DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Amendments
	This office action responds to the amendments filed on November 30, 2021 for application 16/598,428.  Claims 1-2, 7-8, 13-14, and 18 were amended, and claims 1-20 remain pending in the application.
Response to Arguments
	The Examiner has fully considered the Applicant’s arguments filed on November 30, 2021, and the Examiner responds as provided below.
	Regarding the Applicant’s response at page 8 of the Remarks that concerns the objection to the drawings, the amendment to the specification cures the deficiency and the objection is withdrawn.
Regarding the Applicant’s response at pages 8-9 of the Remarks that concerns the § 103 rejection of independent claims 1, 7, 13, and 18, the Applicant’s argument is primarily based upon the amendment, “wherein the DP accelerator is not aware of a functionality type of the kernel.”  While the Examiner appreciates the Applicant’s efforts to amend the claims and advance prosecution, the limitation involving “aware” is indefinite under § 112(b) as detailed below.  Additionally, the limitation of “aware” fails to overcome the prior art of record with respect to the § 103 rejection.  
Under the broadest reasonable interpretation of the claims, see MPEP § 2111, aware means “having knowledge; conscious; cognizant.”  To substantiate the § 103 
Regarding the Applicant’s response at pages 9-10 of the Remarks that concerns the § 103 rejection of dependent claims 2-6, 8-12, 14-17, and 19-20, the arguments for patentability rest upon the patentability of the independent claims or the claim limitations within the independent claims.  Because the independent claims are not patentable over the prior art of record as detailed below, the dependent claims are similarly not allowable.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


A.  Use of the term “aware”
Independent claims 1, 7, 13, and 18, and thus their dependent claims 2-6, 8-12, 14-17, and 19-20, are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly 
Each of the independent claims recites the limitation, “the DP accelerator is not aware of a functionality type of the kernel.”  The claims are indefinite under § 112(b) because “aware” may be defined as “having knowledge; conscious; cognizant,” which typically encompasses a human condition.  In contrast, a DP accelerator is a lifeless computer component, and the meaning of “aware” with respect to computer components is not clear.  In other words, what does it mean for a computer component to be “aware?”  
To overcome this rejection, the claim limitation should be reworded to place this limitation within the appropriate context of computers, or alternatively, stated without the use of a negative limitation that relies upon “not.”  For example, computers possess memory, and perhaps the “functionality type of the kernel” is not stored within the memory of the DP accelerator.  The Examiner notes that support for any amendment must exist within the original disclosure, as no new matter may be added to the amended claims.
Alternatively, the Examiner is willing to accept an argument that this limitation of “aware” complies with § 112(b).  (This is underlined to emphasize that the Examiner is indeed willing to accept a persuasive argument.)  
B.  Use of the forward slash for “encryption/decryption kernel”
	Independent claims 1, 7, 13, and 18, and thus their dependent claims 2-6, 8-12, 14-17, and 19-20, are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly 
	The claims 1-2, 7-8, 13-14, and 18 use a forward slash in the limitation “encryption/decryption kernel.”  The claims are indefinite because it is unclear whether the same kernel is used for encryption and decryption or if a separate kernel is used for each of encryption and decryption.  In other words, the claim should be amended to specify whether the correct limitation is a “encryption and decryption kernel” or an “encryption or decryption kernel,” which amounts to a separate encryption kernel and decryption kernel.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

(NOTE: within the Examiner’s parenthetical explanations below, material within quotation marks is language quoted from the prior art reference, underlined material is language quoted from the claims, and material within brackets is material altered from either a prior art reference or a claim.  Regarding the reconstruction of the claims, a numbered footnote indicates a primary phrase to be first moved upwards to the first cited reference, while a lettered footnote indicates a secondary phrase to be moved after the movement of the primary phrase from which it was lifted.  Or more succinctly, move numbered material first, lettered material last.)
A.	Claims 1-3, 7-9, 13-15, and 18-19 are rejected under 35 U.S.C. 103 as being unpatentable over Stufflebeam et al. (US 2011/0225431, “Stufflebeam”) in view of Savagaonkar et al. (US 2021/0034788, “Savagaonkar”).
Regarding Claim 1
Stufflebeam discloses
A computer-implemented method (abstract, ¶ [0009], “In accordance with another embodiment of the present disclosure, a method for encryption and decryption of data…”) of a data processing (DP) accelerator encrypting or decrypting input data (Figs. 1 & 2, ¶ [0036], “Encryption accelerator 116 [that acts a data processing (DP) accelerator] may be communicatively coupled to I/O controller 116 and may comprise any system, device, or apparatus configured to encrypt data [as input data] for storage on one or more of storage resources 114, and/or decrypt data [as input data] read from one or more of storage resources 114.”), 
the method comprising: 
receiving, from a host device (Figs. 1 & 2, ¶ [0038], “For example, processor 103 [that acts as a host device] or another component of information handling system 102 may execute application 202, device driver 204, and/or middleware 206 to facilitate encryption and decryption.”), a command, the input data (¶¶ [0042]-[0043], “In addition to the foregoing, in connection with an I/O operation, application 202 may instruct encryption accelerator 116 [via a receiv[ed] command] to perform an encryption or decryption task [via a command];” “encryption accelerator 116 may encrypt or decrypt [input] data associated with the I/O operation;” and ¶¶ [0012]-[0013], “…in response to detection of an input/output operation, communicate a command to an encryption , and 
…1, wherein the DP accelerator is not aware of a functionality type of the kernel (¶ [0012], “…in response to detection of an input/output operation, communicate a command to an encryption accelerator communicatively coupled to the processor to perform an encryption or decryption task upon data associated with an input/output operation,” i.e., the accelerator was “not aware” of the encryption or decryption functionality until receiving a communication after detection of an operation to that effect); 
in response to the DP accelerator receiving the command (¶¶ [0012]-[0013], [0042]-[0043]): 
encrypting by the DP accelerator the input data using the encryption/decryption kernel (¶ [0038], “…input/output operations involving storage resources 114 (e.g., read and write operations) are encrypted or decrypted by an encryption task executed by encryption accelerator 116 based on a specified cryptographic function [that similarly acts as the kernel as disclosed by Savagaonkar] and/or encryption key;” and ¶¶ [0042]-[0043], ““In addition to the foregoing, in connection with an I/O operation, application 202 may instruct encryption accelerator 116 to perform an encryption or decryption task…”), 
in response to the command being “encrypt” (¶ [0008], “receive a command from the processor to perform an encryption or decryption task upon data associated with an input/output operation, and in response to receiving the command, encrypt or decrypt the data associated with the input/output operation based on a particular one of commands or instructions into those that may be recognized by encryption accelerator 116).”); and 
decrypting the input data using the entryption/decryption kernel (¶ [0038], “…input/output operations involving storage resources 114 (e.g., read and write operations) are encrypted or decrypted by an encryption task executed by encryption accelerator 116 based on a specified cryptographic function [that similarly acts as the kernel as disclosed by Savagaonkar] and/or encryption key;” and ¶¶ [0042]-[0043], ““In addition to the foregoing, in connection with an I/O operation, application 202 may instruct encryption accelerator 116 to perform an encryption or decryption task…”) 
in response to the command being decrypt (encrypt” (¶ [0008], “receive a command from the processor to perform an encryption or decryption task upon data associated with an input/output operation, and in response to receiving the command, encrypt or decrypt the data associated with the input/output operation based on a particular one of the plurality of cryptographic functions;” and ¶ [0039], “Middleware 206 may serve as an interface between application 202 and cryptoprocessor 110 allowing application 202 to interact with cryptoprocessor 110 (e.g., device driver 204 may provide an application programming interface to application 202 that translates generalized commands or instructions into those that may be recognized by encryption accelerator 116).”); and 
transmitting the encrypted, or decrypted, input data to the host device (Fig. 1, ¶ [0043], “After encryption or decryption of data, data may be stored [after its transmit[ssion]] to a storage resource 114,” where the host device comprises the processor 103 and storage, i.e., “storage resource 114”).
Stufflebeam doesn’t disclose
	1 … an encryption/decryption kernel;
Savagaonkar, however, discloses
	1 …an encryption/decryption kernel (¶¶ [0031]-[0032],  “the ability to perform authenticated encryption and/or decryption at PCIe [peripheral component interconnect express] line rate with minimal additional latency;” and “The enclave then use this cryptographic session to encrypt the PCIe accelerator code and/or data and sends this encrypted code [that acts as a kernel, noting Applicant’s disclosure defines a kernel as “a small piece of code” at ¶ [0019] of PG-PUB 2021/0110066]  and/or data out to the host OS, which, in turn may store the encrypted code and/or date in memory to be accessed by the one or more PCIe accelerators. As such, at block 420, the one or more PCIe accelerators retrieve the encrypted code and/or data out of memory of the host computing device. At block 430, the one or more PCIe accelerators decrypt the encrypted code and/or data using a cryptographic engine, such as a cryptographic engine 560 discussed further below. The one or more PCIe accelerators process the (now unencrypted) code and/or data using and generate results at bock 440,” where the encrypted code substitutes or acts in the same fashion as the “cryptographic function to be applied in executing the encryption or decryption task,” see Stufflebeam ¶ [0043]);

To substantiate the conclusion of obviousness under this KSR rationale, the Examiner finds pursuant to MPEP § 2143(I)(B):
1) the prior art contained a system that differed from the claimed system by the substitution of some component, and more specifically, Stufflebeam discloses cryptographic functions stored in an accelerator that differs from the claimed invention that possesses transferred cryptographic code, where the transferred cryptographic code substitutes for the cryptographic functions of Stufflebeam;
2) the substituted component of the transferred cryptographic code in an accelerator was known in the art, as demonstrated by Savagaonkar; and
3) one of ordinary skill in the art could have substituted one known element (the transferred code of Savagaonkar) for another (the cryptographic functions of Stufflebeam) and the results would have been predictable to one of ordinary skill in the art.
Regarding Claim 2
Stufflebeam in view of Savagaonkar (“Stufflebeam-Savagaonkar”) discloses the method of claim 1, and Stufflebeam further discloses
wherein the DP accelerator is a general purpose processor or an artificial intelligence (AI) accelerator (¶ [0012], “communicate a command to an encryption processor to perform an encryption or decryption task,” and ¶ [0032], “apparatus configured to serve as an interface and/or hub between processor 103 and certain components of information handling system 102 (e.g., cryptoprocessor 110,” i.e., the “processor 103” is distinguished from the “cryptoprocessor 110,” and thus is a general purpose processor) and the DP accelerator is not aware that the type of functionality of the kernel is encryption/decryption (¶ [0012], “…in response to detection of an input/output operation, communicate a command to an encryption accelerator communicatively coupled to the processor to perform an encryption or decryption task upon data associated with an input/output operation,” i.e., the accelerator was “not aware” of the functionality of encryption/decryption until receiving a communication after detection of an operation to that effect),
and the method further comprising exchanging one or more keys with the host device (¶ [0036], “encryption accelerator 116 may serve as a general purpose encryption accelerator that is configured to execute multiple cryptographic functions (e.g., encryption algorithms, algorithm modes, cryptographic hashes, and/or cryptographic sign functions), and/or may be configured to load encryption keys (e.g., encryption keys provided [via exchanging] by a software program [operating within the host device] or other entity or encryption keys stored and/or generated by cryptoprocessor 110) for encryption tasks”).  
Regarding Claim 3
Stufflebeam-Savagaonkar discloses the method of claim 2, and Stufflebeam further discloses 
further comprising establishing …1 between the host device (Figs. 1 & 2, ¶ [0038]) and the DP accelerator (Figs. 1 & 2, ¶ [0036]) using at least one of the one or more of the keys (¶ [0036]).
Savagaonkar further discloses
	1 …a secure link… (¶ [0032], i.e., the code is first “encrypted” at the enclave, which corresponds to the processor/host device of Stufflebeam, and then “decrypted” at a “PCIe accelerator,” thereby producing a secure link between the enclave/host device and accelerator)
	Regarding the combination of Stufflebeam and Savagaonkar, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the encryption system of Stufflebeam to have included the secure link feature of Savagaonkar. One of ordinary skill in the art would have been motivated to incorporate the secure link feature of Savagaonkar because Savagaonkar teaches the desirability of a secure link by stating “a remote procedure call handshake protocol [] enables secure communications between different entities.”  See Savagaonkar ¶ [0031].
Regarding Independent Claim 7
Stufflebeam discloses
A data processing (DP) accelerator (Figs. 1 & 2, ¶ [0036], “Encryption accelerator 116” that acts a data processing (DP) accelerator), comprising: 
an interface to receive (Figs. 1 & 2, ¶ [0036], “Encryption accelerator 116 may be communicatively coupled [via an interface] to I/O controller 116 [to receive] …”) a command, the input data (¶¶ [0042]-[0043], “In addition to the foregoing, in connection receiv[ed] command] to perform an encryption or decryption task [via a command];” “encryption accelerator 116 may encrypt or decrypt [input] data associated with the I/O operation;” and ¶¶ [0012]-[0013], “…in response to detection of an input/output operation, communicate a command to an encryption accelerator communicatively coupled to the processor to perform an encryption or decryption task upon data associated with an input/output operation”), and…1 from a host device (Figs. 1 & 2, ¶ [0038], “For example, processor 103 [that acts as a host device] or another component of information handling system 102 may execute application 202, device driver 204, and/or middleware 206 to facilitate encryption and decryption.”)
wherein the DP accelerator is not aware of a functionality type of the kernel (¶ [0012], “…in response to detection of an input/output operation, communicate a command to an encryption accelerator communicatively coupled to the processor to perform an encryption or decryption task upon data associated with an input/output operation,” i.e., the accelerator was “not aware” of the encryption or decryption functionality until receiving a communication after detection of an operation to that effect); and 
2 … , in response to the DP accelerator receiving the command (¶¶ [0012]-[0013], [0042]-[0043]), 
configured to encrypt the input data using the encryption/decryption kernel (¶ [0038], “…input/output operations involving storage resources 114 (e.g., read and write operations) are encrypted or decrypted by an encryption task executed by encryption accelerator 116 based on a specified cryptographic function [that similarly acts as the encryption kernel as disclosed by Savagaonkar] and/or encryption key;” and ¶¶ [0042]-[0043], ““In addition to the foregoing, in connection with an I/O operation, application 202 may instruct encryption accelerator 116 to perform an encryption or decryption task…”), 
in response to the command being “encrypt” (¶ [0008], “receive a command from the processor to perform an encryption or decryption task upon data associated with an input/output operation, and in response to receiving the command, encrypt or decrypt the data associated with the input/output operation based on a particular one of the plurality of cryptographic functions;” and ¶ [0039], “Middleware 206 may serve as an interface between application 202 and cryptoprocessor 110 allowing application 202 to interact with cryptoprocessor 110 (e.g., device driver 204 may provide an application programming interface to application 202 that translates generalized commands or instructions into those that may be recognized by encryption accelerator 116).”), and
decrypt the input data using the encryption/decryption kernel (¶ [0038], “…input/output operations involving storage resources 114 (e.g., read and write operations) are encrypted or decrypted by an encryption task executed by encryption accelerator 116 based on a specified cryptographic function [that similarly acts as the kernel as disclosed by Savagaonkar] and/or encryption key;” and ¶¶ [0042]-[0043], ““In addition to the foregoing, in connection with an I/O operation, application 202 may instruct encryption accelerator 116 to perform an encryption or decryption task…”) 
in response to to the command being “decrypt” (encrypt” (¶ [0008], “receive a command from the processor to perform an encryption or decryption task upon data associated with an input/output operation, and in response to receiving the command, commands or instructions into those that may be recognized by encryption accelerator 116).”), and 
transmit the encrypted or decrypted input data to the host device (Fig. 1, ¶ [0043], “After encryption or decryption of data, data may be stored [after its transmit[ssion]] to a storage resource 114,” where the host device comprises the processor 103 and storage, i.e., “storage resource 114”).
Stufflebeam doesn’t disclose
	1 …an encryption/decryption kernel…
	2 a security unit,…
Savagaonkar, however, discloses
1 …an encryption/decryption kernel (¶¶ [0031]-[0032],  “the ability to perform authenticated encryption and/or decryption at PCIe [peripheral component interconnect express] line rate with minimal additional latency;” and “The enclave then use this cryptographic session to encrypt the PCIe accelerator code and/or data and sends this encrypted code [that acts as a kernel, noting Applicant’s disclosure defines a kernel as “a small piece of code” at ¶ [0019] of PG-PUB 2021/0110066]  and/or data out to the host OS, which, in turn may store the encrypted code and/or date in memory to be accessed by the one or more PCIe accelerators. As such, at block 420, the one or more ;
	2 a security unit,… (¶ [0004], “the PCIe accelerator apparatus further comprises an application processor [acting as a security unit] configured to manage keys used by the cryptographic engine,” and ¶ [0016], “The application processor may be configured to manage the keys [and thereby act as a security unit as a key manager] used by the cryptographic engine”)
	Regarding the combination of Stufflebeam and Savagaonkar, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Stufflebeam to arrive at the claimed invention.  KSR establishes that a rationale for obviousness is proven by showing a “simple substitution of one known element for another to obtain predictable results.” See MPEP § 2143(I)(B).
To substantiate the conclusion of obviousness under this KSR rationale, the Examiner finds pursuant to MPEP § 2143(I)(B):
1) the prior art contained a system that differed from the claimed system by the substitution of some component, and more specifically, Stufflebeam discloses cryptographic functions stored in an accelerator that differs from the claimed invention 
2) the substituted component of the transferred cryptographic code in an accelerator was known in the art, as demonstrated by Savagaonkar; and
3) one of ordinary skill in the art could have substituted one known element (the transferred code of Savagaonkar) for another (the cryptographic functions of Stufflebeam) and the results would have been predictable to one of ordinary skill in the art.
Regarding Claim 8
Stufflebeam-Savagaonkar discloses the DP accelerator of claim 7, and Stufflebeam further discloses
wherein the DP accelerator is a general purpose processor or an artificial intelligence (AI) accelerator (¶ [0012], “communicate a command to an encryption accelerator communicatively coupled to the processor to perform an encryption or decryption task,” and ¶ [0032], “apparatus configured to serve as an interface and/or hub between processor 103 and certain components of information handling system 102 (e.g., cryptoprocessor 110,” i.e., the “processor 103” is distinguished from the “cryptoprocessor 110,” and thus is a general purpose processor) and the DP accelerator is not aware that the type of functionality of the kernel is encryption/decryption (¶ [0012], “…in response to detection of an input/output operation, communicate a command to an encryption accelerator communicatively coupled to the processor to perform an encryption or decryption task upon data associated with an input/output operation,” i.e., the accelerator was “not aware” of the functionality of encryption/decryption until receiving a communication after detection of an operation to that effect),
wherein …1 to exchange one or more keys with the host device (¶ [0036]).
Savagaonkar further discloses
	1 …the security unit comprises a key manager… (¶ [0016], “The application processor [as the security unit] may be configured to manage the keys [as a key manager] used by the cryptographic engine”)
	Regarding the combination of Stufflebeam and Savagaonkar, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the encryption system of Stufflebeam to have included the key-manager feature of Savagaonkar. One of ordinary skill in the art would have been motivated to incorporate the key-manager feature of Savagaonkar because Stufflebeam discloses “a particular cryptographic function and/or a key may be specified [via a key manager] as a function of a task performed by encryption accelerator 116,” see Stufflebeam ¶ [0036], and Savagaonkar explicitly teaches the key manager that can be inferred (or is suggested) from Stufflebeam.
Regarding Claim 9
Stufflebeam-Savagaonkar discloses the DP accelerator of claim 8, and Stufflebeam further discloses
further comprising a channel manager (Fig. 1, ¶ [0027], i.e., the I/O controller that establishes a link between the “encryption accelerator 116” and the “processor 103” that serves as the host device) configured to establish …1 between the host device (Figs. 1  and the DP accelerator (Figs. 1 & 2, ¶ [0036]) using at least one of the one or more of the keys (¶ [0036]).
Savagaonkar further discloses
	1 …a secure link… (¶ [0032], i.e., the code is first “encrypted” at the enclave, which corresponds to the processor/host device of Stufflebeam, and then “decrypted” at a “PCIe accelerator,” thereby producing a secure link between the enclave/host device and accelerator)
Regarding the combination of Stufflebeam and Savagaonkar, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the encryption system of Stufflebeam to have included the secure link feature of Savagaonkar. One of ordinary skill in the art would have been motivated to incorporate the secure link feature of Savagaonkar because Savagaonkar teaches the desirability of a secure link by stating “a remote procedure call handshake protocol [] enables secure communications between different entities.”  See Savagaonkar ¶ [0031].
Regarding Independent Claim 13 and Dependent Claims 14 and 15
With respect to claims 13-15, a corresponding reasoning as given earlier for claims 1-3 applies, mutatis mutandis, to the subject matter of claims 13-15. Therefore, claims 13-15 are rejected, for similar reasons, under the grounds set forth for claims 1-3.
Regarding Independent Claim 18
With respect to independent claim 18, a corresponding reasoning as given earlier for independent claim 1 applies, mutatis mutandis, to the subject matter of claim 18. 
Regarding Dependent Claim 19
With respect to dependent claim 19, a corresponding reasoning as given earlier for claims 2 and 3 applies, mutatis mutandis, to the subject matter of claim 19. Therefore, claim 19 is rejected, for similar reasons, under the grounds set forth for claims 2 and 3.
B.	Claims 4-6, 10-12, 16-17, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Stufflebeam in view of Savagaonkar, and further in view of Hunt et al. (US 2018/0285600, “Hunt”).
Regarding Claim 4
Stufflebeam-Savagaonkar discloses the method of claim 2, and Stufflebeam further discloses 
wherein at least one of the exchanged keys (¶ [0036]) is a …1, and 
the received kernel (of Stufflebeam ¶ [0032]) encrypts, or decrypts, the input data (¶¶ [0038], [0042]-[0043]) using the …2.
Stufflebeam-Savagaonkar doesn’t disclose
	1, 2 … symmetric key
Hunt, however, discloses
	1, 2 … symmetric key (¶ [0046], “…encryption accelerator 452 may include various multipliers, dividers, modulo operators, shifters, multiplexors, and other symmetric key encryption, symmetric key decryption”)
	Regarding the combination of Stufflebeam and Savagaonkar, the rationale to combine Stufflebeam and Savagaonkar for claim 4 is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 4.
	Regarding the combination of Stufflebeam-Savagaonkar and Hunt, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the encryption system of Stufflebeam-Savagaonkar to have included the symmetric key feature of Hunt. One of ordinary skill in the art would have been motivated to incorporate the symmetric key feature of Hunt because Stufflebeam-Savagaonkar discloses the use of keys for encryption and decryption, and a person skilled in the art would find it “obvious to try” one of either symmetric or asymmetric keys for the encryption system.  See MPEP § 2143(I)(E) – Exemplary Rationales (stating “’Obvious to try’ – choosing from a finite number of identified, predictable solutions, with a reasonable expectation of success”).
Regarding Claim 5
Stufflebeam-Savagaonkar disclose the method of claim 2, and Stufflebeam further discloses
wherein at least one of the one or more keys (¶ [0036], “…or encryption keys stored and/or generated by cryptoprocessor 110) for encryption tasks.”) is …1
Hunt further discloses
1 …retrieved from, or based on a key retrieved from, a secure storage of a security unit of the DP accelerator (¶ [0047], “Secure key storage 453 may be configured to securely store keys such as public and/or private cryptographic keys,” i.e., the storage disclosed by Stufflebeam is taught as being a secure storage by Hunt).
Regarding the combination of Stufflebeam-Savagaonkar and Hunt, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the encryption system of Stufflebeam-Savagaonkar to have included the secure-storage feature of Hunt. One of ordinary skill in the art would have been motivated to incorporate the secure-storage feature of Hunt because Hunt teaches a system that “allow[s a] device to be booted in a secure manner, allowing the device to be securely updated,” which is achieved by implementing security measures, see Hunt ¶ [0042], such as secure storage. 
Regarding Claim 6
Stufflebeam-Savagaonkar disclose the method of claim 2, and Stufflebeam further discloses
wherein the encryption, or decryption (¶¶ [0038], [0042]-[0043]), is performed by the kernel (of Stufflebeam ¶ [0032]) using a key received from the host device (¶ [0036], “In some embodiments, encryption accelerator 116 may serve as a general purpose encryption accelerator that is configured to execute multiple cryptographic functions (e.g., encryption algorithms, algorithm modes, cryptographic hashes, and/or cryptographic sign functions), and/or may be configured to load encryption keys (e.g., encryption keys provided by a software program or other entity or encryption keys stored and/or generated by cryptoprocessor 110) for encryption tasks,” i.e., a key is received from the host device that includes the “cryptoprocessor 110”).
Regarding the combination of Stufflebeam and Savagaonkar, the rationale to combine Stufflebeam and Savagaonkar for claim 6 is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 6.
Regarding Dependent Claims 10-12
With respect to dependent claims 10-12, a corresponding reasoning as given earlier for dependent claims 4-6 applies, mutatis mutandis, to the subject matter of claims 10-12. Therefore, claims 10-12 are rejected, for similar reasons, under the grounds set forth for claims 4-6. 
Regarding Dependent Claims 16 and 17
With respect to dependent claims 16 and 17, a corresponding reasoning as given earlier for dependent claims 4 and 5 applies, mutatis mutandis, to the subject matter of claims 16 and 17. Therefore, claims 16 and 17 are rejected, for similar reasons, under the grounds set forth for claims 4 and 5.
Regarding Dependent Claim 20
With respect to dependent claim 20, a corresponding reasoning as given earlier for claim 4 applies, mutatis mutandis, to the subject matter of claim 20. Therefore, claim 20 is rejected, for similar reasons, under the grounds set forth for claim 4.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP 
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to D'ARCY WINSTON STRAUB whose telephone number is (303)297-4405. The examiner can normally be reached Monday-Friday 9:00-5:00 Mountain Time.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, ASHOKKUMAR B PATEL can be reached on (571)272-3972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.




/D'Arcy Winston Straub/Examiner, Art Unit 2491                                                                                                                                                                                                        


/ASHOKKUMAR B PATEL/Supervisory Patent Examiner, Art Unit 2491