DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment
This is a reply to the request for Continued Examination (RCE) filed on 11/29/2021, in which Claim(s) 1-25 are presented for examination. Claim(s) 1, 3 - 5, 8, 12, 19, and 21 -25 are amended. No claim(s) are cancelled or newly added.

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 11/29/2021 has been entered.

Response to Argument
Claim Rejections - 35 U.S.C. § 102 and 35 U.S.C. § 103:
Applicant’s arguments with respect to the rejection of claim(s) 1-25 have been considered but are moot in view of the new ground(s) of rejection.

Applicant is encouraged to schedule an interview with the Examiner prior to the 

Claim Objections
Claims 1, 3 and 25 are objected to because of the following informalities:  
Claim 1 recites “seeding a random number generator with the generated seed to generate one or more post-quantum secure cryptographic objects”. It is not clear if one or more post-quantum secure cryptographic objects are generated or not and why they are post-quantum secure.
Claim 3 limitation “using one or more of the regenerated cryptographic objects” should be “using one or more of [[the]] regenerated cryptographic objects” since the term “regenerated cryptographic objects’ is mentioned the very first time in the claim. Besides it is not clear when cryptographic objects are regenerated, there is no such limitation in the claim.
Claim 25 recites “seed a random number generator with the generated seed to generate one or more cryptographic objects”. It is not clear if one or more cryptographic objects are generated or not.
Appropriate correction is required.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not 

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Claims 1-5, 11, 18-21, and 23-25 are rejected under 35 U.S.C. 103 as being unpatentable over Hauge et al. (US 2006/0269063 A1) in view of Martin Tomlinson (US 2018/0205536 A1) further in view of Monica et al. (US 2019/0372779 A1) and further in view of Merchan et al. (US 2019/0349208 A1).
Regarding Claims 1, 23 and 25, Hauge discloses
accessing, by a first entity ([0048], “the four dynamically generated program keys PK (these four 128 bit random numbers) stored in the active portion of the memory 66 (as part of a first entity) are currently being used (i.e. accessed by the first entity)”), an random number generated by a second entity ([0048], “random numbers from the random number generator 62 (i.e. the second entity)”); 
instructing to store the random number on the first entity ([0048], “stores these four 128 bit random numbers as four dynamically generated program keys in … memory 66”);
Hauge does not explicitly teach but Tomlinson teaches
the random number is an entropy-based random number (Abstract, “the keystream output of a cryptographic random number generator… a keystream with higher entropy”);
based on a deterministic algorithm ([0072], “As the cryptographic key deterministic”);
interacting with a security module to generate a seed according to both a reference key of the security module and the random number ([0017], “generating a seed value based on the function output (i.e. the random number) and a (reference) key”, [0070], “using a block cipher decryption module 702 with the first key K1”);
seeding a random number generator with the generated seed to generate one or more cryptographic objects ([0017], “using the generated seed value to seed a random number generator that outputs a stream of random numbers (i.e. cryptographic objects)”);
Hauge and Tomlinson are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Tomlinson with the disclosure of Hauge. The motivation/suggestion would have been for generating a keystream for cipher stream encryption of plaintext data (Tomlinson, [0019]).
The combined teaching of Hauge and Tomlinson does not explicitly teach but Monica teaches
the security module is a hardware security module (HSM) ([0007], “a hardware security module”);
the reference key of the HSM being one of residing in or derived by the HSM ([0007], “a cryptographic key controlled by the hardware security module”);
Hauge, Tomlinson and Monica are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in 
The combined teaching of Hauge, Tomlinson and Monica does not explicitly teach but Merchan teaches
one or more cryptographic objects are post-quantum secure cryptographic objects that are trust anchored to the key ([0028], “the computational fuzzy extractor 200 leverages computational security based on Learning with Errors (LWE), which is post-quantum secure, to preserve the full entropy of the PUF 118 and obtain longer cryptographic keys”).
Hauge, Tomlinson, Monica and Merchan are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Merchan with the combined teaching of Hauge, Tomlinson and Monica. The motivation/suggestion would have been to provide post-quantum security.

Regarding Claim 2, the combined teaching of Hauge, Tomlinson, Monica and Merchan teaches
using at least one of the one or more cryptographic objects to perform a cryptographic operation (Tomlinson, [0017], “adding, modulo an integer p, the output stream of the random number generator to the message data stream to produce a and 
deleting one or more of the cryptographic objects previously generated (Monica, [0011], “deleting the regenerated private key”).

Regarding Claim 3, the combined teaching of Hauge, Tomlinson, Monica and Merchan teaches
regenerating one or more previously deleted cryptographic objects by: 
accessing the stored random number (Hauge, [0048]); and 
based on the deterministic algorithm (Tomlinson, [0072]): 
interacting with the HSM (Monica, [0007]) to regenerate the seed according to both the reference key and the previously stored random number (Tomlinson, [0018]); and 
seeding the random number generator with the regenerated seed, and using one or more of the regenerated cryptographic objects to perform the cryptographic operation (Tomlinson, Abstract, “reseeding the random number generator”, [0017], [0018]).  

Regarding Claim 4, the combined teaching of Hauge, Tomlinson, Monica and Merchan teaches
at the HSM, deriving said reference key based on a key of a deeper key hierarchy level of a key hierarchy in the HSM, prior to generating the seed (Monica, [0007], Tomlinson, e.g. Fig. 2 Ks1 & Ks2).

Regarding Claim 5, the combined teaching of Hauge, Tomlinson, Monica and Merchan teaches
wherein said random number is a first random number (Hauge, [0048]), and the method further comprises, prior to generating the seed: 
accessing a second entropy-based random number (Hauge, [0048], Tomlinson, Abstract); 
instructing to store the second random number (Hauge, [0048]); and 
interacting with the HSM for it to derive said reference key using both the second random number and the key of the deeper key hierarchy level (Monica, [0007], Tomlinson, e.g. Fig. 2 Ks1 & Ks2).  

Regarding Claim 11, the combined teaching of Hauge, Tomlinson, Monica and Merchan teaches wherein the steps of accessing the random number, generating the seed, and seeding the random number generator are carried out in a container (Hauge, [0048], Tomlinson, Abstract, [0017]).

Regarding Claim 18, the combined teaching of Hauge, Tomlinson, Monica and Merchan teaches prior to accessing said entropy-based random number, instructing to generate said entropy-based random number (Hauge, [0048]).

Regarding Claim 19, the combined teaching of Hauge, Tomlinson, Monica and Merchan teaches wherein interacting with the HSM comprises: 
forwarding the random number accessed to the HSM (Hauge, [0048], 
instructing the HSM to generate the seed according to the random number forwarded to it and the reference key; and receiving the generated seed (Hauge, [0048], Tomlinson, [0017], Monica, [0007]).  

Regarding Claim 20, the combined teaching of Hauge, Tomlinson, Monica and Merchan teaches wherein said seed is generated by encrypting the random number using the reference key (Tomlinson, [0017], [0070]).

Regarding Claim 21, the combined teaching of Hauge, Tomlinson, Monica and Merchan teaches wherein the reference key as used to generate the seed is a key pre-loaded on the HSM (Monica, [0007], “a hardware-based cryptographic key securely stored (i.e. pre-loaded) in the hardware security module”).  

Regarding Claim 24, the combined teaching of Hauge, Tomlinson, Monica and Merchan teaches a subsystem configured to interact with the HSM, the subsystem and the HSM being distinct from one another (Monica, [0007], “the cryptoasset custodial system”).  

Claims 6-9 are rejected under 35 U.S.C. 103 as being unpatentable over Hauge et al. (US 2006/0269063 A1) in view of Martin Tomlinson (US 2018/0205536 A1) further in view of Monica et al. (US 2019/0372779 A1) and further in view of Merchan et al. (US 2019/0349208 A1) and further in view of John A. Nix (US 2018/0144147 A1).
Regarding Claim 6, the combined teaching of Hauge, Tomlinson, Monica and Merchan does not explicitly teach but Nix teaches wherein the random number generator is seeded to generate two cryptographic objects including a private key and a public key, and the method further comprises: sending out the public key and using the private key to perform a cryptographic operation (Nix, [0091], “a random number generator seed”, [0021], “The random number and cryptographic parameters can be subsequently input into a key generation algorithm to derive a PKI key pair comprising a private key and a public key. The private key can be recorded in protected memory accessible only to the cryptographic unit, and the public key along with an identity transmitted by the cryptographic unit through an external electrical interface of the storage unit”, [0022], “the cryptographic unit to perform digital signature operations with the private key”).
Hauge, Tomlinson, Monica, Merchan and Nix are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Nix with the combined teaching of Hauge, Tomlinson, Monica and Merchan. The motivation/suggestion would have been to securely derive and record private keys and perform public key infrastructure (PKI) operations (Nix, [0002]).

Regarding Claim 7, the combined teaching of Hauge, Tomlinson, Monica, Merchan and Nix teaches wherein sending out the public key comprises sending the public key to a certificate authority for it to issue a digital certificate for said public key (Nix, [0022], “A certificate authority can subsequently receive the public key certificate for the public key”).  

Regarding Claim 8, the combined teaching of Hauge, Tomlinson, Monica, Merchan and Nix teaches wherein accessing the random number, generating the seed, and seeding the random number generator are performed by a client communicating with said HSM, whereby the public key is sent from the client to the certificate authority (Hauge, [0048], Tomlinson, [0017], Monica, [0007], Nix, [0022], “A certificate authority can subsequently receive the public key and identity”, [0052], “a client”, [0082], “an http client”, “Cryptographic unit”, [0084], “Additional remote computers with which module 101 communicates may include another module 101 or mobile device, an M2M node within a capillary network, a personal computer, other servers, a client, a router, a network PC, a peer device, a wireless network 102, or other common network node).

Regarding Claim 9, the combined teaching of Hauge, Tomlinson, Monica, Merchan and Nix teaches at the client, instructing to store the public key on an external storage system that is distinct from the client (Nix, [0021], “The random number and cryptographic parameters can be subsequently input into a key generation algorithm to derive a PKI key pair comprising a private key and a public key”, “the public key along with an identity transmitted by the cryptographic unit through an external electrical interface of the storage unit”).

Claims 12-13 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Hauge et al. (US 2006/0269063 A1) in view of Martin Tomlinson (US 2018/0205536 A1) further in view of Monica et al. (US 2019/0372779 A1) and further in view of Merchan et al. (US 2019/0349208 A1) and further in view of Richard L. Brown (US 2013/0136255 A1).
Regarding Claim 12, the combined teaching of Hauge, Tomlinson, Monica and Merchan teaches
whereby the method comprises, at said each client: 
accessing the entropy-based random number; instructing to store this random number; and based on the deterministic algorithm: interacting with a HSM to generate a seed according to the random number accessed and a reference key of the HSM; and seeding a random number generator with the generated seed to generate the one or more cryptographic objects (Hauge, [0048], Tomlinson, [0017], Monica, [0007]).  
The combined teaching of Hauge, Tomlinson, Monica and Merchan does not explicitly teach but Brown teaches wherein the steps of the method are concurrently performed at each client of a set of clients, each communicating with a SM ([0036], “an organization may provide its members secret keys for encryption purposes, but retain a backup copy of the secret keys. The organization may use a deterministic pseudorandom number generator to generate secret keys for members”, i.e. each client of a set of clients),
Hauge, Tomlinson, Monica, Merchan and Brown are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of 

Regarding Claim 13, the combined teaching of Hauge, Tomlinson, Monica, Merchan and Brown teaches wherein the deterministic algorithm and the random number accessed are the same for each of the clients of the set, whereby the same one or more cryptographic objects are generated at each of the clients of the set (Brown, [0036], “an organization may provide its members secret keys for encryption purposes, but retain a backup copy of the secret keys. The organization may use a deterministic pseudorandom number generator to generate secret keys for members”, i.e. each client of a set of clients).  

Regarding Claim 15, the combined teaching of Hauge, Tomlinson, Monica, Merchan and Brown teaches at each of the clients of the set (Brown, [0036]), using one or each of the one or more cryptographic objects generated to perform a cryptographic operation (Tomlinson, [0017]).

Claim 22 is rejected under 35 U.S.C. 103 as being unpatentable over Hauge et al. (US 2006/0269063 A1) in view of Martin Tomlinson (US 2018/0205536 A1) further in view of Monica et al. (US 2019/0372779 A1) and further in view of Merchan et al. (US 2019/0349208 A1) and further in view of Cachin et al. (US 2009/0316907 A1).
Regarding Claim 22, the combined teaching of Hauge, Tomlinson, Monica and Merchan teaches 
wherein the HSM further comprises a first key pre-loaded on the HSM as a non-extractable token object (Monica, [0007]); and using the unwrapped key to generate the seed (Tomlinson, [0017]),
The combined teaching of Hauge, Tomlinson, Monica and Merchan does not explicitly teach but Cachin teaches importing a second key in a wrapped state in the SM; using the first key to unwrap the second key ([0072], “use his/her private key to unwrap the business symmetric keys”).
Hauge, Tomlinson, Monica, Merchan and Cachin are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Cachin with the combined teaching of Hauge, Tomlinson, Monica and Merchan. The motivation/suggestion would have been for automated validation and execution of cryptographic key (Cachin, Abstract).

Allowable Subject Matter
Claims 10, 14 and 16-17 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims since the prior arts taken individually or in combination fails to particular discloses, fairly suggest or render obvious the limitations of the claims.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHENG-FENG HUANG whose telephone number is (571)272-6186. The examiner can normally be reached Monday-Friday: 9 am - 5 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A Shiferaw can be reached on (571) 272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/CHENG-FENG HUANG/Primary Examiner, Art Unit 2497