DETAILED ACTION
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
This Office Action is in response to the communication filed on 12/07/2021.
Claims 3, 5 and 15 have been canceled.
Claims 1, 4, 6-14, 16-18 and 20 have been amended.
Claims 1-2, 4, 6-14 and 16-20 are pending for consideration.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
The objection of Claims 4, 14 and 20 has been withdrawn as the claims have been amended as suggested.
Applicant's arguments filed 12/7/2021 have been fully considered but they are not persuasive.
a) Applicant argues on pages 12-15 of the Remarks that GROCUTT does not disclose or suggest the limitation “an entropy spreading circuit configured to combine the random number with the identifier to create the key value and performing multiple 
In response to the above argument, Examiner respectfully disagrees.  GROCUTT teaches the random value (see paragraph 0102, “a random value 86, which may a true random number or pseudo random number. The (pseudo) random number may be derived from at least one of: a per-logical processor (pseudo) random number 89 which is different for each logical processor; a per-physical processor (pseudo) random number 90 which is different for each physical processor core; and a system (pseudo) random number”) and identifier to create the key value (see paragraph 0104, “by generating the key for the encoding operation (and reverse encoding operation if necessary) based on one or more identifiers 80-85, 88 associated with the current execution environment, and optionally based on further parameters such as random numbers of software-defined values, two different execution environments with different privilege levels are unlikely to have the same key and so it is hard for the attacker to train the branch predictor in one execution environment to trick an execution environment with greater data access privilege into branching to malicious code which may lead to exposure of secure data”).  GROCUTT further teaches that the key is generated based on a one-way transformation by applying at least one key input parameter and other inputs such as a random number (see paragraph 0105).  GROCUTT teaches the hashing technique/algorithm (i.e., one-way transformation) but has no details how it works.  However, a person having ordinary skill in the art can select one of hashing techniques to implement the teaching of GROCUTT, such as SHA-1.  SHA-1 is a well-known hashing technique/algorithm that uses loops and .

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1-2, 4, 6-14 and 16-20 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by GROCUTT et al. (US 20190166158) (hereinafter GROCUTT).
	Extrinsic evidence Jeffrey Hoffstein et al. (NPL U: “An Introduction to Mathematical Cryptography”, pages 467-468, dated 2008, downloaded on 2/17/2022 from the Internet URL https://books.google.com/books?id=z2SBIhmqMBMC&printsec=frontcover&source=gbs_ge_summary_r&cad=0#v=onepage&q&f=false, hereinafter Hoffstein) is used to support the rejection of claims 1-2, 4, 6-14 and 16-20.
Regarding claim 1, GROCUTT discloses an apparatus comprising: a context-specific encryption key circuit configured to generate a key value (GROCUTT: see figure 5 
    PNG
    media_image1.png
    530
    836
    media_image1.png
    Greyscale
. //examiner remark: a key is generated as shown in figure 5), that is specific to a context of a set of instructions (GROCUTT: paragraphs 0021 and 0104, “by generating the key for the encoding operation (and reverse encoding operation if necessary) based on one or more identifiers 80-85, 88 associated with the current execution environment, and optionally based on further parameters such as random numbers of software-defined values, two different execution environments with different privilege levels are unlikely to have the same key and so it is hard for the attacker to train the branch predictor in one execution environment to trick an execution environment with greater data access privilege into branching to malicious code which he context-specific encryption key circuit comprising: a random number generator circuit configured to generate a random number (GROCUTT: paragraph 0102, “a random value 86, which may a true random number or pseudo random number. The (pseudo) random number may be derived from at least one of: a per-logical processor (pseudo) random number 89 which is different for each logical processor; a per-physical processor (pseudo) random number 90 which is different for each physical processor core; and a system (pseudo) random number”); an identifier associated with the set of instructions (GROCUTT: paragraph 0104, “by generating the key for the encoding operation (and reverse encoding operation if necessary) based on one or more identifiers 80-85, 88 associated with the current execution environment, and optionally based on further parameters such as random numbers of software-defined values, two different execution environments with different privilege levels are unlikely to have the same key and so it is hard for the attacker to train the branch predictor in one execution environment to trick an execution environment with greater data access privilege into branching to malicious code which may lead to exposure of secure data”); and an entropy spreading circuit configured to combine the random number with the identifier to create the key value and performing multiple iterations of combining to create the key value in which each iteration includes an output of a prior iteration as an input to a current iteration (GROCUTT: see figure 5; and paragraphs 0104-0105, “the key could be based on a one-way transformation applied to at least one key input parameter, where the at least one key input parameter includes at least one value associated with the current execution environment (e.g. the ASID, VMID, or exception level discussed above), but performing multiple iterations of combining to create the key value in which each iteration includes an output of a prior iteration as an input to a current iteration]); a target address prediction circuit configured to provide a target address for a next instruction in the set of instructions (GROCUTT: paragraphs 0034, 0043, 0106 and 0125, “the branch prediction circuitry may receive a query value comprising an indication of an instruction address of an instruction for which a branch prediction is to be made and perform a search using the query value. The search may for example identify whether the branch prediction circuitry stores any branch prediction state entry that is relevant to one or more instructions corresponding to the instruction address is specified by the query value”); a target address memory configured to store an encrypted version of the target address, wherein the target address is encrypted using, at least in part, the key value (GROCUTT: paragraphs 0045, 0058, 0060, 0067-0069 and 0125, “the branch prediction circuitry may comprise a branch target prediction structure comprising a plurality of branch target entries, each branch target entry specifying at least a branch target address. The coding circuitry may comprise encryption circuitry to encrypt at least part of a new branch target entry to be an instruction fetch circuit configured to decrypt the target address using, at least in part, the key value, and retrieve the target address (GROCUTT: see figure 12 
    PNG
    media_image2.png
    358
    691
    media_image2.png
    Greyscale
; and paragraphs 0068, 0070, 0074 “the tag information could be encrypted, in addition to (or instead of) encrypting the branch information which is indicative of the branch target address”, 0077 and 0125, “decryption circuitry 176 for decrypting branch information read from the branch target prediction structure, based on the encryption key associated with the current execution context. Key generating circuitry 179 (e.g. a linear feedback shift register or other random number generator) may generate keys from time to time for each context. Branch target prediction circuitry 178 (which may corresponding to the branch prediction control logic 150 of FIG. 8 as well as any cache access circuitry associated with the branch target prediction structure 142, 146 for generating target tag values and looking up the branch target entries to identify branch 
Regarding claim 2, GROCUTT further discloses wherein the target address memory includes a branch target buffer (GROCUTT: see figure 8, item 142 //examiner remark: BTB 142 is a branch target buffer 
    PNG
    media_image3.png
    553
    707
    media_image3.png
    Greyscale
; and paragraphs 0024 and 0107, “another example of a branch predictor 4, which includes a branch direction predictor (BDP) 140 for predicting whether branch 
Regarding claim 4, GROCUTT further discloses wherein the identifier includes value selected from a set including: a process identifier, a virtual machine identifier, a privilege level, kernel identifier, and a security state value
Regarding claim 6, GROCUTT further discloses wherein the target address prediction circuit is configured to: encrypt the target address using, at least in part, a stream cipher and the key value, and store the encrypted version of the target address within the target address memory (GROCUTT: see figure 12
    PNG
    media_image2.png
    358
    691
    media_image2.png
    Greyscale
; and paragraph 0125, “The branch target prediction structure 142, 146 is provided with encryption circuitry 174 for encrypting branch information to be written to the branch target prediction structure, based on an encryption key associated with a current execution context, and decryption circuitry 176 for decrypting branch information read from the branch target prediction structure, based on the encryption key associated with the current execution context.”).
Regarding claim 7, GROCUTT further discloses wherein the target address is encrypted such that, if an incorrect key value is employed in an attempt to decrypt the encrypted target address, a false target address is recovered (GROCUTT: paragraphs 0064, 0066, 0069, 0119 and 0134, “if one execution 
Regarding claim 8, GROCUTT further discloses wherein the target address prediction circuit is configured to generate branch bias information that is associated with the target address, and wherein the branch bias information is not encrypted (GROCUTT: paragraphs 0035 and 0059, “A branch prediction mechanism would normally be regarded as a performance-enhancing mechanism whose mispredictions are not critical to the security of data processed by the system but merely affect the level of performance achieved. Therefore, one would not normally expect security measures to be necessary to protect the contents of a branch predictor.”).
Regarding claim 9, GROCUTT further discloses a system comprising: an execution unit circuit to process an instruction associated with a first program (GROCUTT: paragraphs 0088 and 0106, “generating a series of fetch addresses of instructions to be fetched”); and an instruction fetch circuit configured to retrieve, via branch prediction, the instruction at a target address associated with a first program provide the instruction to the execution unit, wherein the instruction fetch circuit is further configured to encrypt the target address such that a malicious second program is unable to read a correct decrypted version of the target address (GROCUTT: see figure 12 
    PNG
    media_image2.png
    358
    691
    media_image2.png
    Greyscale
; and paragraphs 0069 and 0125, “the branch information would be decrypted using a key associated with the other execution environment, so would not indicate the same branch target address as the one originally provided by the execution environment which allocated the entry. As normally one would think of a branch predictor as a purely 
Regarding claim 10, GROCUTT further discloses wherein instruction fetch circuit is configured to prevent the second program from correctly reading the target address if the second program attempts to exploit a Spectre-class speculative execution flaw
Regarding claim 11, GROCUTT further discloses wherein the instruction fetch circuit comprises: a context-specific encryption key circuit configured to generate a key value (GROUCUTT: see figure 5 
    PNG
    media_image1.png
    530
    836
    media_image1.png
    Greyscale
), wherein the key value is specific to a context of a set of instructions, and a target address memory configured to store an encrypted version of the target address (GROCUTT: paragraphs 0045, 0058, 0060, 0067-0069 and 0125, “the branch prediction circuitry may comprise a branch target prediction structure comprising a plurality of branch target entries, each branch target entry specifying at least a branch target address. The coding circuitry may comprise encryption circuitry to encrypt at least part of a new branch target entry to be written to the branch target prediction structure, using an encryption key associated with the current execution environment.”), wherein the target address is encrypted using, at least in part, the key value (GROCUTT: see 
    PNG
    media_image2.png
    358
    691
    media_image2.png
    Greyscale
); and wherein the instruction fetch circuit is configured to decrypt the target address using, at least in part, the key value
Regarding claim 12, GROCUTT further discloses wherein the target address memory includes a return address stack (GROCUTT: paragraphs 0064, 0087 and 0124, “This can lead to false positive hits in the branch target prediction structure, so that an incorrect branch target address may sometimes be returned and hence a branch misprediction may cause the wrong instructions to be executed following the branch”… “These instructions could for example include memory access instructions which compute their target memory address using the secret information which the attacker wishes to gain access to. The data loaded into the cache 30, 32 by the memory access instructions may therefore depend on the secret information. Even if eventually the branch misprediction is identified, and so the architectural state in registers 14 of the processor pipeline 2 is rewound to the point before the sequence of instructions was mispredicted and speculatively executed by the victim process 3, the data loaded from memory by the incorrect speculatively executed instructions may still persist in the cache 30, 32”).
Regarding claim 13, this claim recites the context-specific encryption key circuit to perform the steps as recited by the apparatus of claim 3 and has limitations that are similar to claim 3, thus is rejected with the same rationale applied against claim 3.
Regarding claim 14, this claim recites the context-specific encryption key circuit to perform the steps as recited by the apparatus of claim 4 and has limitations that are similar to claim 4, thus is rejected with the same rationale applied against claim 4.
Regarding claim 16, this claim recites the context-specific encryption key circuit to perform the steps as recited by the apparatus of claim 6 and has limitations that are similar to claim 6, thus is rejected with the same rationale applied against claim 6.
Regarding claim 17, claim 17 discloses a method claim that is substantially equivalent to the apparatus of claim 1 and the system of claim 9.  Therefore, the arguments set forth above with respect to claims 1 and 9 are equally applicable to claim 17 and rejected for the same reasons.
Regarding claim 18, GROCUTT further discloses comprising: reading the instruction address within a target address memory, wherein reading comprises decrypting the encrypted version of the instruction address using, at least in part, the context-specific encryption key value (GROCUTT: paragraphs 0077 and 0125, “decryption circuitry 176 for decrypting branch information read from the branch target prediction structure, based on the encryption key associated with the current execution context. Key generating circuitry 179 (e.g. a linear feedback shift register or other random number generator) may generate keys from time to time for each context. Branch target prediction circuitry 178 (which may corresponding to the branch prediction control logic 150 of FIG. 8 as well as any cache access circuitry associated with the branch target prediction structure 142, 146 for generating target tag values and looking up the branch target entries to identify branch information for a given instruction fetch address) may generate a target tag from the instruction fetch address (e.g. using the region table 148), and control the branch target prediction structure to output the encrypted branch information if there is a hit in the branch target prediction structure”).
Regarding claim 19, GROCUTT further discloses wherein the second stream of instructions is configured to exploit a Spectre-class speculative execution flaw (GROCUTT: paragraphs 0066, 0069 and 0106, “As normally one would think of a branch predictor as a purely performance-enhancing measure which does not affect 
Regarding claim 20, GROCUTT further discloses wherein generating a context-specific encryption key value includes utilizing and identifier associated with the first stream of instructions, wherein the identifier includes value selected from a set including: a process identifier, a virtual machine identifier, a privilege level, kernel identifier, and a security state value (GROCUTT: paragraphs 0048-0056, “the key may be based on any combination of one or more of the following: [0049] exception level (distinguishing between different modes of operation, for example user mode, kernel mode, hypervisor mode); [0050] privilege level (distinguishing between different execution permissions); [0051] ASID (address space ID--distinguishing different application-level execution contexts); [0052] VMID (virtual machine ID--distinguishing different operating-system or virtual-machine level execution contexts or applications .

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure is listed.
Gellerich (US 11099851) discloses “examples of techniques for branch prediction for indirect branch instructions are described herein. An aspect includes detecting a first register setting instruction in an instruction pipeline of a processor, wherein the first register setting instruction stores a target instruction address in a first register of the processor. Another aspect includes looking up the first register setting instruction in a first table. Another aspect includes, based on there being a hit for the first register setting instruction in the first table, determining instruction address data corresponding to a first indirect branch instruction that is associated with the first register setting instruction in a first entry in the first table. Another aspect includes updating a branch prediction for the first indirect branch instruction in a branch prediction logic of the processor based on the target instruction address”.
SUkhomlonov (US 10929535) discloses “the systems and methods described herein provide perturbation circuitry that includes perturbation selector circuitry and perturbation block circuitry. The perturbation selector circuitry detects a potential attack by monitoring the performance/timing data generated by the processor. Upon detecting an attack, the perturbation selector circuitry determines a variable quantity of uncertainty to introduce to the externally accessible system data. The perturbation block circuitry adds the determined uncertainty into the externally accessible system data. The added uncertainty may be based on the frequency or interval of the event occurrences indicative of an attack”.-
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TRANG T DOAN whose telephone number is (571)272-0740.  The examiner can normally be reached on Monday-Friday 7-4 ET.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn D Feild can be reached on (571)272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/TRANG T DOAN/Primary Examiner, Art Unit 2431