DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1, 3-17 were amended, claim 2 was cancelled, and claims 1, 3-20 are pending.
Priority
Acknowledgment is made of applicant’s claim for foreign priority under 35 U.S.C. 119 (a)-(d). The certified copy has been filed in parent Application No. GB1713499, filed on 08/23/2017.
Response to Arguments
Applicant’s arguments with respect to claim(s) have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 1, 3-8, 10-13, 15-19 are  rejected under 35 U.S.C. 103 as being unpatentable over Mendes et al(“HANDBOOK OF APPLIED CRYPTOGRAPHY; [CRC PRESS .

With regards to claim 1, 19 Mendes discloses, A computer-implemented method of encrypting and transmitting data from a first node to a second node over a network, the method comprising: deriving, at the first node, a secret key from a common secret which is known by the first and second nodes (protocol 12.47 on page 516; SUMMARY: A and B each send the other one message over an open channel. RESULT: shared secret K known to both parties A and B.  B receives x and computes the shared key as K=(x) y mod p.  A receives y and computes the shared key as K=(y)x mod p); and 
transmitting the encrypted data to the second node (A  send to  B : αx mod p (1)
A send B : αy mod p (2)).

Mendes does not exclusively teaches, utilizing the secret key as a seed for a pseudo random number generator;  combining output from the pseudo random number generator with data to be transmitted to produce encrypted data;
However Roe teaches, utilizing the secret key as a seed for a pseudo random number generator (FIG 2 and associated text; [0027] KS is designed to generate an intermediate key, in the form of a pseudo-random number sequence S, in response to an encryption key K. KS is, for example, a known cryptographic pseudo-random number generator or an ideal cryptographic hash function or any device which is guaranteed to combining output from the pseudo random number generator with data to be transmitted to produce encrypted data (FIG 2 and associated text); It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify Mendes method with teaching of Roe in order to provide data confidentiality and data integrity, as well as benefiting from the speed advantages of a stream cipher (Roe Abstract)

Mendes in view of Roe do not but Wright teaches, wherein the first node is associated with a first asymmetric cryptography key pair and the second node is associated with a second asymmetric cryptography key pair, and the common secret is derived at the first and second nodes from the respective first and second asymmetric cryptography key pairs without transmitting the common secret between the first and second nodes (Abstract: A method (300) and system (1) of determining a common secret for two nodes (3, 7). Each node (3, 7) has a respective asymmetric cryptography pair, each pair including a master private key and a master public key. Respective second private and public keys may be determined based on the master private key, master public key and a deterministic key. A common secret may be determined at each of the nodes based on the second private and public keys. In one example, a node (3, 7) may determine the common secret based on (i) a second private key based on the node's own master private key and the deterministic key; and (ii) a second public key based on the other node's master public key and the deterministic key.);  It would have been obvious to one of ordinary skill in the art before the effective 

With regards to claim 3, Mendes further discloses,, wherein derivation of the secret key includes converting the common secret into a symmetric key (Mendes Protocol 12.53 page 518; 12.5 summarizes Protocol 12.53 and three related two-pass protocols. All four of these MTI protocols provide mutual key authentication without key confirmation or entity authentication, and are role-symmetric).

With regards to claim 4, Mendes in view of Roe and Wright teaches, wherein derivation of the secret key includes combining the common secret, or a symmetric key resulting from conversion of the common secret, with additional data for the encrypted data transmission of the encrypted data (Roe FIG 2 and associated text; [0028-[0030]; Nonce is used additional data, claim 1). Motivation would be same as stated in claim 1.

With regards to claim 5, Mendes in view of Roe and Wright teaches, wherein the additional data is derived at the first and second nodes without transmitting the additional data between the first and second nodes (ROE FIG 2 and associated text, nonce is shared). Motivation would be same as stated in claim 1.

With regards to claim 6, Mendes in view of Roe and Wright teaches, wherein the additional data includes a time variable or a cryptographic function of a time variable (Roe FIG 2 and associated text; Nonce ;  A nonce in cryptography is a number used to protect private communications by preventing replay attacks. Nonces are random or pseudo-random numbers that authentication protocols attach to communications. Sometimes these numbers include a timestamp to intensity the fleeting nature of these communications). Motivation would be same as stated in claim 1.

With regards to claim 6, Mendes in view of Roe and Wright teaches, wherein the additional data includes a single use value or a cryptographic function of a single use value (Roe [0028] Therefore, each of the nonce values used during the encryption of the message is unique. ). Motivation would be same as stated in claim 1.

With regards to claim 7, Mendes in view of Roe and Wright teaches, wherein the additional data is combined with the common secret or a symmetric key using an exclusive or (XOR) operation to produce the seed for the pseudo random number generator, the symmetric key resulting from conversion of the common secret to the symmetric key (Roe [0006] Symmetric algorithms can be divided into two categories, generally referred to as block ciphers and stream ciphers. In general terms, stream ciphers operate on plaintext a single bit at a time and are considerably faster than block ciphers. For example, in a simple stream cipher, each bit of plaintext is exclusive or'd (XORed) with a respective bit from a pseudo-random stream of bits generated by a keystream generator.). Motivation would be same as stated in claim 1.

wherein the output of the pseudo random number generator is combined with the data to be transmitted using an exclusive or (XOR) operation to produce the encrypted data (Roe [0006]). Motivation would be same as stated in claim 1.

With regards to claim 11 Mendes in view of Roe and Wright teaches, wherein the output of the pseudo random number generator is used as a onetime pad (Roe [0013] The generating means can comprise means for selecting successive keystream blocks from said pseudorandom number sequence, each to be combined with a respective plaintext block from plaintext data to be encrypted. Further, the combining means can be configured to use each of the successive keystream blocks once only during the encryption of given plaintext data under a given key, which can provide unconditional, one-time-pad-like, security if the pseudo-random number generator is assumed to be secure). Motivation would be same as stated in claim 1.

With regards to claim 12, Mendes in view of Roe and Wright teaches, wherein the transmitting of the encrypted data comprises transmission of a pseudorandom bit stream (Roe [0006]).

With regards to claim 13, Mendes in view of Roe and Wright teaches, the pseudorandom bit stream is one or more of a virtual private network (VPN) service or a streamed data service (Roe [0006] stream data). Motivation would be same as stated in claim 1.

wherein the second node receives the encrypted data and decrypts the data using the common secret; wherein the second node decrypts the encrypted data as it is being received by applying an exclusive or (XOR) operation to the encrypted data as it is being received (Roe [0005] Figure 1 illustrates the basic principle of encrypted communication. Unencrypted data, known as plaintext P, is encrypted by the Sender using an encryption algorithm E and an encryption key K to produce encrypted data, known as ciphertext C. Mathematically, the operation can be written as EK(P) = C. The ciphertext is sent over a communication channel to a Receiver, where a decryption algorithm D is applied to recover the plaintext from the ciphertext.) Motivation would be same as stated in claim 1.

With regards to claim 17, Mendes in view of Roe and Wright teaches, wherein the second node seeds its own pseudo random number generator independently of the first node in order to decrypt the encrypted data (Roe FIG 1-6 and associated text;) Motivation would be same as stated in claim 1.

Claim 18, 19 are product and device claim of method claim 1 also rejected accordingly.

With regards to claims 9, 14, 20 examiner stating official notice that these claims merely disclose inventive steps and are readily available, well known in the art.  


Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMMED WALIULLAH whose telephone number is (571)270-7987.  The examiner can normally be reached on 8.30 to 430 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 1-571-272-8878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/MOHAMMED WALIULLAH/Primary Examiner, Art Unit 2498