DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statements (IDS) submitted on 09/29/2021, 11/23/2021, and 01/10/2022 are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Response to Amendment
This office action is in response to the amendment filed on 11/02/2021.
Claims 1-20 are pending for examination. Applicant amends claims 1, 3-10, and 12-19. The amendments have been fully considered and entered.

Response to Arguments
Applicant's arguments, see Remarks, filed 11/02/2021, with respect to claims 1-20 under 35 U.S.C. § 103 have been considered and are persuasive and have been withdrawn. 

Claim Objections
Claims 10 and 17 are objected to because of the following informalities:  
.  Appropriate correction is required.
Regarding claim 17, “fragment” in line 3 should be plural to correct grammar issues.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-15 and 17-20 are provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-13 and 15-18 of copending Application No. 16/544,615 (reference application). Although the claims at issue are not identical, they are not patentably distinct from each other because claims 1-15 and 17-20 of the instant application are anticipated by claims 1-13 and 15-18 of the reference application. See table below.
Instant application 16/544,626
Reference application 16/544,615
1. A method comprising: 
encrypting a first cryptographic key to produce a wrapped key, wherein the first cryptographic key enables a computing device to access content; 

determining, by a processing device, a set of key fragments of a second cryptographic key, wherein the second cryptographic key is for 

selecting, by the processing device, cryptographic attributes to enable the computing device to generate candidate key fragments, wherein the cryptographic attributes are selected in view of a characteristic of the computing device and reduce computing resources consumed by the computing device to derive the set of key fragments; 

generating, by the processing device, verification data that indicates whether a generated candidate key fragment is in the set of key fragments of the second cryptographic key; and

providing the wrapped key, the cryptographic attributes, and the verification data to the computing device to control access to the content.  

encrypting a first cryptographic key to produce a wrapped key, wherein the first cryptographic key enables a computing device to access content; 

splitting, by a processing device, a second cryptographic key into a set of key fragments, 



selecting, by the processing device, cryptographic attributes to enable the computing device to generate candidate key fragments, wherein the cryptographic attributes are selected in view of a characteristic of the computing device and reduce computing resources consumed by the computing device to derive the set of key fragments; 

generating, by the processing device, verification data that indicates whether a generated candidate key fragment is in the set of key fragments of the second cryptographic key; and

providing the wrapped key, the cryptographic attributes, and the verification data to the computing device to control access to the content.  

2. The method of claim 1, wherein the first cryptographic key is a symmetric key to encrypt and decrypt the content, and wherein the second cryptographic key is a symmetric key for wrapping and unwrapping the first cryptographic key.  
3. The method of claim 1, wherein determining the set of key fragments comprises: generating, by the processing device, the second cryptographic key for unwrapping the wrapped key; and splitting, by the processing device, the second cryptographic key into the set of key fragments.  
See claims 1 and 2 above.
4. The method of claim 1, wherein the characteristic of the computing device comprises data describing computing resources of the computing device and wherein the determining of the set of key fragments is in view of the computing resources of the computing device.  
3. The method of claim 1, wherein the characteristic of the computing device comprises data describing computing resources of the computing device and wherein the encrypting and the splitting are in view of the computing resources of the computing device.  
5. The method of claim 1, wherein the selecting the cryptographic attributes comprises: Page 81 of 86predicting the characteristic of one or more computing resources of the 


5. The method of claim 1, wherein providing the cryptographic attributes comprises providing an indication of a key length, a key derivation function, or a salt value for the at least one key fragment of the set.  
7. The method of claim 1, wherein providing the cryptographic attributes reduces the computing resources consumed by a brute force determination of the at least one key fragment.  
6. The method of claim 1, wherein providing the cryptographic attributes reduce the computing resources consumed by a brute force determination of at least one key fragment of the set.  
8. The method of claim 1, wherein selecting the cryptographic attributes comprises determining cryptographic attributes that enable the computing device to determine the set of key fragments using a predetermined average quantity of computing resources.  
7. The method of claim 1, wherein selecting the cryptographic attributes comprises determining cryptographic attributes that enable the computing device to determine the at least one key fragment using a predetermined quantity of computing resources.  
9. The method of claim 1, wherein selecting the cryptographic attributes comprises determining cryptographic attributes that enable the computing device to determine the set of key fragments in a predetermined average quantity of time.  
8. The method of claim 1, wherein selecting the cryptographic attributes comprises determining cryptographic attributes that enable the computing device to determine the at least one key fragment in a predetermined quantity of time.  
10. A system comprising: a memory; and a processing device communicably coupled to the memory, the processing device to: encrypt a first cryptographic key to produce a wrapped key, wherein the first cryptographic key enables a computing device to access content; Page 82 of 86determine a plurality of key fragments of a second cryptographic key, wherein the second cryptographic key is for decrypting the wrapped key and at least one of the plurality of key fragments is derived using one of the key fragments as input; select cryptographic attributes to enable the computing device to generate candidate key fragments, wherein the cryptographic attributes are selected in view of a characteristic of the computing device and reduce computing resources consumed by the computing device to derive the set of key 


10. The system of claim 9, wherein the first cryptographic key is a symmetric key to encrypt and decrypt the content, and wherein the second cryptographic key is a symmetric key for wrapping and unwrapping the first cryptographic key.  
12. The system of claim 10, wherein to determine the set of key fragments the processing device is to: generate the second cryptographic key for unwrapping the wrapped key; and split the second cryptographic key into the set of key fragments.  
See claims 9 and 10 above.
13. The system of claim 10, wherein the characteristic of the computing device comprises data describing computing resources of the computing device and wherein the determining of the set of key fragments is in view of the computing resources of the computing device.  
11. The system of claim 9, wherein the characteristic of the computing device comprises data describing computing resources of the computing device and wherein the encrypting and the splitting are in view of the computing resources of the computing device.  
14. The system of claim 10, wherein to select the cryptographic attributes the processing device is to: predict the characteristic of one or more computing resources of the computing device; estimate a quantity of the one or more computing resources consumed to derive the at least one key fragment in view of a set of candidate cryptographic attributes; and select the candidate cryptographic attributes in response to the estimated quantity exceeding a minimum threshold value.  
12. The system of claim 9, wherein to select the cryptographic attributes, the processing device is to: predict the characteristic of one or more computing resources of the computing device; estimate a quantity of the one or more computing resources consumed to derive the at least one key fragment in view of a set of candidate cryptographic attributes; and select the candidate cryptographic attributes in response to the estimated quantity exceeding a minimum threshold value.  
15. The system of claim 10, wherein to provide the cryptographic attributes the processing device is to provide an indication of a key length, a key derivation function, or a salt value for the at least one key fragment.  
13. The system of claim 9, wherein to provide the cryptographic attributes, the processing device is to provide an indication of a key length, a key derivation function, or a salt value for the at least one key fragment of the set.
17. The system of claim 10, wherein to select the cryptographic attributes the processing device is to determine cryptographic attributes that enable the computing device to 


16. The system of claim 9, wherein to select the cryptographic attributes, the processing device is to determine cryptographic attributes that enable the computing device to determine the at least one key fragment in a predetermined quantity of time.  
19. A non-transitory machine-readable storage medium storing instructions which, when executed, cause a processing device to perform operations comprising: encrypting an access key to produce a wrapped key, wherein the access key enables a computing device to access content; determining a set of key fragments of an unwrap key, wherein the unwrap key is for decrypting the wrapped key and at least one of the key fragments is identified using one of the key fragments as input; selecting a set of cryptographic attributes to enable the computing device to generate candidate key fragments, wherein the cryptographic attributes are selected in view of a characteristic of the computing device and reduce computing resources consumed by the computing device to derive the set of key fragments; generating verification data that indicates whether a generated candidate key fragment is in the set of key fragments of the unwrap key; and providing the wrapped key, the set of cryptographic attributes, and the verification data to the computing device to control the access to the content.  
17. A non-transitory machine-readable storage medium storing instructions which, when executed, cause a processing device to perform operations comprising: encrypting an access key to produce a wrapped key, wherein the access key enables a computing device to access content; splitting an unwrap key into a set of key fragments, wherein the unwrap key is for decrypting the wrapped key; selecting cryptographic attributes to enable the computing device to generate candidate key fragments, wherein the cryptographic attributes are selected in view of a characteristic of the computing device and reduce computing resources consumed by the computing device to derive the set of key fragments; generating verification data that indicates whether a generated candidate key fragment is in the set of key fragments of the second cryptographic key; and providing the wrapped key, the set of cryptographic attributes, and the verification data to the computing device to control access to the content.  


20. The non-transitory machine-readable storage medium of claim 19, wherein the access key is a symmetric key to encrypt and decrypt the content, and wherein the unwrap key is a symmetric key for wrapping and unwrapping the access.
18. The non-transitory machine-readable storage medium of claim 17, wherein the access key is a symmetric key to encrypt and decrypt the content, and wherein the unwrap key is a symmetric key for wrapping and unwrapping the access key.  


This is a provisional nonstatutory double patenting rejection.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):



The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1, 5-7, 10, and 12-19 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 1 recites the limitation "at least one of the key fragments is derived using one of the key fragments as input" in lines 6-7. Firstly, there is insufficient antecedent basis for “at least one of the key fragments” and “one of the key fragments” in the limitation. Secondly, the limitation appears to suggest the possibility that one key fragment is derived by using the same key fragment. Examiner suggests amending the limitations to “at least one key fragment of the set of key fragments is derived using a different key fragment of the set of key fragments” to clarify that the key fragments are from the set of key fragments established earlier in claim 1 and to distinguish the at least one key fragment from another key fragment used to derive the at least one key fragment.
Claim 5 recites the limitation “the at least one key fragment” in line 6. There is insufficient antecedent basis for this limitation in the claim. Examiner suggests to similarly amend the limitation to “the at least one key fragment of the set of key 
Claim 6 recites the limitation “the at least one key fragment” in line 3. Examiner suggests to similarly amend the limitation to “the at least one key fragment of the set of key fragments” as seen in the suggestion for claim 1 to clarify that the at least one key fragment is from the set of key fragments established in claim 1.
Claim 7 recites the limitation “the at least one key fragment” in line 3. Examiner suggests to similarly amend the limitation to “the at least one key fragment of the set of key fragments” as seen in the suggestion for claim 1 to clarify that the at least one key fragment is from the set of key fragments established in claim 1.
Claim 10 recites the limitation "at least one of the key fragments is derived using one of the key fragments as input" in lines 6-7. Firstly, there is insufficient antecedent basis for “at least one of the key fragments” and “one of the key fragments” in the limitation. Secondly, the limitation appears to suggest the possibility that one key fragment is derived by using the same key fragment. Examiner suggests amending the limitations to “at least one key fragment of the set of key fragments is derived using a different key fragment of the set of key fragments” to clarify that the key fragments are from the set of key fragments established earlier in claim 10 and to distinguish the at least one key fragment from another key fragment used to derive the at least one key fragment. Additionally, claim 10 includes the limitation “the set of key fragments” in lines 15 and 17. There is insufficient antecedent basis for this limitation, however, would be obviated if the claim 10 objection is corrected above.

Claim 13 recites the limitation “the set of key fragments” in line 3. There is insufficient antecedent basis for this limitation, however, would be obviated if the claim 10 objection is corrected above.
Claim 14 recites the limitations “the at least one key fragment” in line 6 and “the candidate cryptographic attributes” in line 7. There is insufficient antecedent basis for these limitation. 
Claim 15 recites the limitation “the at least one key fragment” in line 3. There is insufficient antecedent basis for this limitation.
Claim 16 recites the limitation “the at least one key fragment” in line 3. There is insufficient antecedent basis for this limitation.
Claim 17 recites the limitation “the set of key fragment” in line 3. There is insufficient antecedent basis for this limitation.
Claim 18 recites the limitation “the set of key fragments” in line 3. There is insufficient antecedent basis for this limitation.
Claim 19 recites the limitation "at least one of the key fragments is identified using one of the key fragments as input" in lines 7-8. Firstly, there is insufficient antecedent basis for “at least one of the key fragments” and “one of the key fragments” in the limitation. Secondly, the limitation appears to suggest the possibility that one key fragment is derived by using the same key fragment. Examiner suggests amending the limitations to “at least one key fragment of the set of key fragments is derived using a   
Claims 2-4 and 8-9 depend on claim 1, claim 11 depends on claim 10, and claim 20 depends on claim 19. These dependent claims do not resolve the deficiencies of their parent claim and have inherited their deficiencies. Therefore, said dependent claims are rejected based on the same rationale as applied to their parent claims above.
 
Allowable Subject Matter
Claims 1-20 would be in condition for allowance if the double patenting and 35 U.S.C. 112(b) rejections are resolved.
The following is a statement of reasons for the indication of allowable subject matter:  
The closest art of record Csinger et al. (US 20180004930 A1) teaches dividing a symmetric encryption key into shares ([0257]-[0258]), selecting a type of legacy credential which leads to deriving the key share ([0256]-[0257]), encrypting a key share and transmitting the key share along with cryptographic attributes to a receiving device where user policies that hold the cryptographic attributes such as passwords and tokens facilitate determining of the symmetric encryption key ([0254], [0261], and [0264]).
Another art of record, Philpott et al. (US 9454648 B1) teaches encrypting a symmetric key by a second symmetric key to produce a wrapped key. Furthermore, the 
Another art of record, Versteeg et al. (US 20190296907 A1) teaches deriving a secret key by using a subset or all the key pieces inputted in a key derivation function ([0021] and [0028]).
The prior arts mentioned above taken alone or in combination fails to reasonably teach or suggest the combination set forth in independent claim 1 and specifically do not show “selecting, by the processing device, cryptographic attributes to enable the computing device to generate candidate key fragments, wherein the cryptographic attributes are selected in view of a characteristic of the computing device and reduce computing resources consumed by the computing device to derive the set of key fragments; generating, by the processing device, verification data that indicates whether a generated candidate key fragment is in the set of key fragments of the second cryptographic key; and providing the wrapped key, the cryptographic attributes, and the verification data to the computing device to control the access to the content” in conjunction with all the other claim limitations not specifically recited in the quotes. Thus, for at least the foregoing reason, the prior art of record neither anticipates nor render obvious the present invention as set forth in independent claim 1. 
Similar reasoning is applied to independent claims 10 and 19. Claims 1-9 depend from claim 1 and are allowable by virtue of their dependencies. Claims 11-18 depend from claim 10 and are allowable by virtue of their dependencies. Claim 20 depends from claim 19 and is allowable by virtue of its dependency.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Refer to PTO-892, Notice of References Cited for a listing of analogous art.
Asano (US 20060059179 A1) teaches an information distribution scheme based on hierarchical tree structures in which node associated values are defined for the respective nodes of the hierarchical tree which results in a reduced amount of computation deriving a subset key ([0086]).
Yassa teaches content encrypted using a derived encryption/content key, wherein the derived encryption/content key is encrypted (i.e., wrapped key) and the server transmits the encrypted derived encryption/content key to the destination device, wherein the destination device generates the key that will be used to decrypt the derived encryption/content key, decrypts the content key, and decrypts the content using the content key ([0029]-[0030] and Fig. 4).	

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ALEXANDER R LAPIAN whose telephone number is (571)272-7552. The examiner can normally be reached M-F 9:30-6:00 PM.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on 571-272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

ALEXANDER R. LAPIAN
Examiner
Art Unit 2437



/ALEXANDER R LAPIAN/Examiner, Art Unit 2437                                                                                                                                                                                                        
/KRISTINE L KINCAID/Supervisory Patent Examiner, Art Unit 2437