Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

	This action is in response to the amendment filed 7/09/2021.  Claims 1, 3-11, and 13-16 are pending.  Claims 1 (a method), 10 (a non-transitory CRM), 11 (a machine), and 16 (a motor vehicle) are independent and have been amended.

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 9/07/2021 has been entered.



Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 1, 3-6, 8-11, 13, and 14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Nix, US 2015/0095648 (filed 2013-09), in view of McLaughlin et al., US 2015/0222517 (filed 2015-02), and Bernstein “ChaCha, a variant of Salsa20” (published 2008 and submitted in IDS filed 06/07/2019).
	As to claims 1, 10, and 11, Nix discloses a method/CRM/machine comprising:
measured values from a sensor (“The sensor data sent from the wireless module to the server” Nix ¶ 18. Module 101 may be a computing device that includes computer components for the purposes of collecting data from a sensor 101 f” Nix ¶ 69), having the steps: 
detecting a measured value by the sensor (“A sensor measurement, as described below including element 305 of FIG. 3, can comprise a string containing data regarding a parameter of a monitored unit 119 and collected by a sensor 101 f.” Nix ¶ 154. Aslo Nix ¶ 178)
cryptographically signing the detected measured value with a message authentication (MAC) (“the module can utilize cryptographic algorithms 141 to (i) encrypt the data from sensor 101 … (ii) sign the encrypted data using the module private key 112.” Nix ¶ 178. “module 101 can generate a module digital signature 405 using as input (i) the module private key 112 and (ii) module encrypted data 403” Nix ¶ 198) … using a certificate assigned to the sensor Nix figure 8, certificate generated and sent to module in steps 805-807) that is saved in a memory of the sensor; (see Nix Figure 1d cert 122. “The module digital signature 405 can be verified according to public key infrastructure (PKI) standards… Server 105 could receive certificate 122 before module 101 sends message 208, or server 105 could query module 101 for certificate 122 after receiving message 208.” Nix ¶ 209. Server receives certificate from module, therefore module stores the certificate.)
(Examiner’s note/interpretation: By convention certificates comprise a public key and certify that the certificate bearer has a correlated private key: see Nix ¶¶ 284, 290 and figure 8 describing certificate generation. Further, private keys are used to sign messages, Nix ¶ 178, but are kept private and not in a certificate which is shared with parties to certify the holder of the certificate; by decrypting data using the public key in the certificate that was encrypted by the private key kept secret.  Thus, a certificate is used to “sign” a message by providing a key to verify said signed message, see Applicant’s claim 6.  However, if Applicant intends that the certificate comprises a private key which is used to sign the message, then the claimed “certificate” is not a certificate as the term is used in the art.  In such an interpretation, Nix’s “private key” would be the certificate.)
forwarding the signed measured value from the sensor to a network. (“After encrypting and signing sensor data, the module can send the data to the server 105 in message 208” Nix ¶ 179)
…

Nix does not disclose:
based on ChaCha20/12
wherein the memory is a tamper-proof memory.

McLaughlin discloses:
based on ChaCha20 (“At block 1550, accessory 1504 can build a data structure that includes the signed challenge and the accessory certificate, which can be retrieved from the authentication chip. At block 1552, accessory 1504 can encrypt the data structure built at block 1550, using the encryption key (eKey) generated at block 1544. Any symmetric encryption algorithm can be used, such as the ChaCha20-Poly1305 AEAD algorithm. The encryption algorithm can generate an encrypted data structure and a tag (authTagA).” McLaughlin ¶ 299)
 wherein the memory is a tamper-proof memory.
 (the secure element being the tamper proof memory: “The authentication chip can securely store encryption keys for a device, a security certificate for the device, and information about valid or invalid security certificates that may be presented by other devices. In some embodiments, the authentication chip can implement the secure element” McLaughlin ¶ 264. “the certificate can be incorporated into an authentication chip as described above with reference to FIGS. 14A-14C.” McLaughlin ¶ 297. See also McLaughlin ¶ 230).

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Nix with McLaughlin by performing the signature of Nix using ChaCha and a certificate stored in a secure element, as done in McLaughlin.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Nix with McLaughlin in order to prevent attackers from altering or obtaining data from the secure element and to provide an 

Nix in view of McLaughlin does not disclose:
ChaCha20/12
Specifically, the variant of ChaCha with 12 iterations.

Bernstein discloses:
ChaCha12
(“ChaCha8 is a 256-bit stream cipher based on the 8-round cipher Salsa20/8. The changes from Salsa20/8 to ChaCha8 are designed to improve diffusion per round, conjecturally increasing resistance to cryptanalysis, while preserving—and often improving—time per round. ChaCha12 and ChaCha20 are analogous modifications of the 12-round and 20-round ciphers Salsa20/12 and Salsa20/20. This paper presents the ChaCha family” Bernstein abstract)

A person of ordinary skill in the art before the effective filing date of the claimed invention would have performed a simple substitution of McLaughlin’s ChaCha20 with ChaCha12.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to perform the simple substitution as both methods were simultaneously proposed in the Bernstein reference and the selection of any of the variants would be an obvious modification to a person of ordinary skill in the art.

Nix in view of McLaughlin discloses the claimed system except for the 12 round variant of ChaCha.
The 12 round variant of ChaCha was known in the art to those who knew of the 20 round variant of ChaCha.
The variants perform the same function and a person of ordinary skill in the art could have performed the substitution.


As to claim 3, Nix in view of McLaughlin and Bernstein discloses the method of claim 1 and further discloses:
Wherein the certificate is an individual certificate. (“at step 412 server 105 can verify that module public key 111 is associated with module identity 110 using a module certificate 122” Nix ¶ 209.  A certificate with a module identity is individual to that module.)

As to claim 4, Nix in view of McLaughlin and Bernstein discloses the method of claim 1 and further discloses:
Wherein the certificate is a certificate selected from a group of certificates assigned to the sensor. (“The module identity 110 could alternatively be included in other fields within a certificate 122, such as the “Organizational Unit” (OU) field, such that if multiple certificates 122 may be associated with module 101, and in this case the module public key identity 111 a in a certificate 122 may be used in the CN field.” Nix ¶ 

As to claim 5, Nix in view of McLaughlin and Bernstein discloses the method of claim 1 and further discloses:
Wherein the selected certificate is retained for the runtime of the sensor. (“a time-to-live value for the public key, such as the illustrated “time to live” value of 1 year shown in FIG. 11. The time value for the validity of new module public key 111 b could alternatively be specified in a set expiration date.” Nix ¶ 323. “the certificate may have an expiration date” Nix ¶ 16. As no amount of time is given for the “runtime” it is reasonably interpreted as less than the certificate expiration/time to live.  Note Applicant’s specification p. 11, ¶ 2 where a runtime is described as being less than a second.)

As to claim 6, Nix in view of McLaughlin and Bernstein discloses the method of claim 1 and further discloses:
Transmitting the signed measured value to a recipient; and (“After encrypting and signing sensor data, the module can send the data to the server 105 in message 208” Nix ¶ 179)
Checking the authenticity of the measured value by the recipient using the certificate.  (“The server can receive the message and (i) verify the digital signature of the module by utilizing the module public key and module identity” Nix ¶ 18. “server 105 

As to claim 8, Nix in view of McLaughlin and Bernstein discloses the method of claim 1 and further discloses:
Wherein the certificate assigned to the sensor may be exchanged. (“module 101 can send a certificate 122 to server 105, where certificate 122 would normally include module public key 111.” Nix ¶ 179)

As to claim 9, Nix in view of McLaughlin and Bernstein discloses the method of claim 1 and further discloses:
Wherein the forwarding of the signed measured value from the sensor to a network is carried out via a bus system.
(“A wired module 101 can connect to the Internet 107 via a wired connection such as an Ethernet, a fiber optic, or a Universal Serial Bus (USB) connection (not shown).” Nix ¶ 52)

As to claim 13, Nix in view of McLaughlin and Bernstein discloses the method of claim 11 and further discloses:
Wherein the sensor additionally has a communication unit (“Module 101 and wireless network 102 can utilize a variety of wireless technologies to communicate, including WiFi, WiMax, a 2nd generation wireless wide area network (WAN) technology such as General Packet Radio Services (GPRS) or Enhanced Data rates for GSM Evolution 
 for forwarding the signed measured value from the sensor to a network. (“After encrypting and signing sensor data, the module can send the data to the server 105 in message 208” Nix ¶ 179)

As to claim 14, Nix in view of McLaughlin and Bernstein discloses the method of claim 13 and further discloses:
Wherein the communication unit for forwarding the signed measured value from the sensor to the network is compatible with a bus system that connects the sensor to the network. (“A wired module 101 can connect to the Internet 107 via a wired connection such as an Ethernet, a fiber optic, or a Universal Serial Bus (USB) connection (not shown).” Nix ¶ 52)


Claims 7 and 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Nix, US 2015/0095648 (filed 2013-09), in view of McLaughlin et al., US 2015/0222517 (filed 2015-02), Bernstein “ChaCha, a variant of Salso20” (published 2008 and submitted in IDS filed 06/07/2019), and Looney et al., US 2018/0007063 (filed 2016-06).
As to claim 7, Nix in view of McLaughlin and Bernstein discloses the method of claim 6 but does not further disclose:


In a related field of signature creation and validation, Looney discloses:
Wherein the signed measured value is checked in an intermediate station before being transmitted to the recipient and signed with a certificate assigned to the intermediate station. (“node group 2 may validate each signature associated with the route update message (e.g., the first signature). Assume that node group 2 determines that the first signature is valid. As further shown, based on determining that the first signature is valid, node group 2 may sign the route update message.” Looney ¶ 22, see also ¶¶ 23 and 32).

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Nix with Looney by verifying and adding certificate validated signatures at each intermediary processing element, as done in Looney.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Nix with Looney in order to certify the processing performed at the intermediary node, thereby certifying the processing of the data in the same manner as the certification of the data itself.

As to claim 19, Nix in view of McLaughlin and Bernstein discloses the method of claim 1 and further discloses:

Checking the authenticity of the measured value using the certificate.  (“The server can receive the message and (i) verify the digital signature of the module by utilizing the module public key and module identity” Nix ¶ 18. “server 105 can utilize the module public key 111 recorded in memory 105 e to securely validate the module digital signature 405 receive in a message 208.” Nix ¶ 208)

Nix in view of McLaughlin and Bernstein does not disclose:
If the measured value is authentic, signing the masured value with a certificate assigned to the intermediate station.

In a related field of signature creation and validation, Looney discloses:
If the measured value is authentic, signing the masured value with a certificate assigned to the intermediate station.
 (“node group 2 may validate each signature associated with the route update message (e.g., the first signature). Assume that node group 2 determines that the first signature is valid. As further shown, based on determining that the first signature is valid, node group 2 may sign the route update message.” Looney ¶ 22, see also ¶¶ 23 and 32).

.


Claim 15 and 16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Nix, US 2015/0095648 (filed 2013-09), in view of McLaughlin et al., US 2015/0222517 (filed 2015-02), Bernstein “ChaCha, a variant of Salso20” (published 2008 and submitted in IDS filed 06/07/2019), and Fish et al., US 6,490,513 (filed 2001-08).
As to claims 15, Nix in view of McLaughlin and Bernstein discloses the machine of claim 11 and but does not further disclose:
A motor vehicle comprising a sensor according to claim 11.

Fish discloses:
A motor vehicle comprising a sensor according to claim 11.
(“The term “vehicle” is defined as referring to any vehicle utilized for transporting an individual or object. The term “sensory device” is defined as referring to any 

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Nix in view of McLaughlin and Bernstein with Fish by utilizing the sensor functionality described in Nix as the sensor of Fish.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Nix in view of McLaughlin and Bernstein with Fish in order to provide a system that can securely and reliably record and authenticate the sensor data from a motor vehicle for the purposes of collision investigation, Fish col. 1 ll. 20-33.

As to claims 16, Nix in view of McLaughlin and Bernstein discloses the machine of claim 16 (see claim 1 for mapping) but does not disclose:
A motor vehicle. 

Fish discloses:
A motor vehicle, configured to execute a method according to claim 1 for processing measured values from a sensor. 
 (“The term “vehicle” is defined as referring to any vehicle utilized for transporting an individual or object. The term “sensory device” is defined as referring to any transducer or data acquisition tool utilized for capturing a signal in relation to a 

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Nix in view of McLaughlin and Bernstein with Fish by utilizing the sensor functionality described in Nix in view of McLaughlin and Bernstein as the sensor of Fish.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Nix with Fish in order to provide a system that can securely and reliably record and authenticate the sensor data from a motor vehicle for the purposes of collision investigation, Fish col. 1 ll. 20-33.

Claim 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Nix, US 2015/0095648 (filed 2013-09), in view of McLaughlin et al., US 2015/0222517 (filed 2015-02), Bernstein “ChaCha, a variant of Salso20” (published 2008 and submitted in IDS filed 06/07/2019), and Guo et al., “Analysis of BLAKE2” (published 2014).
As to claims 17, Nix in view of McLaughlin and Bernstein discloses the method of claim 1 and further discloses:
Wherein a message authentication code (MAC) (Nix ¶¶ 178 and 198) based on ChaCha20 (McLaughlin ¶ 299) /12 (Bernstein) with … is used for cryptographically signing the detected measured value. (Nix ¶¶ 178 and 198)

Nix in view of McLaughlin and Bernstein does not disclose:


Guo discloses:
ChaCha12 (Guo pages 7 and 19, describing BLAKE2b that uses 12 rounds) using a HAIFA construction. (“One of the five SHA-3 finalists. Purely ARX round function inspired from ChaCha. Local wide-pipe compression function in a HAIFA iteration mode” Guo page 2 describing the BLAKE2 algorithm)

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Nix in view of McLaughlin and Bernstein with Guo by using the teachings of Guo to implement the BLAKE2b ChaCha12 variant.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Nix in view of McLaughlin and Bernstein with Guo in order to harden the system against attacks on compression and hashing (the MAC) and to support the potential adoption in the SHA-3 standard, Guo p. 18.

Claim 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Nix, US 2015/0095648 (filed 2013-09), in view of McLaughlin et al., US 2015/0222517 (filed 2015-02), Bernstein “ChaCha, a variant of Salso20” (published 2008 and submitted in IDS filed 06/07/2019), and Smith et al., US 2016/0269374 (filed 2015-03).
As to claims 18, Nix in view of McLaughlin and Bernstein discloses the method of claim 1 and further discloses:


Nix in view of McLaughlin and Bernstein does not disclose: 
is assigned to a plurality of other sensors.

Smith discloses:
Is assigned to a plurality of other sensors. (“The group management service 96 may then provision (e.g., “Operation 1”, using a discovery service, multicast discovery protocol, etc.) a key (e.g., EPID.sub.pr1 . . . pr3) to each of the devices 92a, 92b, 92e as members of the CAS group. The group management service 96 may also publish (e.g., “Operation 2”) the group certificate (e.g., CertcAs) for the CAS group. Thus, Operation 0 and Operation 2 may be part of a group enrollment” Smith ¶ 46)

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.  See PTO-892, particularly:
Gomes, US 2019/0205115, discloses a software update system for autonomous vehicles using ChaCha20.
Haase, US 2017/0293484 discloses a system that updates firmware on a sensor that utilizes ChaCha20.
McLaughlin et al., US 2017/0201499, discloses a system that secures communications between a home controller and a smart sensor using ChaCha20.


Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571) 272-4006. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MICHAEL W CHAO/Examiner, Art Unit 2492