Corrected Notice of Allowance

Notice of Pre-AIA  or AIA  Status
1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Election/Restrictions	
2. NO restrictions warranted at initial time of filing for patent. 

Priority
3. Applicant claims foreign priority under 35 USC 119e to European application filed on 12/19/2017. 

Information Disclosure Statement
4. The information disclosure statement (IDS) submitted on 06/16/2020, the submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. 

Oath/Declaration
5. Applicant's Oath was filed on 06/16/2020. 


Drawings
6. Applicant's drawings filed on 06/16/2020 has been inspected and is in compliance with MPEP 608.01.

Specification
7. Applicant's specification filed on 06/16/2020 has been inspected and is in compliance with MPEP 608.02.

 	Claim Objections
8. NO objections warranted at initial time of filing for patent. Remarks
9. Examiner request Applicant review relevant prior art under the conclusion of this office action.


 EXAMINER'S AMENDMENT
10. An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
11. Authorization for this examiner's amendment was given in an interview with Michael Epstein on 12/1/2021. 

The application has been amended as follows: 

a storage circuit,
wherein the storage circuit is arranged to store a first verification number,
wherein the first verification number is computed from a subset of a set of character/position data,
wherein the subset is indicated by an authentication string 
wherein the set of character/position data comprises a number for the combinations of a character from the character set and a position in the authentication string,
wherein the user has access to the authentication string,
wherein the authenticating string has multiple characters at multiple positions,
wherein the characters are selected from a character set; and
a processor circuit,
wherein the processor circuit is arranged to encrypt the set of character/position data,
wherein the set of character/position data is encrypted according to a homomorphic encryption algorithm,
wherein the processor circuit is arranged to send the encrypted set to the client device,
wherein the processor circuit is arranged to receive a second verification number from the client device,

wherein the subset is indicated by the authentication string,
wherein the processor circuit is arranged to verify the correspondence between the first verification number and the encrypted second verification number so as to authenticate the user to access a service provided by the server.

Claim 7 (Currently Amended) The server device as in claim 1, wherein at least some of the character/position data are computed as multiples of powers of a base number, 
wherein at least some of character/position data are computed as powers using exponents, 
wherein the exponents are of powers of a base number .    

Claim 11. (Currently Amended) A client device for authenticating a user to a server device comprising:
a processor circuit,
wherein the processor circuit is arranged to receive a set of character/position data,
wherein the set of character/position data is encrypted 

wherein the processor circuit is arranged to homomorphically compute an encrypted second verification number from a subset of the encrypted set of character/position data,
wherein the subset is indicated by the authentication string,
wherein the user has access to the authentication string,
wherein the authenticating string has multiple characters at multiple positions,
wherein the characters are selected from a character set,
wherein the processor circuit is arranged to send the encrypted second verification number to the server device and the user is authorized to access a service via the client device provided by the server device when the second verification number corresponds to a first verification number stored at the server device.

Claim 14. (Currently Amended) A method for authenticating a user from a client device comprising:
storing a first verification number,
wherein the first verification number is computed from a subset of a set of character/position data,
wherein the subset is indicated by the authentication string,

wherein the user has access to the authentication string,
wherein the authenticating string has multiple characters at multiple positions,
wherein the characters are selected from a character set;
encrypting the set of character/position data,
wherein the set of character/position data is encrypted according to a homomorphic encryption algorithm;
sending the encrypted set to the client device;
receiving a second verification number from the client device,
wherein the second verification number is computed by homomorphically computing an encrypted second verification number from a subset of the encrypted set,
wherein the said is indicated by the authentication string; and
verifying the correspondence between the first verification number and the encrypted second verification number so as to authenticate the user to access a service provided by the server.

Claim 15. (Currently Amended) A method for authenticating a user to a server device comprising:
receiving a set of character/position data,

wherein the encrypted set of character/position data comprises a number for the combinations of a character from the character set and a position in an authentication string,
wherein the user has access to the authentication string,
wherein the authenticating string has multiple characters at multiple positions,
wherein the characters are selected from a character set;
homomorphically computing an encrypted second verification number 
wherein the subset is indicated by the authentication string 
sending the encrypted second verification number to the server device and the user is authorized to access a service via the client device provided by the server device when the second verification number corresponds to a first verification number stored at the server device.

Claim 21. (New) The server device as in claim 1, wherein the correspondence comprises equality.

Claim 22. (New) The server device as in claim 1, wherein the correspondence comprises satisfying at least one linear expression.



Claim 24. (New) The client device as in Claim 11, wherein the correspondence between the second verification number and the first verification number comprises satisfying at least one linear expression.

Claim 25. (New) The method as in Claim 14, wherein the correspondence comprises equality.

Claim 26 (New) The method as in Claim 14, wherein the correspondence comprises satisfying at least one linear expression.

Claim 27 (New) The method as in Claim 15, wherein the correspondence between the second verification number and the first verification number comprises equality.

Claim 28 (New) The method as in Claim 15, wherein the correspondence between the second verification number and the first verification number comprises satisfying at least one linear expression.


Reasons for Allowance
s 1-28 including all of the limitations of the base claim and any intervening claims are allowed. 

Closest Prior Art: 
U.S. Publication No. 20170237725 discloses on paragraph 0004 “According to at least one embodiment of the present invention there is provided a system having servers comprising an access control server and a set of authentication servers for communication with the access control server via a network. The access control server is operable for communication with user computers via the network and for controlling access by the user computers to a resource in dependence
on authentication of user passwords associated with respective user IDs. At least each authentication server stores a respective key-share sk.sub.i of a secret key sk, shared between a plurality g of the A servers, of a cryptographic key-pair (pk, sk) where pk is a public key of the key-pair. The access control server stores, for each user ID, a first ciphertext produced by encrypting the user password associated with that user ID under the public key pk using a homomorphic encryption algorithm. In response to receipt from a user computer of a user ID and an authentication value, the access control server is adapted to send the authentication value to at least a subset of the authentication servers. The authentication value comprises a predetermined function of the first ciphertext for that user ID and a second ciphertext produced by encrypting a password attempt under the public key pk using the homomorphic encryption algorithm such that the authentication value decrypts to a predetermined value if the password attempt equals the user password for that user ID. At least each authentication server is adapted, in response to receipt of the authentication value, to 

U.S. Publication No. 20120185934 discloses on paragraph 0046 “ At this point, the user inputs various numbers and characters besides an authentication number memorized by the user. That is, the user inputs a relevant authentication number to only a position corresponding to a relevant unique authentication query number, and inputs any number or character to the rest of portions at random. That is, as illustrated in FIG. 5A, 5 is input to an authentication number input blank corresponding to a unique authentication query number corresponding to 1 among a displayed authentication query number, 6 is input to an authentication number input blank corresponding to a unique authentication query number corresponding to 2 among the displayed authentication query number, 7 is input to an authentication number input blank corresponding to a unique authentication query number corresponding to 3 among the displayed authentication query number, and 8 is input to an authentication number input blank corresponding to a unique authentication query number corresponding to 4 among the displayed authentication query number, so that the authentication may be completed. Therefore, even when the user inputs an authentication number publicly, since the authentication number changes every time whenever the user inputs the 
U.S. Publication No. 20160292413 discloses on paragraph 0036 “In the illustrated example of FIG. 2, the base password specifier 205 stores an obtained base password in an example base password storage 215. The example base password
storage 215 may be implemented by any number, type(s) and/or combination of data storage elements, memories, etc., such as the example memory 914 and/or the example storage device(s) 928 of the example processing system 900 of FIG. 9, which is described in further detail below. In some examples, the base password
specifier 205 hashes (or otherwise encrypts) the base password by performing any one or more hashing operation(s) (or other encryption operation(s)) on
the sequence of characters forming the base password prior to storing the base password in the example base password storage 215.”

U.S. Publication No. 20150254453 discloses on paragraph 0073 “First, for example, a case is explained in which the first rule R1 is to extract a part (6 digits, for example) of the above described encrypted character string at a predetermined position (the end, for example) to obtain the converted password character string. In this case, the total of obtained converted password character strings becomes about 1.68.times.10.sup.7.”
U.S. Publication No. 20150169855 discloses on paragraph 0055 “According to the first embodiment, the pre-assigned password associated with the user includes a plurality of characters in a non-defined sequence, wherein the encryption module is configured to 

The following is an Examiner’s Statement of Reasons for Allowance:
Claims 1-28 are allowable over prior art references taken individually or in combination fails to particularly disclose, fairly suggests or render obvious are argued by the applicant which examiner considers persuasive as set forth above.
Although the prior art discloses a verification numbers, authentication string, producing a password and authenticating a user to a service, no one or two references anticipates or obviously suggest wherein a first verification number is computed from a subset of a set of character/position data and a set of character/position data comprises a number for the combinations of a character from the character set and a position in the authentication string.
A processor circuit is arranged to encrypt the set of character/position data, wherein the set of character/position data is encrypted according to a homomorphic encryption algorithm. Sending the encrypted set to the client device, wherein the processor circuit is arranged to receive a second verification number from the client device and the second verification number is computed by homomorphically computing an encrypted second verification number from a subset of the encrypted set. 
Thereforeafter, the processor circuit is arranged to verify the correspondence between the first verification number and the encrypted second verification number so as to authenticate the user to access a service provided by the server.


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GARY S GRACIA whose telephone number is (571)270-5192. The examiner can normally be reached Monday-Friday 9am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 5712723972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/GARY S GRACIA/Primary Examiner, Art Unit 2491