Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

The applicant’s representative Scott Adams, Registration No. 63,302, on January 27, 2022, authorized the following examiner’s amendment to be entered.

Amendment to the Claims:
This listing of the claims will replace all prior versions and listings of claims in the application. 
Listing of Claims:
1.	(Currently Amended) A computer implemented method of determining a common secret at an electronic device (S), the electronic device being associated with a key device (C), wherein the electronic device is further associated with a first asymmetric cryptography pair having a first electronic device private key (V1S) and a first electronic device public key (P1S), and the key device is associated with a second asymmetric cryptography pair 1C) and a first key device public key (P1C), the method comprising:
determining, at the electronic device, a deterministic key (DK);
receiving, at the electronic device, the first key device public key (P1C) from the key device;
determining, at the electronic device, a second electronic device private key (V2S) based on at least the first electronic device private key (V1S) and the deterministic key (DK); 
determining, at the electronic device, a second key device public key (P2C) based on at least the first key device public key (P1C) and the deterministic key (DK);
determining a secret based on at least the second electronic device private key (V2S) and the second key device public key (P2C); 
sending information indicative of the deterministic key (DK) to the key device
generating, at the electronic device, an authentication message (MA); [[and]]
sending the authentication message (MA) to the key device;
determining a deterministic authentication key (DKA) by determining a hash of the authentication message (MA);
generating, at the key device, a signed authentication message (SMA) based on the deterministic authentication key (DKA) and a second key device private key (V2C); 
receiving, at the electronic device, the signed authentication message (SMA) from the key device; 
validating the signed message (SMA) with the second key device public key (P2C); and authenticating the key device based on the result of validating the signed authentication message (SMA); and
wherein the second key device private key (V2C) is based on the deterministic authentication key (DKA) and the first key device private key (V1C), and the second key device public key (P2C) is based on the deterministic authentication key (DKA) and the first key device public key (P1C).
2.	(Currently Amended) The method of claim 1, further comprising:
generating, at the key device, a second asymmetric cryptography pair having [[a ]]the second key device private key (V2C) and [[a ]]the second key device public key (P2C).
3.	(Cancelled) 
4.	(Cancelled) 
5.	(Cancelled) 
6.	(Original) The method of claim 1, further comprising:
encrypting the data at the electronic device using the determined secret or an encryption key that is based on the determined secret.
7.	(Original) The method of claim 1 further comprising:
storing, at the key device, the information indicative of the deterministic key (DK).
8.	(Original) The method of claim 1, wherein:
the deterministic key (DK) is based on a message (M). 

generating the message (M) at the electronic device; and
determining the deterministic key (DK) based on determining a hash of the message (M).
10.	(Original) The method of claim 1, further comprising:
determining a second electronic device public key (P2S) based on at least the first electronic device public key (P1S) and the deterministic key (DK). 
11.	(Original) The method of claim 1, further comprising:
sending from the electronic device to the key device, a notice indicative of using a common elliptic curve cryptography (ECC) system with a common generator (G).
12.	(Original) The method of claim 11, wherein:
the first electronic device public key (P1S) and the first key device public key (P1C) are based on elliptic curve point multiplication of the respective first electronic device private key (V1S) and first key device private key (V1C) and the common generator (G). 
13.	(Original) The method of claim 11, further comprising:
generating the first electronic device private key (V1S) based on a random integer in an allowable range specified in the common ECC system; and
generating the first electronic device public key (P1S) based on elliptic curve point multiplication of the first electronic device private key (V1C) and the common generator (G) according to the following formula:
		P1S = V1S x G.

generating the second electronic device private key (V2S) based on a scalar addition of the first electronic device private key (V1S) and the deterministic key (DK) according to the following formula:
		V2S = V1S + DK.
15.	(Original) The method of claim 11, further comprising:
generating the second electronic device public key (P2S) based on at least the first electronic device public key (P1S) with elliptic curve point addition to the deterministic key (DK).
16.	(Original) The method of claim 15, wherein:
the second electronic device public key (P2S) is based on the first electronic device public key (P1S) with elliptic curve point addition to the elliptic curve point multiplication of the deterministic key (DK) and the common generator (G) according to the following formula:
		P2S = P1S + DK x G.
17.	(Original) The method of claim 11, further comprising:
generating the second key device public key (P2C) based on at least the first key device public key (P1C) with elliptic curve point addition to the deterministic key (DK).
18.	(Original) The method of claim 17, wherein:
the second key device public key (P2C) is based on the first key device public key (P1C) with elliptic curve point addition to the elliptic curve point multiplication of the deterministic key (DK) and the common generator (G) according to the following formula:
2C = P1C + DK x G.
19.	(Original) The method of claim 1, further comprising:
determining the encryption key based on the determined secret and identification information of the electronic device.
20.	(Original) The method of claim 1, further comprising:
storing, at a data storage associated with the electronic device, the first key device public key (P1C).
21.	((Currently Amended) The method of claim 6, further 
receiving, at the electronic device, the information indicative of the deterministic key (DK), from the key device;
determining the secret based on the received information indicative of the deterministic key (DK); and
decrypting, at the electronic device, the encrypted data using the secret or the encryption key that is based on the secret.
22.	(Currently Amended) The method of claim 21, further comprising: 
requesting, at the electronic device, the information indicative of the deterministic key (DK) from the key device; 
generating, at the key device, a signed message (SM) based on a message (M); 

validating, at the electronic device, the signed message (SM); and 
retrieving the message (M) such that the secret is to be determined, at the electronic device, for decrypting the data.
23.	(Currently Amended) A computer system for determining a common secret at an electronic device, the computer system comprising:
the electronic device being associated with a first asymmetric cryptography pair having a first electronic device private key (V1S) and a first electronic device public key (P1S),
a key device being associated with a second asymmetric cryptography pair having a first key device private key (V1C) and a first key device public key (P1C); 
wherein the electronic device comprises a processor configured to:
determine a deterministic key (DK);
receive the first key device public key (P1C) from the key device;
determine a second electronic device private key (V2S) based on at least the first electronic device private key (V1S) and the deterministic key (DK);
determine a second key device public key (P2C) based on at least the first key device public key (P1C) and the deterministic key (DK);
determine a secret based on at least the second electronic device private key (V2S) and the second key device public key (P2C);
generate, at the electronic device, an authentication message (MA); and
send the authentication message (MA) to the key device; [[and]]
determine a deterministic authentication key (DKA) by determining a hash of the authentication message (MA);
generate, at the key device, a signed authentication message (SMA) based on the deterministic authentication key (DKA) and a second key device private key (V2C); 
receive, at the electronic device, the signed authentication message (SMA) from the key device; 
validate the signed message (SMA) with the second key device public key (P2C); and authenticating the key device based on the result of validating the signed authentication message (SMA); and
wherein information indicative of the deterministic key (DK) is stored on the key device and wherein the second key device private key (V2C) is based on the deterministic authentication key (DKA) and the first key device private key (V1C), and the second key device public key (P2C) is based on the deterministic authentication key (DKA) and the first key device public key (P1C).
24.	(Original) The computer system of claim 23, further configured to encrypt the data on the electronic device using the determined secret or an encryption key that is based on the determined secret.
25.	(Original) The computer system of claim 24, further configured to decrypt data, the processor of the electronic device being configured to:
receive the information indicative of the deterministic key (DK), from the key device;
determine the secret based on the information indicative of the deterministic key (DK); and

26.	(Currently Amended) An electronic device for determining a common secret, the electronic device being associated with a key device, wherein the electronic device is associated with a first asymmetric cryptography pair having a first electronic device private key (V1S) and a first electronic device public key (P1S), and the key device is associated with a second asymmetric cryptography pair having a first key device private key (V1C) and a first key device public key (P1C), the electronic device comprising a processing device configured to:
-	determine a deterministic key (DK);
-	receive the first key device public key (P1C) from the associated key device;
-	determine a second electronic device private key (V2S) based on at least the first electronic device private key (V1S) and the deterministic key (DK); 
- 	determine a second key device public key (P2C) based on at least the first key device public key (P1C) and the deterministic key (DK);
- 	determine a secret based on at least the second electronic device private key (V2S) and the second key device public key (P2C); 
- 	generate, at the electronic device, an authentication message (MA); and
-	send the authentication message (MA) to the key device;
determine a deterministic authentication key (DKA) by determining a hash of the authentication message (MA);
generate, at the key device, a signed authentication message (SMA) based on the deterministic authentication key (DKA) and a second key device private key (V2C); 
receive, at the electronic device, the signed authentication message (SMA) from the key device; 
validate the signed message (SMA) with the second key device public key (P2C); and authenticating the key device based on the result of validating the signed authentication message (SMA); and

wherein information indicative of the deterministic key (DK) is sent to the key device[[ ]]and wherein the second key device private key (V2C) is based on the deterministic authentication key (DKA) and the first key device private key (V1C), and the second key device public key (P2C) is based on the deterministic authentication key (DKA) and the first key device public key (P1C)
27.	(Currently Amended) A non-transitory computer-readable storage medium having a computer program embodied thereon comprising machine-readable instructions to cause a processing device of an electronic device to implement the method of claim 1.


Reason for allowance
Claims 1-2 and 6-27 are allowed. The following is an examiner’s statement of reasons for allowance. After consideration of the applicant’s correspondence filed on July 10, 2020, through examination of the claims with application, further proposed examiner’s amendment and search, the pertinent prior arts of record cited in PTO-892, either taken alone or in combination neither anticipates nor renders obvious the claimed subject matter of the instant application taken as a 
In claim 1:	Determining a common secret at an electronic device (S) associated with a key device (C), wherein the electronic device having a first electronic device private key (V1S) and a first electronic device public key (P1S)  and  the key device having a first key device private key (V1C) and a first key device public key (P1C);
the electronic device: determining a deterministic key (DK); receiving the first key device public key (P1C) from the key device; determining a second electronic device private key (V2S) based on at least the first electronic device private key (V1S) and the deterministic key (DK); determining a second key device public key (P2C) based on at least the first key device public key (P1C) and the deterministic key (DK); determining a secret based on at least the second electronic device private key (V2S) and the second key device public key (P2C);  sending information indicative of the deterministic key (DK) to the key device; generating an authentication message; sending the authentication message (MA) to the key device; determining a deterministic  authentication key (DKA) by determining a hash of the authentication message (MA);
the key device: generating a signed authentication message (SMA) based on the deterministic authentication key (DKA) and a second key device private key (V2C); receiving, the signed authentication message (SMA) from the key device; validating the signed message (SMA) with the second key device public key (P2C); and authenticating the key device based on the result of validating the signed authentication message (SMA); and
wherein the second key device private key (V2C) is based on the deterministic authentication key (DKA) and the first key device private key (V1C), and the second key device 
Claim 23 is directed to a computer system for determining a common secret, claim 26 is directed to an electronic device for determining a common secret and claim 27 is directed to a non-transitory computer-readable storage medium having a computer program for determining a common secret, and claims 23, 26 and 27 are allowed for having substantially similar allowable features as recited in claim 1.

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure are:
Beeson  [US 20060153365]:	The context of generating and safeguarding asymmetric keys, such as public key/private keys, for use in elliptic curve cryptography (ECC), for adoption and use of cryptography in electronic communications and use of digital signatures and use of the same private key in multiple public-private key pairs that are established for communicating with different parties. The method is performed by a first party of providing a public key of a public-private key pair for use in elliptic curve cryptography includes the steps of: identifying domain parameters of an elliptic curve for use in elliptic curve cryptography, the domain parameters including an initial generating point; transforming the initial generating point into a new generating point as a deterministic function; and generating within a computer system a public key as a deterministic function of a private key and the domain parameters, in which the new generating point is substituted for the initial generating point. The resulting public key, in conjunction with the private key, forms a public-private key pair that then can be used in elliptic 
Nguyen [US 20080288773]:	An authentication center (AC) private key; computing an AC public key based at least in part on the AC private key and a reference point in a cryptography algorithm; receiving a communication device (CD) public key computed by a communication device based at least in part on a CD private key and the reference point in the cryptography algorithm, wherein the CD private key is stored in an identity module of the communication device; supplying the AC public key to the communication device; computing a shared secret key based at least in part on the AC public key and the CD public key; and authenticating the communication device based at least in part on the shared secret key, wherein the shared secret key is temporarily stored by an authentication server.
Lauter [US20070165843]: 	A trapdoor pairing is a cryptographic primitive generated by determining a bilinear pairing between an elliptic curve group and another group and selecting a parameter of the bilinear pairing, such as a group order or an isogeny between curves, to be a key for generating and evaluating the bilinear pairing. Trapdoor pairing allows construction of a group in which the Decisional Diffie-Hellman (DDH) problem is computationally infeasible given only the description of the group, but is easy given the secret key. Exemplary trapdoor pairing constructions have general applicability to cryptography and also lend themselves more specifically to certain special practical implementations, such as public key cryptography and certificate authority infrastructures.



Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See the notice of reference cited in form PTO-892 for additional prior art.

Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TECHANE GERGISO whose telephone number is (571)272-3784. The examiner can normally be reached 9:30am to 6:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JUNG W KIM can be reached on 5712723804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available 





/TECHANE GERGISO/Primary Examiner, Art Unit 2494