket No. 193313 
means for sending the generated authentication response message to the network entity (Zhang at [0049-050] – authentication response messages is provided to the VLR).  
Zhang and Connery with the teachings of Connery, comprising generating an authentication response message that includes a standard authentication failure error code that indicates that the SQNNN of the received authentication request message is not in the valid range in response to determining that the random value (RAND) included in the received authentication request34Attorney Docket No. 193313 message does not match another random value (RAND) stored in the memory of the wireless device; and sending the generated authentication response message to the network entity, so a non-malicious device knows to retry the connection (see, e.g., Zhang at [0049-050]).
	The combination of Zhang and Connery further teach sending an authentication reject message when authentication information fails (see, e.g., Zhang at [0049]) and detecting a replay attack (see, e.g., Connery at column 2, lines 40-50). 
Yet, the combination of Zhang and Connery appear to specifically disclose means for generating the authentication response message to include an authentication failure error code in a way so that is it not possible to differentiate the targeted wireless device from other wireless devices as there is no differentiating error code in response to determining that the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the memory of the wireless device.
	However, Liu teaches a replay detection system (see, e.g., [0221-0222]), comprising generating the authentication reject message when a replay attacked is detected by an authentication system by determining that the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the memory of the wireless device ([0221] – “if, based on the replay detection value, a replay attack is detected, generate an authentication reject message […]”; [0033] – the replay detection value may be a random or pseudo-random number; [0222] 
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Zhang and Connery with the teachings of Liu to use the same authentication reject message, comprising means for generating the authentication response message to include an authentication failure error code in a way so that is it not possible to differentiate the targeted wireless device from other wireless devices as there is no differentiating error code <i.e., as it is just an “authentication reject message”> in response to determining that the random value (RAND) included in the received authentication request message matches another random value (RAND) stored in the memory of the wireless device, to inform the receiving system the authentication attempt was unsuccessful (see, e.g., Liu at [0033], [0222] with Zhang at [0049]).

Claim(s) 5, 13, 21, and 28 is/are rejected under 35 U.S.C. 103 as being unpatentable over Zhang in view of Connery, further in view of Arkko et al. (NPL: “Extensible Authentication Protocol for 3rd Generation Authentication and Key Agreement”, January 2006, Hereinafter “RFC 4187”).
Regarding claim 5, the combination of Zhang and Connery teach the method of claim 1. While the combination of Zhang and Connery teach receiving the authentication request message that includes the random value (RAND) that includes the random value (RAND) and the authentication token (AUTN) from the network entity (see, e.g., Zhang at [0033-043], [0048]), and wherein the random value is pseudo-random (see, e.g., Connery at column 2, lines 40-42), the combination of Zhang and Connery appear to fail to specifically teach wherein receiving the authentication request message that includes the random value (RAND) and the authentication token (AUTN) from the network entity comprises receiving a RAND generated by a 128-bit Pseudo Random Number Generator (PRNG).  
RFC 4187 teaches providing random numbers generated by a 128-bit Pseudo Random Number Generator (PRNG) (pg. 8 – RAND is a randomly generated 128 bit number; pg. 77 – Pseudo-Random Number Generator generates random values).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement the combination of Zhang and Connery with the teachings of RFC 4187, wherein receiving the authentication request message that includes the random value (RAND) and the authentication token (AUTN) from the network entity comprises receiving a RAND generated by a 128-bit Pseudo Random Number Generator (PRNG), to follow IETF protocol for Key Generation Authentication and Key Agreement (see Zhang [0002] with RFC 4187 pgs. 8 and 77).

Regarding claim 13, the combination of Zhang and Connery teach the wireless device of claim 9. While the combination of Zhang and Connery teach receiving the authentication request message that includes the random value (RAND) that includes the random value (RAND) and the authentication token (AUTN) from the network entity (see, e.g., Zhang at [0033-043], [0048]), and wherein the random value is pseudo-random (see, e.g., Connery at column 2, lines 40-42), the combination of Zhang and Connery appear to fail to specifically teach wherein the processor is further configured with processor-executable software instructions to receive the authentication request message that includes the random value (RAND) and the authentication token (AUTN) from the network entity by receiving a random value (RAND) generated by a 128-bit Pseudo Random Number Generator (PRNG).  
However, RFC 4187 teaches providing random numbers generated by a 128-bit Pseudo Random Number Generator (PRNG) (pg. 8 – RAND is a randomly generated 128 bit number; pg. 77 – Pseudo-Random Number Generator generates random values).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement the combination of Zhang and Connery with the teachings of RFC 4187, wherein the processor is further configured with processor-executable software instructions to receive the authentication request message that includes the random value (RAND) and the authentication token (AUTN) from the network entity by receiving a random value (RAND) generated by a 128-bit Pseudo Random Number Generator (PRNG), to follow IETF protocol for Key Generation Authentication and Key Agreement (see Zhang [0002] with RFC 4187 pgs. 8 and 77).

Regarding claim 21, the combination of Zhang and Connery teach the non-transitory computer readable storage medium of claim 17. While the combination of Zhang and Connery teach receiving the authentication request message that includes the random value (RAND) that includes the random value (RAND) and the authentication token (AUTN) from the network entity (see, e.g., Zhang at [0033-043], [0048]), and wherein the random value is pseudo-random (see, e.g., Connery at column 2, lines 40-42), the combination of Zhang and Connery appear to fail to specifically teach wherein receiving the authentication request message that includes the random value (RAND) and the authentication token (AUTN) from the network entity comprises receiving a RAND generated by a 128-bit Pseudo Random Number Generator (PRNG).  
However, RFC 4187 teaches providing random numbers generated by a 128-bit Pseudo Random Number Generator (PRNG) (pg. 8 – RAND is a randomly generated 128 bit number; pg. 77 – Pseudo-Random Number Generator generates random values).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement the combination of Zhang and Connery with the teachings of RFC 4187, wherein the stored processor-executable software instructions are configured to cause the processor in the wireless device to perform operations such that receiving the authentication request message that includes the random value (RAND) and the authentication token (AUTN) from the network entity comprises receiving a random value (RAND) generated by a 128-bit Pseudo Random Number Generator (PRNG), to follow IETF protocol for Key Generation Authentication and Key Agreement (see Zhang [0002] with RFC 4187 pgs. 8 and 77).

Regarding claim 28, the combination of Zhang and Connery teach the wireless device of claim 24. While the combination of Zhang and Connery teach receiving the authentication request message that includes the random value (RAND) that includes the random value (RAND) and the authentication token (AUTN) from the network entity (see, e.g., Zhang at [0033-043], [0048]), and wherein the random value is pseudo-random (see, e.g., Connery at column 2, lines 40-42), the combination of Zhang and Connery appear to fail to specifically teach wherein receiving the authentication request message that includes the random value (RAND) and the authentication token (AUTN) from the network entity comprises receiving a RAND generated by a 128-bit Pseudo Random Number Generator (PRNG).  
However, RFC 4187 teaches providing random numbers generated by a 128-bit Pseudo Random Number Generator (PRNG) (pg. 8 – RAND is a randomly generated 128 bit number; pg. 77 – Pseudo-Random Number Generator generates random values).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement the combination of Zhang and Connery with the teachings of RFC 4187, wherein means for receiving the authentication request message that includes the random value (RAND) and the authentication token (AUTN) from the network entity comprises receiving a RAND generated by a 128-bit Pseudo Random Number Generator (PRNG), to follow IETF protocol for Key Generation Authentication and Key Agreement (see Zhang [0002] with RFC 4187 pgs. 8 and 77).

Allowable Subject Matter
Claim(s) 3, 11, 19, and 26 is/are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. Specifically:
Claim 3 recites, inter alia, “generating the authentication response message that includes the standard authentication failure error code that indicates that the SQNN of the received authentication request message is not in the valid range comprises generating the authentication response message to include a synchronization failure error code in response to determining that the random value (RAND) included in the received authentication request message does not match another random value (RAND) stored in the memory of the wireless device; and generating the authentication response message to include the authentication failure error code in a way so that is it not possible to differentiate the targeted wireless device from other wireless devices as there is no differentiating error code comprises generating the authentication response message to include a "MAC Failure" error code in response to determining that the random value (RAND) included in the received authentication request message matches another random authentication challenge value stored in the memory of the wireless device.”
Art found of record, e.g., the previously cited combination of Zhang and Connery further teach a returning a synchronization error code message (see, e.g., Zhang at [0050]). However, the combination of Zhang and Connery fail to teach generating the authentication response to indicate a MAC error code in response to determining that the RANDs match – particularly recited as generating the authentication response message to include the authentication failure error code in a way so that is it not possible to differentiate the targeted wireless device from other wireless devices as there is no differentiating error code comprises generating the authentication response message to include a "MAC Failure" error code in response to determining that the random value (RAND) included in the received authentication 
Other prior art of record, e.g., Zhao et al. (US20100011220) discloses a system for detecting replay attacks during an AKA procedure, comprising testing the MAC and the SQN, and providing a response message, (see, e.g., abstract, [0084], [0056]), but fails to compare RAND values, and respond to a RAND match with a MAC failure message. Liu teaches a system for detecting replay attacks by comparing stored random values against received random values, and sending an authentication reject message when the random values match (see, e.g., [0221-0222], [0033]), yet also fails to specific the authentication reject message indicating a MAC failure. 
None of the prior art of record, either taken by itself or in any combination, would have anticipated or made obvious all features of dependent claim 3 at or before the time it was filed. Dependent claims 11, 19, and 26 recite similar language and are objected to with like rationale. 

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: Zhao et al. (US20100011220) discloses a system for detecting replay attacks during an AKA procedure, comprising testing the MAC and then the SQN, and providing a response message based on the determined results (see, e.g., Zhao at abstract, [0084], [0056]).
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOSHUA RAYMOND WHITE whose telephone number is (571)272-4365.  The examiner can normally be reached on Monday-Thursday, & Alternate Fridays.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi Arani can be reached on 5712723787.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.








/TAGHI T ARANI/Supervisory Patent Examiner, Art Unit 2438