Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
Claims 1 – 20 are presently pending in the application and have been examined below, of which claims 1, 10, and 19 are presented in independent form.

Drawings
	The drawings were received on 04/30/2020. These drawings are accepted.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or
composition of matter, or any new and useful improvement thereof, may obtain a patent
therefor, subject to the conditions and requirements of this title.

Claims 19 and 20 are rejected under 35 U.S.C. 101 because the claimed invention may be directed to software per se which is directed to non-statutory subject matter. 
Claim 19 disclosing a ‘code executable by a processor’ is directed to software per se a non-statutory subject matter for a system / apparatus claim. It is respectfully suggested by the Examiner to amend the claim limitation to require non-transitory media or a readable storage device.
Claim 20 is rejected by virtue of its dependency.

Claim Rejections - 35 USC § 102

form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented,
described in a printed publication, or in public use, on sale or otherwise available to the public
before the effective filing date of the claimed invention.

Claims 1 – 5, 8 – 14, and 17 – 20 are rejected under 35 U.S.C. 102(a) (1) as being anticipated by Zagarese et al. (US 2018/0181964) (hereafter Zagarese).


Regarding claim 1 Zagarese teaches: An apparatus comprising: a processor; a memory storing code executable by the processor to: (Zagarese, in Para. [0131] discloses “The processor 4 has access to in-memory storage ("cache") 108, which may for example be implemented, at the hardware level, in volatile electronic storage.” Zagarese, in Para. [0348] discloses “The central service can be implemented in any suitable way and requires at least one processor 114 executing identity management code, and electronic storage components providing secure storage.”) generate a plurality of the hashes of a seed and a previous public group index (Zagarese, in Para. [0681] discloses “the hashes are generated from all of the data of the master receipts, including their public indexes” Zagarese, in Para. [0750] discloses “An encrypted database also needs a search facility and this is implemented in one embodiment by storing characteristic cryptographic hashes for each indexable data item.” Zagarese, in Para. [0679] discloses “Because the earlier master receipts 32', 32" have been generated in the same manner as the master receipt 32, one of the public indexes of the first earlier master receipt 32’ will match the H(CB) from the current master receipt 32-that index having been generated in the earlier transaction”); iteratively generate a public group index for each hash (Zagarese, in Para. [0588] discloses “perform SHA-2 hashing iteratively with the stored credential number as the seed value” Zagarese, in Para. [0600] discloses “An improved alternative is to use a key which is generated based upon the serial number using a hashing algorithm such as SHA-2 iteratively. This involves creating a hash for the serial number and then creating a sequence of salted hashes with this value as the starting point” Zagarese, in Para. [0677] discloses “The master receipt is locate by hashing the available credential to generate a search index, which will match the corresponding index of the master receipt 32.” Zagarese, in Para. [0679] discloses “These indexes are public, in that they are not encrypted with the transaction identifier 60”) generate a one-time user identifier (Examiner note: one-time user identifier is met by the one-time user/payer credential) (Zagarese, in Para. [0153] discloses “The credential is a one-time only use credential for the user that is bound to his device 12 and a user identifier uID of the user.”) expressed as a hash chain of identifiers each based on one of the public group indexes (Examiner note: a one-time identifier building a hash chain of identifiers is met by the number of hashes of all data of master receipt comprising hashes of credentials, i.e., one-time identifiers) (Zagarese, in Para. [0681] discloses “the hashes are generated from all of the data of the master receipts, including their public indexes.” Zagarese, in Para. [0064] discloses “The master receipt may also comprise a hash of the fresh validator credential and/or a hash of the validator credential.”) and verify user attributes from the one-time user identifier (Examiner note: as noted above, one-time user identifier is met by the user one-time credential) (Zagarese, in Para. [0024] discloses “The identity attribute may be a data item captured from an identity document.” Zagarese, in Para. [0066] discloses “The at least one bearer attribute may be held in the data store in association with at least one identifier of the bearer” Zagarese, in Para. [0051] discloses “validating the credential, wherein the sharing token is generated only if the bearer credential is valid.”).

Regarding claim 2 Zagarese teaches: The apparatus of claim 1, wherein an initial hash is generated from only the seed (Examiner note: input value for the hash generator is a seed value) (Zagarese, in Para. [0601] discloses “Only the HMAC of the initial hash value is ever stored” Zagarese, in Para. [0156] discloses “The hash of an input value means an output value obtained by applying a hash function, such as an HMAC function, to the input value.” Zagarese, in Para. [0588] discloses “perform SHA-2 hashing iteratively with the stored credential number as the seed value”)

Regarding claim 3 Zagarese teaches: The apparatus of claim 2, wherein the code is further executable by the processor to generate the seed as a hash of user attributes (Zagarese, in Para. [0260] discloses “The metadata can be used to generate the credential, for example as a hash of the metadata and a random sequence (seed).” Zagarese, in Para. [0605] discloses “Credentials are generated by creating a random salt value and combining this with the device identification number. The result is then used as the initial seed value for an iteratively generated SHA-2 hash value with the number of rounds of iteration being determined at random.”)

Regarding claim 4 Zagarese teaches: The apparatus of claim 1, wherein the code is further executable by the processor to generate the identifier by using the public group index to index a public group to retrieve the corresponding identifier (Examiner note: as noted above, one-time user identifier is met by the one-time user/payer credential; identifier generation is met by the credential generation as a part of master receipt) (Zagarese, in Para. [0062] discloses “The presentation of the sharing token by the validator may also cause the digital identity system to generate in a master receipt store of the digital identity system, a master receipt comprising: the hash of the bearer credential and/or the fresh bearer credential” Zagarese, in Para. [0679] discloses “Because the earlier master receipts 32', 32" have been generated in the same manner as the master receipt 32, one of the public indexes of the first earlier master receipt 32’ will match the H(CB) from the current master receipt 32-that index having been generated in the earlier transaction” 

Regarding claim 5 Zagarese teaches: The apparatus of claim 4, wherein each public group index calculated as a deterministic function of the hash (Examiner note: the index as a part of master receipt is determined by the HMAC function which is deterministic by definition, i.e., no randomness is involved, which means that the same output could be produced/re-computed from the starting conditions) (Zagarese, in Para. [0677] discloses “The master receipt is locate by hashing the available credential to generate a search index, which will match the corresponding index of the master receipt 32.” Zagarese, in Para. [0156] discloses “The hash of an input value means an output value obtained by applying a hash function, such as an HMAC function, to the input value.” Zagarese, in Para. [0256] discloses “if the original credential is made available to the system later by the user, the hash can be re-computed from the available credential, and the resulting value can be used to locate the master receipt.”)

Regarding claim 8 Zagarese teaches: The apparatus of claim 1, where a given public group index is the previous public group index for a subsequent verification of the user attributes (Zagarese, in Para. [0679] discloses “Because the earlier master receipts 32', 32" have been generated in the same manner as the master receipt 32, one of the public indexes of the first earlier master receipt 32’ will match the H(CB) from the current master receipt 32-that index having been generated in the earlier transaction” Zagarese, in Para. [0353] discloses “There are two basic workflows, one relating to registration of user identity documents and the other to verification of identity (authentication).” Zagarese, in Para. [0066] discloses “The at least one bearer attribute may be held in the data store in association with at least one identifier of the bearer”).

Regarding claim 9 Zagarese teaches: The apparatus of claim 1, wherein the one-time user identifier comprises in the range of 2-4 identifiers (Examiner note: as noted above, one-time user identifier is met by the one-time user/payer credential; the identifier 26 may comprise several credentials) (Zagarese, in Para. [0153] discloses “The credential is a one-time only use credential for the user that is bound to his device 12 and a user identifier uID of the user.” Zagarese, in Para. [0394] discloses “Each time a data item is added to a profile, or an uPass profile is utilized, a new credential is created for that profile and transmitted to the owner of the profile. These credentials are stored in association with the identifier 26 in the uPass for the person 20, and are bound to a profile.”).

Regarding claim 10, claim 10 discloses a method that is substantially equivalent to the apparatus of claim 1. Therefore, the arguments set forth above with respect to claim 1 are equally applicable to claim 10 and rejected for the same reasons.

Regarding claim 11, claim 11 dependent on claim 10 discloses a method that is substantially equivalent to the apparatus of claim 2 dependent on claim 1. Therefore, the arguments set forth above with respect to claim 2 are equally applicable to claim 11 and rejected for the same reasons.

Regarding claim 12, claim 12 dependent on claim 11 discloses a method that is substantially equivalent to the apparatus of claim 3 dependent on claim 2. Therefore, the arguments set forth above with respect to claim 3 are equally applicable to claim 12 and rejected for the same reasons.

Regarding claim 13, claim 13 dependent on claim 10 discloses a method that is substantially equivalent to the apparatus of claim 4 dependent on claim 1. Therefore, the arguments set forth above with respect to claim 4 are equally applicable to claim 13 and rejected for the same reasons.

Regarding claim 14, claim 14 dependent on claim 13 discloses a method that is substantially equivalent to the apparatus of claim 5 dependent on claim 4. Therefore, the arguments set forth above with respect to claim 5 are equally applicable to claim 14 and rejected for the same reasons.

Regarding claim 17, claim 17 dependent on claim 10 discloses a method that is substantially equivalent to the apparatus of claim 8 dependent on claim 1. Therefore, the arguments set forth above with respect to claim 8 are equally applicable to claim 17 and rejected for the same reasons.

Regarding claim 18, claim 18 dependent on claim 10 discloses a method that is substantially equivalent to the apparatus of claim 9 dependent on claim 1. Therefore, the arguments set forth above with respect to claim 9 are equally applicable to claim 18 and rejected for the same reasons.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the 

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 6, 7, 15, and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Zagarese as applied to claim 1 and in view of Acar et al. (US 2014/0281525) (hereafter Acar).

Regarding claim 6 Zagarese fails to explicitly teach: The apparatus of claim 4, wherein each public group index calculated as hard discreet logarithm function over the public group of large order q over the hash.
Acar from the analogous technical field teaches: The apparatus of claim 4, wherein each public group index calculated as hard discreet logarithm function over the public group of large order q over the hash (Acar, in Para. [0315] discloses “Step 406 refers to computing discrete logarithmic cryptographic group based values using at least some proof components.”)
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Zagarese, in view of the teaching of Acar which discloses application of discrete logarithmic function as a part of the cryptographic procedure in order to make cryptographic process of Zagarese more security resistant against external influences (Acar, [0315]). 

Regarding claim 7 Zagarese fails to explicitly teach: The apparatus of claim 4, wherein each public group index calculated as a hard logarithm function over the public group of large order q of the hash, wherein q is a number of identifiers in the public group.
Acar from the analogous technical field teaches: The apparatus of claim 4, wherein each public group index calculated as a hard logarithm function over the public group of large order q of the hash, wherein q is a number of identifiers in the public group (Examiner note: application of discrete logarithm function to build up the group of indexes/integers is met by application of discrete logarithm function to generate a group of credential parameters) (Acar, in Para. [0220] discloses “One or more credential parameters, such as a public cryptographic key, may be generated with/without any bilinear pairings and/or based on discrete logarithms” Acar, in Para. [0017] discloses “the cryptographic data may include a verifier-generated challenge value that also is an element of a prime-order cryptographic group construction, including a prime-order additive subgroup of integers. This construction may be built without anything that could be considered a bilinear pairing between subgroups of integers and instead, may be based upon a discrete logarithmic group”)
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Zagarese, in view of the teaching of Acar which discloses application of discrete logarithmic function as a part of the cryptographic procedure in order to make cryptographic process of Zagarese more flexible and security resistant against external influences (Acar, [0017, 0220]). 

Regarding claim 15, claim 15 dependent on claim 13 discloses a method that is substantially equivalent to the apparatus of claim 6 dependent on claim 4. Therefore, the arguments set forth above with respect to claim 6 are equally applicable to claim 15 and rejected for the same reasons.

Regarding claim 16, claim 16 dependent on claim 13 discloses a method that is substantially equivalent to the apparatus of claim 7 dependent on claim 4. Therefore, the arguments set forth above with respect to claim 7 are equally applicable to claim 16 and rejected for the same reasons.





Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on (571) 272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.








/MICHAEL R VAUGHAN/Primary Examiner, Art Unit 2431