DETAILED ACTION
This Non Final Office Action is in response to Application filed on 04/07/2020.
Claims 1-20 filed on 04/07/2020 are being considered on the merits.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Drawings
The drawings filed on 04/07/2020 are accepted.

Information Disclosure Statement
The information disclosure statements (IDS) submitted on 10/05/2020 have been considered. The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly an initialed and dated copy of Applicant's IDS form 1449 filed 10/05/2020 are attached to the instant Office action. 

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-2, 6, 8, 10-12, 14-15 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Hutnik (US 20080155645 A1), hereinafter Hutnik in view of Stojanovski (US 10079822 B2), hereinafter Stojanovski.
Regarding claim 1, Hutnik teaches a method performed by [a mission critical (MC) service (MCX)] server in a [wireless] communication system (Hutnik Abstract “A server is adapted to communicate with client devices using a selected one of a plurality of alternative protection suites.”, [0020] and Figure 1 illustrates internet communication between client and VPN servers in a VPN service provider, where the communication includes accessing data that may include “mission-critical” data as disclosed [0003]), 
the method comprising: 
transmitting, to an MC client, a [key download] message including a signaling algorithm parameter (Hutnik discloses [0010] “…a first entity, or responder (such as the IPSec server of the above example), uses the geographic location of a second entity, or initiator (such as the IPSec client), to modify what would otherwise be the responder's choice of protection suite for the session in the event that that choice includes anything whose use would cause impermissible communications--for example, communications that would violate local law such as by using a particular encryption algorithm….the responder will specify in the Proposal another protection suite from among those offered by the initiator--one that does not include any non-permitted protection parameter values.”, Figure 2 illustrates server 221 (responder) transmitting “Proposal with selected responder suite” to a client, as further disclosed in [0010, 0022, 0024-0025], where the protection suite and its encryption algorithm corresponds to signaling algorithm parameter), 
(Hutnik [0010, 0022, 0024-0025] discloses the protection suites, e.g. (AES), to establish communication between server and the client, where the protection suite, i.e. encryption algorithm, corresponds to the signaling algorithm parameter, which indicates the encryption algorithm used for secured/encrypted communication to access protected resources data, such as database data, as disclosed in [0020], where the data corresponds to MCDtata signaling field information); and 
performing application plane signaling with the MC client using the algorithm (Hutnik [0020] discloses performing service in a secure communication, for communicating protected data resources, 31 in Figure 1, e.g.  internal servers, databases etc., with the client 12, where the secure communication is performed using the protection suite, algorithm proposed by the server, as disclosed in [0022], where the service of providing protected data resources and its secure access by the client corresponds to the application plane signaling with the MC client,
consistent with the description of the application plane signaling as MCData service as described in [0059] and claim 8 of the instant application).  
While Hutnik discloses the aforementioned limitations, where the communication for server and client is secured/protected based on the server transmitting a protection/encryption algorithm used for protecting communication data, e.g. database resource data, etc., Hutnik further discloses negotiating encryption key, Hutnik further discloses in the background of the disclosure that the communication data may be however, Hutnik does not explicitly disclose in the body of the disclose the below limitation.
Stojanovski discloses wireless communication for mission critical service for a system including a servers and client (Stojanovski discloses User Equipment, i.e. client, and server in wireless communication to receive mission critical content, 
Col. 1 line 56-60 “improvements for securely receiving critical communication content associated with a critical communication service (e.g., MCPTT) that may involve use of wireless mobile telecommunication cellular or wireless mobile broadband technologies.”,
Col. 2 line 37-63 “MCPTT supports an enhanced PTT service, suitable for mission critical scenarios and is based upon 3GPP EPS services. MCPTT is typically a session initiation protocol (SIP) based service that may be provided via a centralized MCPTT server residing in a network (e.g., a 3GPP EPS network). The MCPTT server may be an IP Multimedia Subsystem (IMS) application server”
Col. 3 line 4-18 “remote UEs may utilize a relay UE's direct attachment to the network to receive critical communication services from the MCPTT server…A solution is needed to allow the remote UE to agree to common key material with the MCPTT server that can be used to securely relay a master session key. The master session key may be for use by only the remote UE to decrypt encrypted critical communication content sent from the MCPTT server”),
Stojanovski further discloses transmitting to client key download message (Stojanovski discloses in Col. 7 line 56-64 “…MCPTT server 220 may use the KMS public key and its ID_nw to encode the common key material (the common key material may also be referred to as a shared secret value (SSV)) to generate a SAKKE payload. Upon receipt of the SAKKE payload, remote UE 230 may use the KMS public key, RSK_ue and ID_ue to decrypt the SAKKE encrypted payload according to a decryption algorithm described in RFC 6508 in order to obtain the common key material or SSV.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Hutnik to incorporate the teaching of Stojanovski to utilize the above feature, with the motivation of only the particular UE decrypting the encrypted critical communication, as recognized by (Stojanovski, Col. 3 line 4-18).

Regarding claim 2, Hutnik in view of Stojanovski teaches the method of claim 1, wherein the at least one MCData signaling field information comprises at least one of an MCData signaling parameter, a data signaling payload, or an end to end security parameter (Hutnik [0020] discloses protected data such as database and resource data carried in secure communication to the client, “…a secure communication channel between client 12 and selected ones of the resources 31 via Internet 15”, where the secured data is accessed, via the internet, by the client,  where the data comprises packets and payloads, where communication security is achieved using a protection suite, as disclosed in [0022]).  


Regarding claim 6, Hutnik in view of Stojanovski teaches the method of claim 1,
Hutnik discloses the negotiation for encryption key between client and server, however. Hutnik does not explicitly discloses the message includes key. 
Stojanovski wherein the key download message further includes at least one key of a client-server key (CSK) or a multicast signaling key - 30 -0502-0621 (SH-61292-US-SR)(Stojanovski discloses in Col. 3 line 11-13 “A solution is needed to allow the remote UE to agree to common key material with the MCPTT server”, Col. 7 line 56-64 “…MCPTT server 220 may use the KMS public key and its ID_nw to encode the common key material (the common key material may also be referred to as a shared secret value (SSV)) to generate a SAKKE payload. Upon receipt of the SAKKE payload, remote UE 230 may use the KMS public key, RSK_ue and ID_ue to decrypt the SAKKE encrypted payload according to a decryption algorithm described in RFC 6508 in order to obtain the common key material or SSV.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Hutnik to incorporate the teaching of Stojanovski to utilize the above feature, with the motivation of only the particular UE decrypting the encrypted critical communication, as recognized by (Stojanovski, Col. 3 line 4-18).

Regarding claim 8, Hutnik in view of Stojanovski teaches the method of claim 1, wherein MC service provided by the application plane signaling comprises at least one of an MCData service, a mission critical push to talk (MCPTT) service, or an (Hutnik discloses in [0020] providing database data and resource data resources, corresponding to the MCData service).
Furthermore, Hutnik does not explicitly disclose other types, e.g. MCPTT.
Stojanovski discloses MC service including a mission critical push to talk (MCPTT) service (Stojanovski Col. 3 line 11-13 and Figure 1 illustrates (MCPTT server)).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Hutnik to incorporate the teaching of Stojanovski to utilize the above feature, with the motivation of providing supporting organizations with mission critical services, organizations associated with public safety, transportation, utilities, industrial or nuclear plant operations., as recognized by (Stojanovski, Col. 1 line 21-30).

Regarding claim 10, Hutnik in view of Stojanovski teaches the method of claim 1, wherein the algorithm used to protect at least one MC data (MCData) signaling field information is different from another algorithm used to protect MCData payload field information (Hutnik discloses using different protection suites, encryption algorithm, used for secure communication between the server and the client to access the protected resources illustrated in Figure 1, depending the client location, as disclosed in in [0020, 0024-0025]).  

Regarding claim 11, Hutnik teaches a method performed by a mission critical (MC) client in a [wireless] communication system (Hutnik Abstract “A server is adapted to communicate with client devices using a selected one of a plurality of alternative protection suites.”, [0020] and Figure 1 illustrates internet communication between client and VPN servers in a VPN service provider, where the communication includes accessing data that may include “mission-critical” data as disclosed [0003]), the method comprising: 
receiving, from an [MC service (MCX)] server, a [key download] message including a signaling algorithm parameter (Hutnik discloses [0010] “…a first entity, or responder (such as the IPSec server of the above example), uses the geographic location of a second entity, or initiator (such as the IPSec client), to modify what would otherwise be the responder's choice of protection suite for the session in the event that that choice includes anything whose use would cause impermissible communications--for example, communications that would violate local law such as by using a particular encryption algorithm….the responder will specify in the Proposal another protection suite from among those offered by the initiator--one that does not include any non-permitted protection parameter values.”, Figure 2 illustrates server 221 (responder) transmitting “Proposal with selected responder suite” to a client, as further disclosed in [0010, 0022, 0024-0025], where the protection suite and its encryption algorithm corresponds to signaling algorithm parameter), 
the signaling algorithm parameter indicating an algorithm used to protect at least one MC data (MCData) signaling field information (Hutnik [0010, 0022, 0024-0025] discloses the protection suites, e.g. (AES), to establish communication between server and the client, where the protection suite, i.e. encryption algorithm, corresponds to the signaling algorithm parameter, which indicates the encryption algorithm used for secure/encrypted communication to access protected resources data, such as database data, as disclosed in [0020], where the data corresponds to MCDtata signaling field information); and 
performing application plane signaling with the MCX server using the algorithm (Hutnik [0020] discloses performing service in a secure communication with the protected data resources, 31 in Figure 1, e.g.  internal servers, databases etc., with the client 12, where the secure communication is performed using the protection suite, algorithm proposed by the server, as disclosed in [0022], where the service of providing protected data resources and its secure access by the client corresponds to the application plane signaling with the MC client,
consistent with the description of the application plane signaling as MCData service as described in [0059] and claim 8 of the instant application).  
While Hutnik discloses the aforementioned limitations, where the communication for server and client is secured/protected based on the server transmitting a protection/encryption algorithm used for protecting communication data, e.g. database resource data, etc., Hutnik further discloses negotiating encryption key, and Hutnik further discloses in the background of the disclosure that the communication data may be mission critical data, however, Hutnik does not explicitly disclose the below limitation.
Stojanovski discloses wireless communication system with mission critical service for a system including a servers and client (Stojanovski discloses User Equipment, i.e. client, and server in communication to receive mission critical content, Col. 1 line 56-60 “improvements for securely receiving critical communication content associated with a critical communication service (e.g., MCPTT) that may involve use of wireless mobile telecommunication cellular or wireless mobile broadband technologies.”, Col. 3 line 4-18 “remote UEs may utilize a relay UE's direct attachment to the network to receive critical communication services from the MCPTT server…A solution is needed to allow the remote UE to agree to common key material with the MCPTT server that can be used to securely relay a master session key. The master session key may be for use by only the remote UE to decrypt encrypted critical communication content sent from the MCPTT server”),
Stojanovski further discloses transmitting to client a key, receiving by the client, key download message (Stojanovski discloses in Col. 7 line 56-64 “…MCPTT server 220 may use the KMS public key and its ID_nw to encode the common key material (the common key material may also be referred to as a shared secret value (SSV)) to generate a SAKKE payload. Upon receipt of the SAKKE payload, remote UE 230 may use the KMS public key, RSK_ue and ID_ue to decrypt the SAKKE encrypted payload according to a decryption algorithm described in RFC 6508 in order to obtain the common key material or SSV.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Hutnik to incorporate the teaching of Stojanovski to utilize the above feature, with the motivation of only the particular UE decrypting the encrypted critical communication, as recognized by (Stojanovski, Col. 3 line 4-18).

Regarding claim 12, Hutnik in view of Stojanovski teaches the method of claim 11, wherein the at least one MCData signaling field information comprises at least one of an MCData signaling parameter, a data signaling -31-0502-0621 (SH-61292-US-SR) payload, or an end to end security parameter (Hutnik [0020] discloses protected data such as database and resource data carried in secure communication to the client, “…a secure communication channel between client 12 and selected ones of the resources 31 via Internet 15”, where the secured data is accessed, via the internet, by the client,  where the data comprises packets and payloads, where communication security is achieved using a protection suite, as disclosed in [0022]).    

Regarding claim 14, Hutnik teaches [a mission critical (MC) service (MCX)] server in a [wireless] communication system (Hutnik Abstract “A server is adapted to communicate with client devices using a selected one of a plurality of alternative protection suites.”, [0020] and Figure 1 illustrates a system for wireless communication between client and VPN servers in a VPN service provider, where the communication includes accessing data that may include “mission-critical” data as disclosed [0003]), the [MCX] server comprising: 
transceiver; and at least one processor coupled with the transceiver (Hutnik [0031] and Figure 3 illustrates the process performed by the server, where the server/responder receives and transmits protection algorithm offers and protection algorithm proposals to the client through the internet as illustrated in Figures 1-2, indicating that there is a processor and transceiver for performing the transmitting and receiving), the at least one processor configured to: 
[key download] message including a signaling algorithm parameter (Hutnik discloses [0010] “…a first entity, or responder (such as the IPSec server of the above example), uses the geographic location of a second entity, or initiator (such as the IPSec client), to modify what would otherwise be the responder's choice of protection suite for the session in the event that that choice includes anything whose use would cause impermissible communications--for example, communications that would violate local law such as by using a particular encryption algorithm….the responder will specify in the Proposal another protection suite from among those offered by the initiator--one that does not include any non-permitted protection parameter values.”, Figure 2 illustrates server 221 (responder) transmitting “Proposal with selected responder suite” to a client, as further disclosed in [0010, 0022, 0024-0025], where the protection suite and its encryption algorithm corresponds to signaling algorithm parameter), 
the signaling algorithm parameter indicating an algorithm used to protect at least one MC data (MCData) signaling field information (Hutnik [0010, 0022, 0024-0025] discloses the protection suites, e.g. (AES), to establish communication between server and the client, where the protection suite, i.e. encryption algorithm, corresponds to the signaling algorithm parameter, which indicates the encryption algorithm used for secure/encrypted communication to access protected resources data, such as database data, as disclosed in [0020], where the data corresponds to MCDtata signaling field information), and 
(Hutnik [0020] discloses performing service in a secure communication with the protected data resources, 31 in Figure 1, e.g.  internal servers, databases etc., with the client 12, where the secure communication is performed using the protection suite, algorithm proposed by the server, as disclosed in [0022], where the secure communication between the server and the client is through transceiver of the server, where the service of providing protected data resources and its secure access by the client corresponds to the application plane signaling with the MC client,
consistent with the description of the application plane signaling as MCData service as described in [0059] and claim 8 of the instant application).  
While Hutnik discloses the aforementioned limitations, where the communication for server and client is secured/protected based on the server transmitting a protection/encryption algorithm used for protecting communication data, e.g. database resource data, etc., Hutnik further discloses negotiating encryption key, and Hutnik further discloses in the background of the disclosure that the communication data may be mission critical data, however, Hutnik does not explicitly disclose the below limitation.
Stojanovski discloses wireless communication system for mission critical service for a system including a servers and client (Stojanovski discloses User Equipment, i.e. client, and server in wireless communication to receive mission critical content, 
Col. 1 line 56-60 “improvements for securely receiving critical communication content associated with a critical communication service (e.g., MCPTT) that may involve use of wireless mobile telecommunication cellular or wireless mobile broadband technologies.”.
Col. 3 line 4-18 “remote UEs may utilize a relay UE's direct attachment to the network to receive critical communication services from the MCPTT server…A solution is needed to allow the remote UE to agree to common key material with the MCPTT server that can be used to securely relay a master session key. The master session key may be for use by only the remote UE to decrypt encrypted critical communication content sent from the MCPTT server”)
Stojanovski further discloses transmitting to client key download message (Stojanovski discloses in Col. 7 line 56-64 “…MCPTT server 220 may use the KMS public key and its ID_nw to encode the common key material (the common key material may also be referred to as a shared secret value (SSV)) to generate a SAKKE payload. Upon receipt of the SAKKE payload, remote UE 230 may use the KMS public key, RSK_ue and ID_ue to decrypt the SAKKE encrypted payload according to a decryption algorithm described in RFC 6508 in order to obtain the common key material or SSV.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Hutnik to incorporate the teaching of Stojanovski to utilize the above feature, with the motivation of only the particular UE decrypting the encrypted critical communication, as recognized by (Stojanovski, Col. 3 line 4-18).

Regarding claim 15, Hutnik in view of Stojanovski teaches the method of claim 14, wherein the at least one MCData signaling field information comprises at least one of an MCData signaling parameter, a data signaling payload, or an end to end security parameter (Hutnik [0020] discloses protected data such as database and resource data carried in secure communication to the client, “…a secure communication channel between client 12 and selected ones of the resources 31 via Internet 15”, where the secured data is accessed, via the internet, by the client,  where the data comprises packets and payloads, where communication security is achieved using a protection suite, as disclosed in [0022]).    

Regarding claim 19, Hutnik teaches a mission critical (MC) client in a [wireless] communication system (Hutnik Abstract “A server is adapted to communicate with client devices using a selected one of a plurality of alternative protection suites.”, [0020] and Figure 1 illustrates a system for internet communication between client and VPN servers in a VPN service provider, where the communication includes accessing data that may include “mission-critical” data as disclosed [0003]), the MC client comprising: a transceiver; and at least one processor coupled with the transceiver (Hutnik [0020-0023] and illustrates in Figure 2 the client transmitting and receiving  protection suites and consequently negotiations of an encryption key is ensued as disclosed in [0025], indicating the client with processing capability and comprising a transceiver for transmitting and receiving the protection suites), the at least one processor configured to: 
[MC service (MCX)] server, by controlling the transceiver, a [key download] message including a signaling algorithm parameter (Hutnik discloses [0010] “…a first entity, or responder (such as the IPSec server of the above example), uses the geographic location of a second entity, or initiator (such as the IPSec client), to modify what would otherwise be the responder's choice of protection suite for the session in the event that that choice includes anything whose use would cause impermissible communications--for example, communications that would violate local law such as by using a particular encryption algorithm….the responder will specify in the Proposal another protection suite from among those offered by the initiator--one that does not include any non-permitted protection parameter values.”, Figure 2 illustrates server 221 (responder) transmitting “Proposal with selected responder suite” to a client, as further disclosed in [0010, 0022, 0024-0025], where the protection suite and its encryption algorithm corresponds to signaling algorithm parameter), 
the signaling algorithm parameter indicating an algorithm used to protect at least one MC data (MCData) signaling field information (Hutnik [0010, 0022, 0024-0025] discloses the protection suites, e.g. (AES), to establish communication between server and the client, where the protection suite, i.e. encryption algorithm, corresponds to the signaling algorithm parameter, which indicates the encryption algorithm used for secure/encrypted communication to access protected resources data, such as database data, as disclosed in [0020], where the data corresponds to MCDtata signaling field information), and 
(Hutnik [0020] discloses performing service in a secure communication with the protected data resources, 31 in Figure 1, e.g.  internal servers, databases etc., with the client 12, where the secure communication is performed using the protection suite, algorithm proposed by the server, as disclosed in [0022], where the service of providing protected data resources and its secure access by the client corresponds to the application plane signaling with the MC client,
consistent with the description of the application plane signaling as MCData service as described in [0059] and claim 8 of the instant application).  
While Hutnik discloses the aforementioned limitations, where the communication for server and client is secured/protected based on the server transmitting a protection/encryption algorithm used for protecting communication data, e.g. database resource data, etc., Hutnik further discloses negotiating encryption key, and Hutnik further discloses in the background of the disclosure that the communication data may be mission critical data, however, Hutnik does not explicitly disclose the below limitation.
Stojanovski discloses wireless communication system for mission critical system including a servers and client (Stojanovski discloses User Equipment, i.e. client, and server in wireless communication to receive mission critical content, 
Col. 1 line 56-60 “improvements for securely receiving critical communication content associated with a critical communication service (e.g., MCPTT) that may involve use of wireless mobile telecommunication cellular or wireless mobile broadband technologies.”. Col. 3 line 4-18 “remote UEs may utilize a relay UE's direct attachment to the network to receive critical communication services from the MCPTT server…A solution is needed to allow the remote UE to agree to common key material with the MCPTT server that can be used to securely relay a master session key. The master session key may be for use by only the remote UE to decrypt encrypted critical communication content sent from the MCPTT server”),
Stojanovski further discloses transmitting to client key, receiving by the client, key download message (Stojanovski discloses in Col. 7 line 56-64 “…MCPTT server 220 may use the KMS public key and its ID_nw to encode the common key material (the common key material may also be referred to as a shared secret value (SSV)) to generate a SAKKE payload. Upon receipt of the SAKKE payload, remote UE 230 may use the KMS public key, RSK_ue and ID_ue to decrypt the SAKKE encrypted payload according to a decryption algorithm described in RFC 6508 in order to obtain the common key material or SSV.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Hutnik to incorporate the teaching of Stojanovski to utilize the above feature, with the motivation of only the particular UE decrypting the encrypted critical communication, as recognized by (Stojanovski, Col. 3 line 4-18).

Regarding claim 20, Hutnik in view of Stojanovski teaches the method of claim 19, wherein the at least one MCData signaling field information comprises at least one of an MCData signaling parameter, a data signaling payload, or an end to end (Hutnik [0020] discloses protected data such as database and resource data carried in secure communication to the client, “…a secure communication channel between client 12 and selected ones of the resources 31 via Internet 15”, where the secured data is accessed, via the internet, by the client,  where the data comprises packets and payloads, where communication security is achieved using a protection suite, as disclosed in [0022]).  

Claims 3, 5, 13, 16 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Hutnik (US 20080155645 A1), hereinafter Hutnik in view of Stojanovski (US 10079822 B2), hereinafter Stojanovski and further in view of Le (US 20160241389 A1), hereinafter Le.

Regarding claim 3, Hutnik in view of Stojanovski teaches the method of claim 1, 
Hutnik discloses in the background of the disclosure “AES has a block size of 128 bits… AES supports keys of at least 128 bits”, however Hutnik in view of Stojanovski do not disclose the below limitation in the body of the disclosure. 
LE disclose wherein the algorithm is one of an advanced encryption standard (AES) with 128 bits key length algorithm (DP_AES_128_GCM) or an AES with 256 bits key length algorithm (DP_AES_256_GCM) (Le [0058] “A cipher suite may define a channel strength (e.g., 128 bits, 192 bits, or 256 bits), a key derivation 
function (KDF) (e.g., AES-128, AES-394, or AES-256), an elliptic curve cryptography (ECC) key agreement curve or key generation algorithm (e.g., P-256, P-384, or P-521), a block cipher mode of operation (e.g., Offset Codebook Mode (OCB), Key Wrap, Counter with CBC-MAC (CCM), EAX, Encrypt-then-MAC (EtM), or Galois/Counter Mode (GCM)), a digital signature algorithm (e.g., Elliptic Curve Digital Signature Algorithm (ECDSA) or Digital Signature Algorithm (DSA)), a cryptographic hash function (e.g., SHA-256, SHA-384, or SHA-512), a nonce (e.g., 16 bytes, 24 bytes, or 32 bytes), and the like.”, [0170] “The protocol encryption keys and/or the payload encryption keys may be generated based on the cipher suite in addition to or instead of the shared secrets. For example, the cipher suite may indicate sizes of the keys to be generated and/or the key generation algorithms (e.g., KDFs).”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Hutnik in view of Stojanovski to incorporate the teaching of Le to utilize the above feature, by selecting from a finite number of algorithms that define a security and channel strength, as recognized by (Le 0058).

Regarding claim 5, Hutnik in view of Stojanovski and Le teaches the method of claim 3, 
Hutnik in view of Stojanovski do not teach the below limitation.
Le discloses wherein the algorithm is DP_AES_256_GCM, and wherein 256 bits of key derivation function (KDF) output are used as a MCData payload cipher key (DPCK) (Le [0058] “A cipher suite may define a channel strength (e.g., 128 bits, 192 bits, or 256 bits), a key derivation 
function (KDF) (e.g., AES-128, AES-394, or AES-256), an elliptic curve cryptography (ECC) key agreement curve or key generation algorithm (e.g., P-256, P-384, or P-521), a block cipher mode of operation (e.g., Offset Codebook Mode (OCB), Key Wrap, Counter with CBC-MAC (CCM), EAX, Encrypt-then-MAC (EtM), or Galois/Counter Mode (GCM)), a digital signature algorithm (e.g., Elliptic Curve Digital Signature Algorithm (ECDSA) or Digital Signature Algorithm (DSA)), a cryptographic hash function (e.g., SHA-256, SHA-384, or SHA-512), a nonce (e.g., 16 bytes, 24 bytes, or 32 bytes), and the like.”, [0170] “The protocol encryption keys and/or the payload encryption keys may be generated based on the cipher suite in addition to or instead of the shared secrets. For example, the cipher suite may indicate sizes of the keys to be generated and/or the key generation algorithms (e.g., KDFs).”, where the AES-256 derive 256 payload encryption key, corresponding to the MCData payload cipher key, [0188] “…the cipher suite may specify the use of an AEAD encryption algorithm and a key size of 256 bits for encrypting the payload data.”).
  It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Hutnik in view of Stojanovski to incorporate the teaching of Le to utilize the above feature, by selecting from a finite number of algorithms that define a security and channel strength, as recognized by (Le 0058).

Regarding claim 13, Hutnik in view of Stojanovski teaches the method of claim 11, 

Le discloses wherein the algorithm is one of an advanced encryption standard (AES) with 128 bits key length algorithm (DP_AES_128_GCM) or an AES with 256 bits key length algorithm (DP_AES_258_GCM) (Le [0058] “A cipher suite may define a channel strength (e.g., 128 bits, 192 bits, or 256 bits), a key derivation 
function (KDF) (e.g., AES-128, AES-394, or AES-256), an elliptic curve cryptography (ECC) key agreement curve or key generation algorithm (e.g., P-256, P-384, or P-521), a block cipher mode of operation (e.g., Offset Codebook Mode (OCB), Key Wrap, Counter with CBC-MAC (CCM), EAX, Encrypt-then-MAC (EtM), or Galois/Counter Mode (GCM)), a digital signature algorithm (e.g., Elliptic Curve Digital Signature Algorithm (ECDSA) or Digital Signature Algorithm (DSA)), a cryptographic hash function (e.g., SHA-256, SHA-384, or SHA-512), a nonce (e.g., 16 bytes, 24 bytes, or 32 bytes), and the like.”, [0170] “The protocol encryption keys and/or the payload encryption keys may be generated based on the cipher suite in addition to or instead of the shared secrets. For example, the cipher suite may indicate sizes of the keys to be generated and/or the key generation algorithms (e.g., KDFs).”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Hutnik in view of Stojanovski to incorporate the teaching of Le to utilize the above feature, by selecting from a finite 

Regarding claim 16, Hutnik in view of Stojanovski teaches the method of claim 14, 
Hutnik discloses in the background of the disclosure “AES has a block size of 128 bits… AES supports keys of at least 128 bits”, however Hutnik in view of Stojanovski do not disclose the below limitation in the body of the disclosure.
LE disclose wherein the algorithm is one of an advanced encryption standard (AES) with 128 bits key length algorithm (DP_AES_128_GCM) or an AES with 256 bits key length algorithm (DP_AES_258_GCM) (Le [0058] “A cipher suite may define a channel strength (e.g., 128 bits, 192 bits, or 256 bits), a key derivation 
function (KDF) (e.g., AES-128, AES-394, or AES-256), an elliptic curve cryptography (ECC) key agreement curve or key generation algorithm (e.g., P-256, P-384, or P-521), a block cipher mode of operation (e.g., Offset Codebook Mode (OCB), Key Wrap, Counter with CBC-MAC (CCM), EAX, Encrypt-then-MAC (EtM), or Galois/Counter Mode (GCM)), a digital signature algorithm (e.g., Elliptic Curve Digital Signature Algorithm (ECDSA) or Digital Signature Algorithm (DSA)), a cryptographic hash function (e.g., SHA-256, SHA-384, or SHA-512), a nonce (e.g., 16 bytes, 24 bytes, or 32 bytes), and the like.”, [0170] “The protocol encryption keys and/or the payload encryption keys may be generated based on the cipher suite in addition to or instead of the shared secrets. For example, the cipher suite may indicate sizes of the keys to be generated and/or the key generation algorithms (e.g., KDFs).”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Hutnik in view of Stojanovski to incorporate the teaching of Le to utilize the above feature, by selecting from a finite number of algorithms that define a security and channel strength, as recognized by (Le 0058).

Regarding claim 18, Hutnik in view of Stojanovski and Le teaches the method of claim 16, 
Hutnik in view of Stojanovski do not teach the below limitation.
Le discloses wherein the algorithm is DP_AES_256_GCM, and wherein 256 bits of key derivation function (KDF) output are used as a MCData payload cipher key (DPCK) (Le [0058] “A cipher suite may define a channel strength (e.g., 128 bits, 192 bits, or 256 bits), a key derivation function (KDF) (e.g., AES-128, AES-394, or AES-256), an elliptic curve cryptography (ECC) key agreement curve or key generation algorithm (e.g., P-256, P-384, or P-521), a block cipher mode of operation (e.g., Offset Codebook Mode (OCB), Key Wrap, Counter with CBC-MAC (CCM), EAX, Encrypt-then-MAC (EtM), or Galois/Counter Mode (GCM)), a digital signature algorithm (e.g., Elliptic Curve Digital Signature Algorithm (ECDSA) or Digital Signature Algorithm (DSA)), a cryptographic hash function (e.g., SHA-256, SHA-384, or SHA-512), a nonce (e.g., 16 bytes, 24 bytes, or 32 bytes), and the like.”, [0170] “The protocol encryption keys and/or the payload encryption keys may be generated based on the cipher suite in addition to or instead of the shared secrets. For example, the cipher suite may indicate sizes of the keys to be generated and/or the key generation algorithms (e.g., KDFs).”, where the AES-256 derive 256 payload encryption key, corresponding to the MCData payload cipher key, [0188] “…the cipher suite may specify the use of an AEAD encryption algorithm and a key size of 256 bits for encrypting the payload data.”).
  It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Hutnik in view of Stojanovski to incorporate the teaching of Le to utilize the above feature, by selecting from a finite number of algorithms that define a security and channel strength, as recognized by (Le 0058).
  
Claims 4 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Hutnik (US 20080155645 A1), hereinafter Hutnik in view of Stojanovski (US 10079822 B2), hereinafter Stojanovski and further in view of Le (US 20160241389 A1), hereinafter Le and further in view of Horn et. al. (US 20150092701 A1), hereinafter Horn.

Regarding claim 4, Hutnik in view of Stojanovski and Le teaches the method of claim 3, 
Hutnik in view of Stojanovski do not disclose the below limitations.
Le discloses wherein the algorithm is DP_AES_128_GCM (Le [0058] discloses AES_128_GCM, rationale and motivation in claim 3 applies).
Hutnik in view of Stojanovski and Le do not disclose the below limitations.
(Horn [0055] “K.sub.ASME (or Ki)=least or most significant 128/256 bits of KDF (K.sub.device-root, INPUT).
Where: KDF is any key derivation function (e.g., SHA256). The output of the KDF is truncated to either 128-bits or 256-bits depending on whether the network uses 128-bit keys or 256-bit keys. K.sub.device-root is the key that is shared between the UE 415 and the subscription server 435.”, where the key corresponds to a cipher key).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Hutnik in view of Stojanovski and Le to incorporate the teaching of Horn to utilize the above feature, with the motivation accommodating the networks use of key size, as recognized by (Horn [0055]).

Regarding claim 17, Hutnik in view of Stojanovski and Le teaches the method of claim 16, 
Hutnik in view of Stojanovski do not disclose the below limitations.
Le discloses wherein the algorithm is DP_AES_128_GCM (Le [0058] discloses AES_128_GCM, rationale and motivation in claim 16 applies).
Hutnik in view of Stojanovski and Le do not disclose the below limitations.
Horn discloses wherein 128 bits among 256 bits of key derivation function (KDF) output are - 32 -0502-0621 (SH-61292-US-SR) used as a MCData payload cipher key (DPCK) (Horn [0055] “K.sub.ASME (or Ki)=least or most significant 128/256 bits of KDF (K.sub.device-root, INPUT).
Where: KDF is any key derivation function (e.g., SHA256). The output of the KDF is truncated to either 128-bits or 256-bits depending on whether the network uses 128-bit keys or 256-bit keys. K.sub.device-root is the key that is shared between the UE 415 and the subscription server 435.”, where the key corresponds to a cipher key).   
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Hutnik in view of Stojanovski and Le to incorporate the teaching of Horn to utilize the above feature, with the motivation accommodating the networks use of key size, as recognized by (Horn [0055]).

Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over Hutnik (US 20080155645 A1), hereinafter Hutnik in view of Stojanovski (US 10079822 B2), hereinafter Stojanovski and further in view of Le Saint et al (US 20180375663 A1), hereinafter Saint.
Regarding claim 7, Hutnik in view of Stojanovski teaches the method of claim 1, further comprising: 
Hutnik in view of Stojanovski do not explicitly disclose the below limitations. 
Saint discloses receiving, from the MC client, a key upload message including a client-server key (CSK) (Saint illustrates in Figure 2 (205) the client transmitting/sending a message including a client ephemeral public key, corresponding to client-server key (CSK), since the key will be used in establishing secure client-server session communication, [0057] “At 205, the client computer 240 can transmit a “request message” including the client ephemeral public key and the client encrypted data to the server computer 280.”); and 
obtaining a MCData payload cipher key (DPCK) as an output of inputting the CSK to key derivation function (KDF) (Saint illustrates in Figure 2 (209) illustrates the server obtaining a session key using a key derivation function and the shared secret, where the shared secret is initially generated from the client ephemeral public key, where the session key is used for encrypting data/payload and later decrypted at the client, [0061] “At 209, the server computer 280 can determine a second shared secret using the server blinding factor, the server static private key 282, and the client ephemeral public key. The server computer 280 may also determine a second session key using a key derivation function and the second shared secret.”, [0067] “At 215, the client computer 240 can decrypt the encrypted server data using the second shared secret (e.g., using the second session key) to obtain the server blinding factor, the server certificate 288, and the server payload 292.”).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Hutnik in view of Stojanovski to incorporate the teaching of Saint to utilize the above feature, with the motivation of ensuring secure and non-traceable communication, as recognized by (Saint [0066, 0070]).

Claims 9 is rejected under 35 U.S.C. 103 as being unpatentable over Hutnik (US 20080155645 A1), hereinafter Hutnik in view of Stojanovski (US 10079822 B2), .

Regarding claim 9, Hutnik in view of Stojanovski teaches the method of claim 1, 
Hutnik in view of Stojanovski do not disclose TLV format.
Fard discloses wherein the key download message further includes payload of tag-length-value (TLV) format (Fard discloses transmitting packet, where its header employs/comprises a TLV guideline, [00279] “a payload of the packet may be employed to transmit and detect the RAI. The packet header may employ/comprise a type, length, value TL V guideline to assist with the detection and/or the detection rules of the packet. In an example, one or more detection rules may be configured in the UPP to detect the RAI.”).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Hutnik in view of Stojanovski to incorporate the teaching of Fard to utilize the above feature, with the motivation of assisting with the detection rules of the packet, as recognized by (Fard [00279]).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:

Miller (US 20200099789 A1) discloses mission critical system including a Mission Critical (MC) Video server and clients.
Yung (US 7778194 B1) discloses client server communication with  
	Jardin (US 6671810 B1) discloses server on the network responds to an initiating event (such as a request sent to the server via the network by an application program) by randomly selecting a cryptographic algorithm from a shared algorithm repository, and  upon receipt the encryption algorithm is dynamically linked to the application program to encrypt outgoing messages to the server.
Buckley (US 20190110238 A1) discloses authenticating user equipment through relay user equipment in the context of public safety services, such as according to Mission Critical Push to Talk (MCPTT). 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BASSAM A NOAMAN whose telephone number is (571)272-2705. The examiner can normally be reached Monday-Friday 8:30 AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A. Shiferaw can be reached on (571) 272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/BASSAM A NOAMAN/Examiner, Art Unit 2497