DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of Claims
	Claims 1-14 are pending.

Claim Objections
Claim 1 is objected to because of the following informalities:  
Claim 1 recites “a pseudo ransom function”.  This should be “a pseudo random function”.
Appropriate correction is required.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-13 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.  Claim 1 recites a method comprising “allowing” a server to perform steps, and 

Claims 14 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.  Claim 14 recites “wherein the server generates first authentication information 

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2, 13-14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Bhupathiraju et al (PGPUB 2017/0244692), and further in view of Lambert (PGPUB 2019/0089532).

Regarding Claim 1:
Bhupathiraju teaches an authentication method comprising (abstract, secure device authentication): 
allowing a server to generate first authentication information (paragraph 70, authentication server builds authentication request and transmits to security device) and to transmit the first (paragraph 32, 70, authentication server transmits authentication request to security device via OTA server; Over-the-Air (OTA) server provides interaction between authentication server and mobile device as well as security device); and 
allowing the authentication target device to check validity of the first authentication information (paragraph 71, security device receives authentication request message and verifies the request), and after checking the validity of the first authentication information, allowing the authentication target device to generate second authentication information configured by a value generated by using a pseudo random function using the identifier of the authentication target device, a common key, and a check result of the first authentication information as arguments (paragraph 83-84, security device computes response message using salted hash of PIN (i.e. identifier) and received nonce used to derive key for encrypting authentication response; hash of response including result of the operation (i.e. “OK”) further included in response), and to transmit the second authentication information to the authentication proxy client (paragraph 85, response transmitted back to authentication server via OTA server).
Bhupathiraju does not explicitly teach the first authentication value configured by a value generated by using a pseudo ransom function using an identifier of an authentication target device and a common key as arguments; and
checking validity of the first authentication information by comparing the value generated by using the pseudo random function using the identifier and the common key as arguments with the first authentication information.
However, Lambert teaches the concept of a first authentication value configured by a value generated by using a pseudo ransom function using an identifier of an authentication target device and a common key as arguments (abstract, techniques for secure device authentication; paragraph 88, Fig. 6&7, encrypted authentication tag received from responder device (see response 706 in Fig. 7); Fig. 7 show the authentication tag Tag_r generated as a hash of the initiator nonce Nonce_i, the responder nonce Nonce_r, the initiator ephemeral key E_i, the responder ephemeral key E_r, the initiator public key P_i, and the responder public key P_r; any of the nonces or ephemeral keys can be considered the common key, and the initiator public key can be seen as an identifier of the initiator device); and
checking validity of the first authentication information by comparing the value generated by using the pseudo random function using the identifier and the common key as arguments with the first authentication information (paragraph 88-91, Fig. 7, initiator device receives encrypted Tag_r from responder device, decrypts Tag_r, and uses Tag_r to verify responder device; Fig. 7 shows the initiator device generating Tag_r’ using the values of Nonce_i, Nonce_r, E_r, E_i, P_i, and P_r, and comparing to decrypted Tag_r received from responder device; if Tag_r matches Tag_r’, the responder is validated).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the common key and identifier teachings of Lambert with the device authentication and proxy teachings of Bhupathiraju, in order to incorporate multiple shared values into a calculation of authentication information for a mutual authentication process, thereby making it more difficult for an attacker to impersonate either the client or server, and provide certainty to both parties that the authentication server and authentication target device are valid devices, particularly when traversing a network of proxy devices.

Regarding Claim 2:
Bhupathiraju in view of Lambert teaches the authentication method according to claim 1.  In addition, Bhupathiraju teaches wherein the authentication proxy client transmits the second authentication information to the server, and 
(paragraph 85-88, response transmitted back to authentication server via OTA server; authentication server derives key using stored hash of PIN and nonce; if server is able to interpret decrypted message, this indicates PIN was entered correctly; server verifies integrity hash to confirm integrity of the response).

Regarding Claim 13:
Bhupathiraju in view of Lambert teaches the authentication method according to claim 1.  In addition, Bhupathiraju teaches wherein the authentication proxy client transmits the identifier of an authentication device collected and a session identifier for identifying a communication corresponding relation to a server (paragraph 70, authentication server builds authentication request containing transaction ID; paragraph 83, response is prepared including transaction ID and salted hash of the PIN (i.e. identifier of authentication device collected); paragraph 85, response transmitted back to authentication server via OTA server), and 
wherein the server checks validity of the identifier of the authentication target device and the session identifier (paragraph 76, authentication server confirms verifiable transaction ID; paragraph 86, server further verifies salted hash of PIN).

Regarding Claim 14:
Bhupathiraju teaches an authentication system comprising 
an authentication target device (paragraph 70, authentication server builds authentication request and transmits to security device), 
a server selecting a common key for the authentication target device (paragraph 70, authentication server builds authentication request and transmits to security device; request includes nonce, i.e. common key), and 
(paragraph 32, 70, authentication server transmits authentication request to security device via OTA server; Over-the-Air (OTA) server provides interaction between authentication server and mobile device as well as security device), 
wherein the server generates first authentication information (paragraph 70, authentication server builds authentication request and transmits to security device) and transmits the first authentication information to the authentication target device via the authentication proxy client (paragraph 32, 70, authentication server transmits authentication request to security device via OTA server; Over-the-Air (OTA) server provides interaction between authentication server and mobile device as well as security device), and 
wherein the authentication target device checks validity of the first authentication information (paragraph 71, security device receives authentication request message and verifies the request), after checking the validity of the first authentication information, generates second authentication information configured by a value generated by using a pseudo random function using the identifier of the authentication target device, the common key, and a result of the check of the first authentication information as arguments (paragraph 83-84, security device computes response message using salted hash of PIN (i.e. identifier) and received nonce used to derive key for encrypting authentication response; hash of response including result of the operation (i.e. “OK”) further included in response), and transmits the second authentication information to the authentication proxy client (paragraph 85, response transmitted back to authentication server via OTA server).
Bhupathiraju does not explicitly teach the first authentication information configured by a value generated by using a pseudo random function using an identifier of the authentication target device and the common key as arguments; and
 by comparing the value generated by using the pseudo random function using the identifier and the common key as arguments and the first authentication information.
However, Lambert teaches the concept of a first authentication value configured by a value generated by using a pseudo ransom function using an identifier of an authentication target device and a common key as arguments (abstract, techniques for secure device authentication; paragraph 88, Fig. 6&7, encrypted authentication tag received from responder device (see response 706 in Fig. 7); Fig. 7 show the authentication tag Tag_r generated as a hash of the initiator nonce Nonce_i, the responder nonce Nonce_r, the initiator ephemeral key E_i, the responder ephemeral key E_r, the initiator public key P_i, and the responder public key P_r; any of the nonces or ephemeral keys can be considered the common key, and the initiator public key can be seen as an identifier of the initiator device); and
checking validity of the first authentication information by comparing the value generated by using the pseudo random function using the identifier and the common key as arguments with the first authentication information (paragraph 88-91, Fig. 7, initiator device receives encrypted Tag_r from responder device, decrypts Tag_r, and uses Tag_r to verify responder device; Fig. 7 shows the initiator device generating Tag_r’ using the values of Nonce_i, Nonce_r, E_r, E_i, P_i, and P_r, and comparing to decrypted Tag_r received from responder device; if Tag_r matches Tag_r’, the responder is validated).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the common key and identifier teachings of Lambert with the device authentication and proxy teachings of Bhupathiraju, in order to incorporate multiple shared values into a calculation of authentication information for a mutual authentication process, thereby making it more difficult for an attacker to impersonate either the client or server, and provide certainty to both parties that the authentication server and authentication target device are valid devices, particularly when traversing a network of proxy devices.

Claim 3 is/are rejected under 35 U.S.C. 103 as being unpatentable over Bhupathiraju in view of Lambert, and further in view of South et al (PGPUB 2017/0171754).

Regarding Claim 3:
Bhupathiraju in view of Lambert teaches the authentication method according to claim 1.
Neither Bhupathiraju nor Lambert explicitly teaches wherein the server generates first time information regarding time when the first authentication information is generated, and generates the first authentication information configured by a value generated by using a pseudo random function using the identifier of the authentication target device, the common key, and the first time information as arguments.
However, South teaches the concept wherein a server generates first time information regarding time when a first authentication information is generated, and generates the first authentication information configured by a value generated by using a pseudo random function using an identifier of an authentication target device, a common key, and the first time information as arguments (paragraph 104, beacon generates digitally signed value to be included in tamper status package by generating a random number, generating a timestamp based on the current time, generating a status, concatenating the values and generating a digest using a hash algorithm, which is then signed with a key; paragraph 105, beacon transmits package to emergency location service).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the authentication generation timestamp teachings of South with the device authentication and proxy teachings of Bhupathiraju in view of Lambert, in order to provide a means of determining the time at which authentication data was generated, thereby allowing an end user system to determine that authentication data was recently generated and only applied to the .

Claim 4 is/are rejected under 35 U.S.C. 103 as being unpatentable over Bhupathiraju in view of Lambert, and further in view of Beauford (PGPUB 2018/0020324).

Regarding Claim 4:
Bhupathiraju in view of Lambert teaches the authentication method according to claim 1.  In addition, Bhupathiraju teaches wherein the authentication target device generates the second authentication information configured by a value generated by using a pseudo random function using the identifier of the authentication target device, the common key, and a check result of the first authentication information as arguments (paragraph 83-84, security device computes response message using salted hash of PIN (i.e. identifier) and received nonce used to derive key for encrypting authentication response; hash of response including result of the operation (i.e. “OK”) further included in response).
Neither Bhupathiraju nor Lambert explicitly teaches wherein the authentication target device generates the second authentication information configured by a value generated by using a pseudo random function using second time information regarding time when the authentication proxy client receives the first authentication information.
However, Beauford teaches the concept wherein an authentication target device generates second authentication information configured by a value generated by using a pseudo random function using second time information regarding time when an authentication proxy client receives first authentication information and a common key (paragraph 38, request received from device; server checks to see if request is valid; paragraph 39-44, latency measured between device to one or more network nodes; latency calculated by using e.g. traceroute program; calculated latency hashed with time stamp using persona key and transmitted to server).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine proxy receipt time teachings of Beauford with the device authentication and proxy teachings of Bhupathiraju in view of Lambert, in order to determine the times at which intermediary devices performed certain functions, allowing the detection of anomalous latencies which do not comply with preset authentication requirements, thereby improving the security environment.

Claim 5 is/are rejected under 35 U.S.C. 103 as being unpatentable over Bhupathiraju in view of Lambert, and further in view of Falk et al (PGPUB 2011/0312284).

Regarding Claim 5:
Bhupathiraju in view of Lambert teaches the authentication method according to claim 3.
Neither Bhupathiraju nor Lambert explicitly teaches, wherein the authentication target device determines whether length of data of the first authentication information is as a specified value or not as validity of the first authentication information, and 
wherein the authentication proxy client transmits second authentication information including a result of determination whether the length of the data of the first authentication information is as a specified value or not to the server.
However, Falk teaches the concept wherein an authentication target device determines whether length of data of a first authentication information is as a specified value or not as validity of the first authentication information (paragraph 29, verifying of received message by receiving node performed using expected message length), and 
(paragraph 58, 68, verifying of received message by receiving nodes is performed using an expected message length; receiving nodes forward received data only if received data has expected message length; intermediate device transmits message only after length is verified).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine length check teachings of Falk with the device authentication and proxy teachings of Bhupathiraju in view of Lambert, in order to provide a simple means of performing an authentication check, which allows the rapid detection of an invalid transmission as a rapid, low-overhead preliminary check prior to a more involved verification calculation such as running a hashing function, thereby improving efficiency in the event that an incoming message does not conform to the appropriate length.

Claim 6 is/are rejected under 35 U.S.C. 103 as being unpatentable over Bhupathiraju in view of Lambert and South, and further in view of Lakshmegowda et al (US 9,635,106).

Regarding Claim 6:
Bhupathiraju in view of Lambert and South teaches the authentication method according to claim 3.
Neither Bhupathiraju nor Lambert nor South explicitly teaches wherein the authentication target device checks whether the difference between the first time information and second time information regarding time when the authentication proxy client receives the first authentication information satisfies a predetermined time restriction or not.
(abstract, system for facilitating peer-to-peer communication; col 5 line 64-col 6 line 23, upon receiving first request or second request at intermediary server, timeout counter is initialized; timeout period indicates time within which communication should be established; col 10 line 33-col 11 line 7, identification element for first and second peer devices comprises timestamp; col 14 line 18-30, intermediary server, i.e. “authentication target device”, receives first and second timestamps; if first and second timestamps fail to meet the criteria, trigger requests are discarded).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the time check teachings of Lakshmegowda with the device authentication and proxy teachings of Bhupathiraju in view of Lambert and South, in order to ensure that received packets comply with a preset transmission time requirement, thereby limiting the amount of time an attacker has available to reuse authentication packet data, and preventing other errors due to excessive network latency at the time of authentication, thus improving efficiency and the security environment.

Claim 7 is/are rejected under 35 U.S.C. 103 as being unpatentable over Bhupathiraju in view of Lambert and Beauford, and further in view of Lakshmegowda.

Regarding Claim 7:
Bhupathiraju in view of Lambert and Beauford teaches the authentication method according to claim 4.

However, Lakshmegowda teaches the concept wherein a server checks whether the difference between second time information and third time information regarding time when an authentication proxy client receives second authentication information satisfies a predetermined time restriction or not (abstract, system for facilitating peer-to-peer communication; col 5 line 64-col 6 line 23, upon receiving first request or second request at intermediary server, timeout counter is initialized; timeout period indicates time within which communication should be established; col 10 line 33-col 11 line 7, identification element for first and second peer devices comprises timestamp; col 14 line 18-30, intermediary server receives first and second timestamps; if first and second timestamps fail to meet the criteria, trigger requests are discarded).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the time check teachings of Lakshmegowda with the device authentication and proxy teachings of Bhupathiraju in view of Lambert and Beauford, in order to ensure that received packets comply with a preset transmission time requirement, thereby limiting the amount of time an attacker has available to reuse authentication packet data, and preventing other errors due to excessive network latency at the time of authentication, thus improving efficiency and the security environment.

Claims 8-9, 11 is/are rejected under 35 U.S.C. 103 as being unpatentable over Bhupathiraju in view of Lambert, and further in view of Cavendish et al (PGPUB 2018/0292522).

Regarding Claim 8:
Bhupathiraju in view of Lambert teaches the authentication method according to claim 1.
Neither Bhupathiraju nor Lambert explicitly teaches wherein the server uses a monotonic counter limiting the number of times of use of the first authentication information.
However, Cavendish teaches the concept wherein a server uses a monotonic counter limiting the number of times of use of first authentication information (abstract, method for secure range determination; paragraph 40, secure timing protocol implemented using signed, verifiable messages including device identifiers and nonce; paragraph 57, nonce is varying, non-constant value that inhibits or otherwise prevents attacker from using copies of previously intercepted messages; paragraph 63, nonce derived according to pre-determined formulation, e.g. sequence value incremented by 1).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the nonce counter limiting authentication information use teachings of Cavendish with the device authentication and proxy teachings of Bhupathiraju in view of Lambert, in order to improve security by including a time-varying/incremental nonce in signed messages so as to prevent replay attacks, which are attacks well-known in the art involving intercepting messages containing authentication information and copying said messages for use at a later time to impersonate the authentic party.  Incrementing the nonce with each message makes copies of the message useless, as the authenticating party expects the nonce to have changed between messages, thereby preventing these attacks and improving the security environment.

Regarding Claim 9:
Bhupathiraju in view of Lambert and Cavendish teaches the authentication method according to claim 8.  In addition, Cavendish teaches wherein the server generates the first authentication (paragraph 57, signature block of signed message comprises hash of payload; payload comprises nonce value; paragraph 58, nonce value is changing sequence number that increases for each message or transaction).
The rationale to combine Bhupathiraju and Cavendish is the same as provided for claim 8 due to the overlapping subject matter between claims 8 and 9.

Regarding Claim 11:
Bhupathiraju in view of Lambert teaches the authentication method according to claim 1.  In addition, Bhupathiraju teaches wherein the authentication target device generates the second authentication information configured by a value generated by using a pseudo random function using the identifier of the authentication target device, the common key, and a check result of the first authentication information as arguments (paragraph 83-84, security device computes response message using salted hash of PIN (i.e. identifier) and received nonce used to derive key for encrypting authentication response; hash of response including result of the operation (i.e. “OK”) further included in response).
Neither Bhupathiraju nor Lambert explicitly teaches wherein the authentication target device generates the second authentication information configured by a value generated by using a pseudo random function using fourth time information regarding time when the first authentication information is received as an argument.
However, Cavendish teaches the concept wherein an authentication target device generates second authentication information configured by a value generated by using a pseudo random function using fourth time information regarding time when a first authentication information is received (paragraph 63, verifiable acknowledgment message implemented by producing signed acknowledgement message over acknowledgement payload; payload includes timing information such as time instance T2; T2 indicates time at which signed TM message 230 is received from responder device).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the payload timestamp teachings of Cavendish with the device authentication and proxy teachings of Bhupathiraju in view of Lambert, in order to provide a means of determining device range based on timing data in a secure manner, thereby allowing devices to securely determine that the devices involved in the communication fall within expected ranges and transmission times, preventing spoofing and other impersonation attacks.

Claim 10 is/are rejected under 35 U.S.C. 103 as being unpatentable over Bhupathiraju in view of Lambert, and further in view of Guday et al (PGPUB 2018/0270363).

Regarding Claim 10:
Bhupathiraju in view of Lambert teaches the authentication method according to claim 1.
Neither Bhupathiraju nor Lambert explicitly teaches wherein the authentication proxy client transmits identifiers of a plurality of authentication target devices to the server, and 
wherein the server generates the first authentication information regarding each of the authentication target devices.
However, Guday teaches the concept wherein an authentication proxy client transmits identifiers of a plurality of authentication target devices to a server, and 
wherein the server generates first authentication information regarding each of the authentication target devices (abstract, techniques for managing a plurality of mobile communications devices; paragraph 110-120, receiving, by enterprise server via the proxy interface, data associated with subscription services for a plurality of mobile communications devices; data comprises data indicative of identities of a plurality of mobile communications devices; subscription credentials transmitted to selected mobile devices).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the multiple device identifier teachings of Guday with the device authentication and proxy teachings of Bhupathiraju in view of Lambert, in order to provide a means of provisioning and authenticating multiple devices at once, thereby improving efficiency through the use of parallelization instead of having to perform each device authentication one at a time.

Claim 12 is/are rejected under 35 U.S.C. 103 as being unpatentable over Bhupathiraju in view of Lambert, and further in view of Kuo et al (PGPUB 2018/0091621).

Regarding Claim 12:
Bhupathiraju in view of Lambert teaches the authentication method according to claim 1.
Neither Bhupathiraju nor Lambert explicitly teaches wherein the authentication proxy client transmits an identifier of itself together with the identifier of the authentication target device to the server, and 
wherein the server generates third authentication information configured by a value generated by using a pseudo random function using the identifier of the authentication proxy client and the common key as arguments together with the first authentication information.
However, Kuo teaches the concept wherein the authentication proxy client transmits an identifier of itself together with the identifier of the authentication target device to the server, and 
wherein the server generates third authentication information configured by a value generated by using a pseudo random function using the identifier of the authentication proxy client and the common key as arguments together with the first authentication information (paragraph 68-70, distributed hash server comprises information that allows gateway servers to identify particular gateway server that is responsible for communication with a particular device; hash value for each device that has previously communicated with a gateway comprised in distributed hash server; paragraph 109, existence of the device and its connection with the particular gateway server is published so that other gateway servers may reference the information in the future; in an example embodiment, the gateway server to which the particular device connected, requests that distributed hash server store hash values corresponding to the device identifier, the connection identifier, and an identifier for the particular gateway server to which the device connected).
	It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the proxy identifier hash teachings of Kuo with the device authentication and proxy teachings of Bhupathiraju in view of Lambert, in order to provide a means of authenticating each device in a communication route, thereby securing the route against malicious intermediary devices and preventing attacks such as man-in-the-middle attacks.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to FORREST L CAREY whose telephone number is (571)270-7814. The examiner can normally be reached 9:00AM-5:30PM M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 5712723972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.






/FORREST L CAREY/Examiner, Art Unit 2491                                                                                                                                                                                         

/ASHOKKUMAR B PATEL/Supervisory Patent Examiner, Art Unit 2491