DETAILED ACTION
This non-final office action is in response to claims 1-8 filed on 11/05/2021 for examination. Claims 1-8 are being examined and are pending.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 02/11/2020 has been considered by the examiner. 

Restriction Election/Amendments
Applicant’s election without traverse of claims 1-8 in the reply filed 11/05/2021 is acknowledged.

Specification
The disclosure is objected to because of the following informalities: Separate paragraphs numbered [0001-002] are recited on both pages 1 and 10. 


Claim Objections
Claim(s) 2-5 is/are objected to because of the following informality: Claim 2 recites “computing first and second random values” and “the random values” (lines 1-2). Claim 3-5 recite elements of “the first random value” (e.g., claim 3, line 1), “the second random value” (e.g., claim 5, line 2), and are dependent on claim 2. Examiner suggests using consistent terminology in the claims to refer to the elements, amending claim 2 to, e.g., “computing a first random value and a second random value, and sending the first random value and the second random value to the user”. Appropriate correction is required.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claim 8 is rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because each element of the claims can reasonably be interpreted as software. While claim 8 indicates “An authentication system comprising one or more processors […]” (line 1), “processor” may reasonably interpreted as software. For example, a processor could refer to a word processor. The claims as written further lack physical elements recited in the body of the claim. Absent other physical elements, a reasonable interpretation of the claim(s) as written is as software. Accordingly, claim 8 fails to fall into a statutory category of invention as a software system alone is not a machine, a manufacture, a process nor a composition of matter.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 1-2 and 6-8 is/are rejected under 35 U.S.C. 103 as being unpatentable over Brown et al. (US20180270065, Hereinafter “Brown”) in view of Bartolucci et al (US20200412542, Hereinafter “Bartolucci”).
Regarding claim 1, Brown teaches a method for secure user authentication using a blockchain (abstract), the method comprising: 
computing a cryptographic puzzle and a solution to the cryptographic puzzle ([0009-011] – Zero-knowledge proof of knowledge “ZKPoK” <i.e., solution> and zero-knowledge authentication information “ZKAI” <i.e., puzzle> is generated, wherein the ZKAI <i.e., puzzle> is added to a distributed ledger. ZKPoK <i.e., solution> is subsequently received from a prover and validated against the “ZKAI” <i.e., puzzle> stored on the distributed ledger; [0063] – user needs to provide the correct ZKPoK information); and 
sending the cryptographic puzzle to the blockchain ([0009-011] – ZKAI <i.e., puzzle> is added to a distributed ledger; [0134-135] – ZKAI <i.e., puzzle> may be generated at another computing device and added to the ledger <i.e., ZKAI sent to the ledger>) such that the user is authenticatable by a relaying party having read access to the blockchain to fetch the cryptographic puzzle from the blockchain ([0009-011] and [0062-063] – verifier <i.e., relaying party> checks a ZKPoK <i.e., solution> received from a prover against the public ZKAI <i.e., puzzle> stored in the distributed ledger <i.e., verifier reads the  and determine whether the solution as presented to the relaying party by the user is a valid solution to the cryptographic puzzle ([0009-011] - verifier <i.e., relaying party> checks the ZKPoK <i.e., solution> received from a prover against the ZKAI stored in the distributed ledger <i.e., verifier reads the ZKAI from the distributed ledger>, and authenticates the prover by determining whether the ZKPoK <i.e., solution> is valid against the ZKAI <i.e., puzzle>.  
While Brown teaches generating a solution to the cryptographic puzzle (see, e.g., Brown at [0009]), subsequently using the solution to validate to a verifier (see, e.g., Brown at [0010]), and using a credential registration engine to generate the ZKAI (see, e.g., Brown at [0050]), Brown appears to fail to specifically disclose a step of sending the solution to a user to be authenticated.
However, Bartolucci teaches an identity provider which provides a user with an validation proof <i.e., a solution> to be subsequently validated based on information <i.e., a puzzle> stored by a verifier (see, e.g., Bartolucci at [0041]), comprising sending the solution to a user to be authenticated ([0041] and [0085] – the credential system comprises an issuer, a verifier, and a prover, wherein the issuer issues <i.e., sends> a proof <i.e., solution> to a prover so that the prover can subsequently provide the proof to a verifier; [0043] – proofs are zero-knowledge proofs).
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Brown with the teachings of Bartolucci, comprising sending the solution to a user to be authenticated, so that users in a dynamic group may demonstrate they possess certain authentication attributes without showing the attributes themselves (see, e.g., Bartolucci at [0041-043]).

Regarding claim 2, the combination of Brown and Bartolucci teach the method according to claim 1, further comprising computing first and second random values and sending the random values to the user (Brown at [0084] and [0094] – random numbers generated, e.g., random numbers r1 and r2; .  

Regarding claim 6, the combination of Brown and Bartolucci teach the method according to claim 1, wherein the cryptographic puzzle is an instance of a discrete logarithm problem (Brown at [0144] – ECDSA used for the cryptographic puzzle; Note: ECDSA is a discrete logarithmic problem. While not presently relied upon, see, e.g., Davis (US20200153630) at [0002] further explaining ECDSA).  

Regarding claim 7, the combination of Brown and Bartolucci teach a tangible, non-transitory computer-readable medium comprising instructions which, upon execution on one or more processors cause the one or more processors, alone or in combination, to allow for execution of the method according to claim 1 (see herein with regards to claim 1, and [0016] – processor executes code instructions stored in a computer memory).  

Regarding claim 8, Brown teaches an authentication system comprising one or more processors which, alone or in combination, are configured to allow for execution of a method ([0016] – processor executes code instructions stored in a computer memory) comprising: 
computing a cryptographic puzzle and a solution to the cryptographic puzzle ([0009-011] – Zero-knowledge proof of knowledge “ZKPoK” <i.e., solution> and zero-knowledge authentication information “ZKAI” <i.e., puzzle> is generated, wherein the ZKAI <i.e., puzzle> is added to a distributed ledger. ZKPoK <i.e., solution> is subsequently received from a prover and validated against the “ZKAI” <i.e., puzzle> stored on the distributed ledger; [0063] – user needs to provide the correct information); and  Page 12 of 15Attorney Docket No. 817262 (Client Ref. NLE-960-19-US) 
sending the cryptographic puzzle to the blockchain ([0009-011] – ZKAI <i.e., puzzle> is added to a distributed ledger; [0134-135] – ZKAI <i.e., puzzle> may be generated at another computing device and added to the ledger <i.e., ZKAI sent to the ledger>) such that the user is authenticatable by a relaying party having read access to the blockchain to fetch the cryptographic puzzle from the blockchain ([0009-011] and [0062-063] – verifier <i.e., relaying party> checks a ZKPoK <i.e., solution> received from a prover against the public ZKAI <i.e., puzzle> stored in the distributed ledger <i.e., verifier reads the ZKAI from the distributed ledger>) and determine whether the solution as presented to the relaying party by the user is a valid solution to the cryptographic puzzle ([0009-011] - verifier <i.e., relaying party> checks the ZKPoK <i.e., solution> received from a prover against the ZKAI stored in the distributed ledger <i.e., verifier reads the ZKAI from the distributed ledger>, and authenticates the prover by determining whether the ZKPoK <i.e., solution> is valid against the ZKAI <i.e., puzzle>.  
Brown further teaches generating a solution to the cryptographic puzzle (see, e.g., Brown at [0009]), subsequently using the solution to validate to a verifier (see, e.g., Brown at [0010]), and using a credential registration engine to generate the ZKAI (see, e.g., Brown at [0050]), yet, Brown appears to fail to specifically disclose a step of sending the solution to a user to be authenticated.
However, Bartolucci teaches an identity provider <i.e., credential registration engine> which provides a user with an validation token <i.e., a solution> to be subsequently validated by information <i.e., the puzzle> stored by a verifier (see, e.g., Bartolucci at [0041]), comprising sending the solution to a user to be authenticated ([0041] and [0085] – the credential system comprises an issuer, a verifier, and a prover, wherein the issuer issues <i.e., sends> a proof <i.e., solution> to a prover so that the prover can subsequently provide the proof to a verifier; [0043] – proofs are zero-knowledge proofs).
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Brown with the teachings of Bartolucci, comprising sending the solution to a user to be authenticated, so that users in a dynamic group may demonstrate they possess Bartolucci at [0041-043]).

Claim 3-5 is/are rejected under 35 U.S.C. 103 as being unpatentable over Brown in view of Bartolucci, further in view of Thekadath et al. (US20190289019, Hereinafter “Thekadath”).
Regarding claim 3, the combination of Brown and Bartolucci teach the method according to claim 2, wherein the first [[random]] value is used as a message identifier for the cryptographic puzzle ([0012] and [0136] – transaction ID corresponding to the ZKAI <i.e., puzzle> is received), and wherein the cryptographic puzzle is computed using the second random value ([0012-013] – ZKAI is generated using a randomly generated value; [0094] – random value used to compute ZKAI). While the combination of Brown and Bartolucci teach generating and providing a first value used as a message identifier for a cryptographic puzzle transaction on a blockchain to a user (see, e.g., Brown at [0012] and [0136), the combination of Brown and Bartolucci appear to fail to specifically disclose wherein the first value is random value. 
However, Thekadath teaches a system for adding values to a blockchain (see, e.g., [0102]), wherein a first random value is used as a message identifier for a cryptographic puzzle added to a blockchain ([0102] – random number is included in the block’s header <i.e., is an identifier> of a block to the distributed ledger; [0111-112] – the zero knowledge proofs <i.e., puzzle> are blocks added to the distributed ledger).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Brown and Bartolucci with the teachings of Thekadath, wherein a first random value is used as a message identifier for a cryptographic puzzle added to a blockchain, so that users may uniquely identify the desired block/puzzles (see, e.g., Thekadath at [0046]).

Regarding claim 4, the combination of Brown, Bartolucci, and Thekadath teach the method according to claim 3, wherein the cryptographic puzzle is sent to the blockchain concatenated together with information about the user in a message identified using the message identifier (Brown at [0012] – transaction ID is included in the addition of the ZKAI <i.e., puzzle> to the distributed ledger; [0009-011] – ZKAI <i.e., puzzle> added to the distributed ledger contains parameters of the user).  

Regarding claim 5, the combination of Brown, Bartolucci, and Thekadath teach the method according to claim 3, wherein the cryptographic puzzle is a hash function of the second random value ([0117-0118] – the random values r1 and r2 hashed as part of the function, and the verifier checks whether the produced result “c” of the hash is legitimate to authenticate the user <i.e., the puzzle is to produce the correct c>).  

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Davis (US20200153630) teaches elliptic curve digital signature algorithms (ECDSA) utilize a discrete algorithm (see, e.g., [0002]). Lu (US20170180128) teaches a method for deploying a trusted identity to a user issued by an issuer (see, e.g., abstract, Fig. 1). Soundararajan et al. (US20200036533) teaches an issuer issuing a token to a user, wherein the user subsequently presents the token to a verifier (see, e.g., [0180-181]).
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOSHUA RAYMOND WHITE whose telephone number is (571)272-4365. The examiner can normally be reached Monday-Thursday, & Alternate Fridays.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi Arani can be reached on 5712723787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/J.R.W./Examiner, Art Unit 2438                                                                                                                                                                                                        /TAGHI T ARANI/Supervisory Patent Examiner, Art Unit 2438