DETAILED ACTION

This non-final office action is in response to claims 1-20 filed February 19, 2020 for examination. Claims 1-20 are being examined and are pending. 
Notice of Pre-AIA  or AIA  Status

The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
Information Disclosure Statement

The information disclosure statement filed 02/08/2021, 07/11/2021, and 08/24/2021 has been placed in the application file and the information referred to therein has been considered as to the merits. 
Drawings

The drawings filed on 02/19/2020 have been accepted.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claims 7-11 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
7 recites the limitation "said master key" in last limitation.  There is insufficient antecedent basis for this limitation in the claim.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or non-obviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates 
Claims 7-9 and 11 are rejected under 35 U.S.C. 103 as being unpatentable over US 2016/0142205 A1 to Mohan et al. hereinafter “Mohan” in view of US 2018/0159843 A1 to Sajja et al. hereinafter “Sajja”.
Regarding claim 7, Mohan disclosed a method of secure re-pairing between a master and a device in a wireless communications network, the method comprising: generating a salt on said master (Para. 0029. “The salt and environmental variable may be generated by the server.” Para. 0029.) and transmitting said salt to said device (Para. 0018. “The salt and environmental variable may be provided via the server and used by the device.” Para. 0029); generating a shared session key on both said master and said device utilizing said salt and a device key previously known to both said master and said device (Para. 0017. “Secret keys 230 are used with a salt and environmental variable which may be generated by server 200 or otherwise obtained, to generate derived keys.” Para. 0018. “The salt and environmental variable may be provided via the server and used by the device in a processor or circuitry to perform the hashing to arrive at the sane derived key as derived by the server.” Derived key is interpreted as shared session key and secret key is interpreted as device key. Para. 0029. “Method 400 may be implemented at both the server and device to generate the same derived keys. The secret kay may be installed in the device at a manufacturer or distributor in some embodiments and provided to the device, which may be either or both the server and a remote device coupled to the server.” Para. 0030. A derived key is generated using the secret key, the salt, and the environmental variable using a hash function. Both the server and remote device may generate the derived key using the same hash function.”); and retrieving and transmitting said master key to said device (Para. 0033, the server may provide the new derived keys (i.e. master key) to the device) encrypted using said shared session key.
Mohan disclosed retrieving and transmitting said master key to said device but does not teach master encrypted using said session key. However, the analogous art Sajja disclosed said master key encrypted using the shared session key (Sajja, Para. 0022. The master key can also be encrypted by the session key.
Therefore, it would have been obvious to one having ordinary skill in the art before the applicant(s) invention was filed to modify the invention of Mohan by including the idea of master key encrypted using the shared session key as taught by Sajja in order to protect the master key from unauthorized use (Sajja, Para. 0016).
Regarding claim 8, Mohan further taught the method according to claim 7, wherein said shared session key is generated using one or more iterations of a secure hash algorithm (SHA) algorithm (Fig. 1, 3, Para. 0015-0016. Generate derived key using SHA-256).
Regarding claim 9, Mohan-Sajja combination further taught the method according to claim 7, further comprising: receiving, on said device, said encrypted master key transmitted over said wireless communications link (Mohan, Para. 0033, 0037. Wifi, Cellular network communication between server and device. The server transmit derived keys to the device. Sajja, Para. 0022. Encrypted master key.); decrypting said encrypted master key utilizing said shared session key (Sajja, Para. 0022. The session key can be used to decrypt the master key); and storing said master key on said device (Sajja, Para. 0022. Master key can be stored in the memory).
Regarding claim 11, Mohan further taught the method according to claim 7, wherein said salt comprises a random number (Para. 0016. The salt may be a random number).

Allowable Subject Matter
Claims 1-6, 12-20 are allowed over prior arts.
The following is a statement of reasons for the indication of allowable subject matter:  
Claim 1 recites, “a method of secure initial pairing between a master and a device in a wireless communications network, the method comprising: utilizing a key agreement protocol on said master and said device to generate a private key and a public key on both said master and said device; said master and said device exchanging their respective public keys in plaintext over a wireless communications link; generating on both said master and said device a shared session key; generating and/or retrieving a master key and transmitting said master key to said device encrypted using said shared session key; and generating and/or retrieving a device key and transmitting said device key to said master encrypted using said shared session key.”
The prior arts of record do not teach or render obvious the limitations recited in claim 1, when taken in the context of the claims as a whole, therefore, the examiner finds the claimed invention allowable.
Claim 12 recites, a method of secure pairing between a master and a device in a wireless communications network, the method comprising: utilizing a key agreement protocol on said master and said device to generate a private key and a public key on both said master and said device; said master and said device exchanging their respective public keys in plaintext over a wireless communications link; generating a device key on both said master and said device; generating a salt on said master and transmitting said salt to said device; generating a shared 
The prior arts of record do not teach or render obvious the limitations recited in claim 12, when taken in the context of the claims as a whole, therefore, the examiner finds the claimed invention allowable.
Claim 17 recites, an apparatus for secure pairing between a master and a device in a wireless communications network, comprising: a frequency hopping radio transmitter; a frequency hopping radio receiver; a processor coupled to and operative to control said frequency hopping radio transmitter and said frequency hopping radio receiver; said processor programmed to: utilize a key agreement protocol to generate a private key and a public key; transmit said public key in plaintext to said device over a wireless communications link; generate a shared session key; generate and/or retrieve a master key and transmit said master key to said device encrypted using said shared session key; and receive and decrypt an encrypted device key received from said device utilizing said shared session key.
The prior arts of record do not teach or render obvious the limitations recited in claim 17, when taken in the context of the claims as a whole, therefore, the examiner finds the claimed invention allowable.
Claim 19 recites an apparatus for secure pairing between a device and master in a wireless communications network, comprising: a frequency hopping radio transmitter; a frequency hopping radio receiver; a processor coupled to and operative to control said frequency hopping radio transmitter and said frequency hopping radio receiver; said processor programmed to: utilize a key agreement protocol to generate a private key and a public key; transmit said public key in plaintext 
The prior arts of record do not teach or render obvious the limitations recited in claim 19, when taken in the context of the claims as a whole, therefore, the examiner finds the claimed invention allowable.
Dependent claims 2-6, 13-16, 18, and 20 would also be allowable due to the dependency on the allowable independent claims.
Claim 10 would be allowable if rewritten to overcome the rejection(s) under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), 2nd paragraph, set forth in this Office action and to include all of the limitations of the base claim and any intervening claims.
The following is a statement of reasons for the indication of allowable subject matter:
None of the prior art of record, taken by itself or in any combination, would have anticipated or made obvious “secure re-pairing is performed separately as needed between each device in said wireless communications network and said master “ in combination with other limitations recited in claim 7 of the present application before the time it was filed.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
US 5,657,390 (Elgamal et al.): The client delivers a master key to the server in a client-master-key message. The master key, for example, can be a randomly generated number. The master key is used by the client and the server to produce session keys which will be 
US 10,578,400 B2 (Zimmerman et al.): In one embodiment, the IoT service 120 transmits its session public key generated using the HSM 1630 to the IoT device 101 at 1701. The IoT device uses its HSM 1631 to generate its own session public/private key pair and, at 1702, transmits its public key of the pair to the IoT service 120. In one embodiment, the encryption engines 1660-1661 use an Elliptic curve Diffie-Hellman (ECDH) protocol, which is an anonymous key agreement that allows two parties with an elliptic curve public-private key pair, to establish a shared secret. In one embodiment, using these techniques, at 1703, the encryption engine 1660 of the IoT service 120 generates the secret using the IoT device session public key and its own session private key. Similarly, at 1704, the encryption engine 1661 of the IoT device 101 independently generates the same secret using the IoT service 120 session public key and its own session private key. More specifically, in one embodiment, the encryption engine 1660 on the IoT service 120 generates the secret according to the formula secret=IoT device session pub key*IoT service session private key, where“*” means that the IoT device session public key is point-multiplied by the IoT service session private key. The encryption engine 1661 on the IoT device 101 generates the secret according to the formula secret=IoT service session pub key*IoT device session private key, where the IoT service session public key is point multiplied by the IoT device session private key. In the end, the IoT service 120 and IoT device 101 have both generated the same secret to be used to encrypt communication.
US 10,735,467 B2 (Yang et al.): a method for controlling connection between a first device and a second device by a control device using Bluetooth LE (Low Energy) includes: obtaining, from the first device, first pairing information for establishing first connection of a first security level with the first device; obtaining, from the second device, second pairing information for establishing second connection of a second security level with the second device; generating bonding information or out of band (OOB) information for establishing third connection between the first device and the second device based on the first pairing information and the second pairing information; transmitting the bonding information or the OOB information to the first device and the second device; and transmitting, to the first device, a command indicating the first device to establish the third connection of a third security level with the second device based on the security information, wherein the third security level is the same as the first security level or the second security level.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHAWNCHOY RAHMAN whose telephone number is (571)270-7471. The examiner can normally be reached Monday - Friday 8:30A-5P ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi T Arani can be reached on 5712723787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/Shawnchoy Rahman/Primary Examiner, Art Unit 2438