Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statements
The information disclosure statement(s) (IDS) submitted on 09/12/2019 have been considered.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement(s) have been considered by the examiner.

Claim Objections
Claims 2-15 are objected to because claims 2-15 all depend from claim 1 and they should begin with “The method of ….”. Appropriate correction is required.
Claims 1-15 are objected to for containing acronyms in parenthesis that are not in accordance with US practice.  For example, the Examiner notes that the terms biometrics (t) and biometrics (b) should be renamed to distinguish between a (certified) biometric taken at the time of registration / enrollment and then stored, and a (acquired) biometric taken at the time of voting.  Appropriate correction is required.
Claim 12 is objected to for not ending with a period. Appropriate correction is required.

Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.



Claim Rejections - 35 USC § 112
	The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.



Claim 6, 9, 11, and 12 is rejected under 35 U.S.C. 112(b) as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention. 
Claim 6 is rejected because the terms “p and g domain parameters” are not sufficiently described to allow one of skill in the art to understand the invention.
Claims 6, 9, 11, and 12 are also rejected for including the term “preferably.” The Examiner has not interpreted the features that come after the term preferably, in the prior art rejections.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-4 and 6 are rejected under 35 U.S.C. 103 as being unpatentable over US 2015/0221153 to Dashiff et al. (hereinafter referred to as Dashiff) in view of WO 2009100230 to Clarke (hereinafter referred to as Clark). 
Regarding claim 1, Dashiff teaches,
1. A method of enrolling voters for an election, the method being implemented by an electronic device (Em), 5the method comprising the steps of: 
Dashiff end of [0027] teaches a biometrics module 122 that obtains biometrics data, which is then provided to an enterprise server 130 to register the voter. (“enrolling voters for an election”) In Dashiff, Fig. 1 ([0021-37] of Dashiff) and Fig. 2 ([0038-48] of Dashiff) are directed to voter registration (“enrolling”).  
receiving (130) a plurality of biometric data (t) acquired on a plurality of voters, 
Dashiff end of [0024] teaches multiple voters being registered or voting from the same device. Thus, the Examiner asserts that a plurality of biometric data from a plurality of users being acquired by an electronic device is taught by Dashiff. The third and second to last sentences of [0024] state, “…  For example, in an election with multiple voters, each voter may bring their own device. Alternatively, multiple voters may use one or more shared communication devices to register and/or vote.  …” (emphasis added)
Dashiff at the end of [0027] teaches biometrics of a user that “can be used, at least in part, to validate a legitimate and potential registered voter … in the enterprise server 130 and obtain a virtual voter registration number … .” 
Dashiff biometrics are acquired during a registration process (“enrolling voters”), and that multiple users may be registered using a single device, thus, it follows that multiple biometrics would have to be acquired in order to register multiple voters.
However, Dashiff does not teach,  
associating (140), in a memory of the electronic device, each biometric data (t) with at least one voting cryptographic data (CD) or with a pointer 10corresponding to a voting cryptographic data,
Clark teaches, this feature,
Clark at page 16, lines 6-7 states, “In one embodiment, the memory 28 stores biometric template data and associated identity data such as encryption keys, …  .” (emphasis added) The memory 28 is part of the electronic security device 10, as shown in Fig. 2 on page 37 of Clark.  
Examiner notes, that much like Dashiff, Clark teaches the use of a single (mobile) electronic security device 10 (“electronic device”) to store biometric data of more than one user for the purpose of authentication. For example, Clark at page 19, line 30 to page 20, line 3 states, “[a] single mobile electronic security device 10 may store biometric templates of more than one user and/or more than one biometric template per user. This ability allows multiple users to authenticate their identities using a single device and/or for a single device to behave in different manners based on the user or the manner in which authentication is carried out.”
Clark also teaches, 
so that later, during the voting, each voter can be biometrically identified using the electronic device …
Clark at page 18, line 10 to page 19, line 9 describes a process where a user enters his or her initial biometric sample. (e.g., fingerprint), which allows the user to be identified in the future, much like a registration process. 
Clark at page 19, lines 10-29 describes an authentication process where the user is identified using biometric authentication, which corresponds to the above claim language.
… and vote with the voting cryptographic data (CD) associated with the biometric data acquired on the said voter.  
	Clark in Fig. 3 and page 21, lines 6-21, teaches the electronic security device 10 using encryption keys to securely transfer data, including authentication data, to an external device 34 or to “carry out a function.” 
	Clark in Fig. 5 and page 25, line 17 to page 26, line 5 teach performing voting by performing data exchanges using non-secure medium, using the electronic security device 10, external device 34, and 
The Examiner notes that Dashiff teaches features that are related to the above recitation. Dashiff in [0055] teaches, at the time of voting, matching data acquired at the time of registration, with data acquired at the time of voting.  This information matching includes performing of biometric matching. (See last 5 sentences of Dashiff [0055]) The Examiner notes that figs. 3-4 of Dashiff and the associated descriptions of those figures in [0049-61], are directed to voting verification, as opposed to registration (“enrolling”) of a voter.  
At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of Dashiff with Clark. One of ordinary skill in the art would have been motivated to perform such an addition so that the registration / enrollment method of Dashiff, which uses biometrics, could be enhanced to include that ability to perform communication that is more secure at the electronic security device 10 of Clark, by forcing the user to biometrically authenticate at the electronic security device 10 before performing secure communications that perform actions such as voting.

	Regarding claim 2, Dashiff and Clark teach,
15A method of enrolling according to Claim 1, wherein each of the biometric data received is associated with cryptographic voting data of a single voter in the memory.  
	Clark teaches associating biometric data with cryptographic data. As stated above, Clark at page 16, lines 6-7 states, “In one embodiment, the memory 28 stores biometric template data and associated identity data such as encryption keys, …  .” (emphasis added) The memory 28 is part of the electronic security device 10, as shown in Fig. 2 on page 37 of Clark.  	

Regarding claim 3, Dashiff and Clark teach,
A method of enrolling according to Claim 1, comprising an additional 20step of generating (120a) voting cryptographic data (CD) by the electronic device.  
	Clark teaches creating a “digital key” inside the electronic security device 10, as detailed on page 12, in lines 15-19. 

	Regarding claim 4, Dashiff and Clark teach,
A method of enrolling according to Claim 1, comprising receiving the cryptographic data (CD).  
Clark on page 29, lines 1-2, teaches that a third device 10 (of figure 11) may be another type of device such as a computer.  In claim 2 on page 31 of Clark, the third device includes a hardware key.

Regarding claim 6, Dashiff and Clark teach,
A method of enrolling according to Claim 1, wherein the cryptographic voting data include a voter private key uskid and a voter public key upkid, preferably in the form, upkid = guskid mod p with p and g domain parameters.  
	Clark on page 16 lines 3-4 teaches the use of public key infrastructure (PKI) which uses public and private keys.  

	Claims 5 is rejected under 35 U.S.C. 103 as being unpatentable over Dashiff, in view of Clark, and in further view of US 7,492,258 to Shoarinejad et al. (hereinafter referred to as Shoarinejad). 
Regarding claim 5, Dashiff and Clark fail to teach, 
A method of enrolling according to Claim 1, wherein the biometric data (t) is associated in the memory with a pointer (PCD) corresponding to the voting cryptographic data and said cryptographic data (CD) is recorded in a remote database.  
However Shoarinejad teaches, the use of a pointer that is sent from a server, to be stored by a reader 104 or an RFID tag 102. The pointer allows the reader 104 or RFID tag 102 to match and use the appropriate encryptions keys when performing communications / authentication.  
Shoarinejadm, Col. 10, lines 36-44, “In step 190, the server 106 sends to the reader 104 a pointer to one of a set of encryption keys stored by the server 106. The encryption keys may be pseudorandom numbers. In step 192, the reader 104 transmits the pointer to the RFID tag 102. This transmission may occur when the reader 104 is attempting to read the RFID tag 102. In step 194, the RFID tag 102 uses the pointer to identify a corresponding encryption key from its own stored set of encryption keys. This set corresponds to the set stored by the server 106, so both encryption keys match.” (emphasis added) 
At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of Dashiff and Clark with Shoarinejadm. One of ordinary skill in the art would have been motivated to perform such an addition so that the registration / enrollment method of Dashiff, which registers multiple users using biometric data, can later communicate with the server or other servers using the same encryption keys that are already associated with that one user of the multiple users.
	
	Claims 7 is rejected under 35 U.S.C. 103 as being unpatentable over Dashiff, in view of Clark, and further in view of US 20140207537 to Joyce et al (hereinafter referred to as Joyce).
	Regarding claim 7, Dashiff and Clark do not teach, 
5A method of enrolling according to Claim 1, comprising 
a prior association step, in a database of a remote server, between an identifier of a voter of the plurality of voters and a polling station identifier, the electronic device being located in a polling station corresponding to said polling station identifier during the poll.  
	However, Joyce in [0016] teaches the first sentence teaches a token 66 that includes a bar code, or other machine readable indicator.  Later in [0016] of Joyce, the machine readable code is taught as being mapped to a voter, and also includes information including the voter’s precinct.  
Joyce in [0011] teaches the token 66 being obtained prior to voting by accessing a server.
.  

Claims 8 and 10-15 are rejected under 35 U.S.C. 103 as being unpatentable over Dashiff, in view of Clark, and further in view of US 20160063235 to Tussy (hereinafter referred to as Tussy).
Regarding claim 8, Dashiff and Clark teach,
An electronic voting method comprising implementing a method of enrolling according to Claim 1, 
As discussed above, in the rejection of claim 1, Dashiff and Clark teach enrolling a voter.  Additionally, Dashiff teaches different embodiments of voting. Some of which are directed to in person voting at designated polling locations. (See Dashiff, [0049] and [0053])
Dashiff and Clark fail to teach,
the voting method further comprising the following steps implemented by the electronic device (Em) during the voting:  
15receiving (210) a biometric data (b) acquired by a biometric sensor (BS) on an individual, said biometric data (b) corresponding to a type of biometric data used for enrollment, 
However, Tussy teaches: in Fig. 1 and [0045-46] teaches using the camera 134 located on a watch 130 that is separate from the mobile device 112 to capture an image used for biometric (facial recognition) authentication. (“biometric sensor (BS) on an individual”)
Tussy at [0145] teaches using a “fixed computer” such as an ATM to capture the image.
verifying (220) a match between the acquired biometric data and a biometric data (t) stored in the memory of the electronic device, 
the mobile device 112 compares biometric information with stored biometric information on the mobile device 112, and sends an authentication result from the comparison to the server 120.” (emphasis added)
For comparison, Dashiff at the end of [0055] discusses matching biometric data captured during registration and also captured during voting. However, Dashiff fails to teach the matching / comparison being performed in the electronic device of the user.  Instead, Dashiff [0055] appears to teach a server in fig. 3 performing the comparison.
20if said verification is positive, transmission of a voting result generated using voting cryptographic data (CD).  
Tussy in Fig. 1 and the last sentence of [0049] states, “In yet another embodiment, the mobile device 112 compares biometric information with stored biometric information on the mobile device 112, and sends an authentication result from the comparison to the server 120.” (emphasis added)
Tussy does not teach: generating an authentication result using cryptographic data because Tussy’s invention disclosure does not focus on the use of cryptography for security.  
However, Clark teaches, in Fig. 3 and page 21, lines 6-21, the electronic security device 10 using encryption keys to securely transfer data, including authentication data, to an external device 34 or to “carry out a function.”  
At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of Dashiff and Clark with Tussy. One of ordinary skill in the art would have been motivated to perform such an addition so that the registration / enrollment method of Dashiff, and the verification taught by Clark, could include biometric comparisons / matching being performed on the user’s mobile device instead of at a server, so that large amounts of biometric data would not have to be stored on a server, which makes a target for an identity thief.  
It would have also been obvious to one of ordinary skill in the art to encrypt the “authentication result” of Tussy, using the encryption keys of Clark in order to securely transfer the data.  

Regarding claim 10, Dashiff, Clark, and Tussy teach,
30A voting method according to Claim 8, comprising further steps of entering (230) a voting option (v) by the individual and of encrypting (240) the 2418029 US voting option using a voting key (pk) to obtain an encrypted vote (c) included in the voting result.  
Dashiff fig. 4 depicts a message flow diagram illustrating a process for voting using mobile communication devices. Dashiff at [0058] describes completing the virtual voter ballot includes selecting an answer to at least one question on the ballot such as, for example, entering the voter registration number, selecting the name of a candidate for state legislator. 
Dashiff does not teach encrypting the voter’s ballot.
However, Clark teaches, in Fig. 3 and page 21, lines 6-21, the electronic security device 10 using encryption keys to securely transfer data, including authentication data, to an external device 34 or to “carry out a function.”  
It would have also been obvious to one of ordinary skill in the art to encrypt the voter ballot in Dashiff using the encryption keys of Clark in order to securely transfer the ballot.  

Regarding claim 11, Dashiff, Clark, and Tussy teach,
A voting method according to Claim 10, 
wherein the encryption step 5(240) further comprises generating a proof of voting validity using the cryptographic data (CD), preferably using a voter secret key (uskid) included in the cryptographic data.  
	Dashiff in [0055] teaches a validation module 340 that validates the voter by matching voter identification information.  
Dashiff does not teach encrypting the voter’s verification information.
However, Clark teaches, in Fig. 3 and page 21, lines 6-21, the electronic security device 10 using encryption keys to securely transfer data, including authentication data.  


Regarding claim 12, Dashiff, Clark, and Tussy teach,
A voting method according to Claim 8, wherein the verification step 10includes searching for a match between the biometric data acquired by the sensor and the plurality of biometric data stored at enrollment, preferably by a Nearest Neighbour Search method  
Dashiff in [0055] teaches a validation module 340 that validates the voter by matching voter identification information which can include biometric data that was stored at the time of registration (“enrollment”). For example, in the middle of [0055] it states, “ … For instance, biometric data, images of documents, and so forth captured at different times (e.g., the registration time period and the voting time period) may not exactly match. The voter can be validated if the voter identification information matches the registration identification information within a pre-defined limit as calculated by, for example, image matching or biometric matching algorithms. In some instances, the voter identification information matches the voter registration information if the authentication code exactly matches the authentication code received or assigned during the registration process. …” (emphasis added)  

Regarding claim 13, Dashiff, Clark, and Tussy teach,
An electronic device (Em) comprising a secure element for implementing a 15method of enrolling a voter and for implementing a voting method according to Claim 8, said secure element having a memory configured to store a plurality of associations between at least one cryptographic voting data (CD) and a biometric data (t), said electronic device being configured to verify a match between one 20of the stored biometric data (t) and an acquired biometric data of the same type as the stored biometric data (t).  
Again, the Examiner notes that both Clark and Dashiff teach registering multiple voters on a single device. 
an election where multiple votes from a single device and/or a single user are allowed, etc.), other authentication codes associated with that user and/or other devices associated with that user may not be revoked.” (emphasis added)
As discussed above in the rejection of claim 12, the matching of biometric data for verification of a voter during voting, is taught in [0055] of Dashiff.
Dashiff also teaches enrolling / registering multiple users on a single device. Dashiff end of [0024] teaches multiple voters being registered or voting from the same device. Thus, the Examiner asserts that a plurality of biometric data from a plurality of users being acquired by an electronic device is taught by Dashiff. The third and second to last sentences of [0024] state, “…  For example, in an election with multiple voters, each voter may bring their own device. Alternatively, multiple voters may use one or more shared communication devices to register and/or vote.  …” (emphasis added)

Regarding claim 14, Dashiff, Clark, and Tussy teach,
An electronic device according to Claim 13, the electronic device being a smart card or USB key or a secure mobile device. 
Clark in the Abstract, teaches a mobile electronic security device (10) with a electrical connector 22 that may conform to a USB. (See Clark, Fig. 1 and page 11, line 2) Examiner interprets the mobile electronic security device (1) as corresponding to, at least, “a USB key” and/or “a secure mobile device.”

Regarding claim 15, Dashiff, Clark, and Tussy teach,
Voting device intended to be installed in a polling station and comprising: - an electronic device (Em) according to Claim 13, 
- a biometric sensor (BS), 
- a voting terminal (S) including a user interface.
Dashiff in Fig. 3 teaches a communication device 310 used to cast a vote (“voting terminal (S)”) during a voting time period, as discussed in the 3rd sentence of [0052]. Fig. 3 of Dashiff teaches that the communication device 310 and other devices that are used in voting. Fig. 4 of Dashiff depicts the Voter Registration Application 316 (of the Communication Device 310) communicating with components belonging to the Servers shown in Fig. 3. 
The communication Device 310 in Fig. 3 includes a Bio-metrics Acquisition Module 322 (“biometric sensor (BS)”)
Dashiff at [0021] teaches that the communication device may be, “any suitable compute device, such as, for example, a laptop computer, a desktop computer, a tablet computer, a mobile telephone, a smartphone, a personal digital assistant (PDA), a video game console, and/or so forth.” These devices inherently include a user interface, thus the communication device also teaches a “voting terminal (S) including a user interface.” Moreover, last sentence of [0064] of Dashiff teaches that the voter registration application 316 of the communication device 310 includes a user interface. 

Claims 9 are rejected under 35 U.S.C. 103 as being unpatentable over Dashiff, in view of Clark, in view of Tussy, and further in view of US 7,492,258 to Shoarinejadm et al. (hereinafter referred to as Shoarinejad).
A voting method according to Claim 8, 
wherein, to generate the voting result, the electronic device transmits to a remote server a pointer (PCD) 25corresponding to a voting cryptographic data, and 
receives from said remote server the voting cryptographic data (CD), the cryptographic data being preferably encrypted with an encryption key (K) of the electronic device.  
Shoarinejadm teaches a reader 104 sending “preliminary information” to a server 106, that uses the preliminary information to select an encryption key. The server 106 then sends the encryption key to the reader 104.   
reader 104 transmits the preliminary information to the server 106. In step 214, the server 106 uses the preliminary information to generate or select an encryption key, which may be a pseudorandom number. In step 216, the server 106 sends the encryption key to the reader 104. …” (emphasis added) 
At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of Dashiff, Clark, and Tussy with Shoarinejadm. One of ordinary skill in the art would have been motivated to perform such an addition so that the registration / enrollment method of Dashiff, which registers multiple users using biometric data, can later communicate with a server using the same encryption keys that are associated with that one user of the multiple users.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRIAN WILLIAM AVERY whose telephone number is (571) 272-3942.  The examiner can normally be reached on 9AM-5PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on (571) 272-3739.  
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 

/B.W.A./

/FARID HOMAYOUNMEHR/Supervisory Patent Examiner, Art Unit 2495