Notice of Pre-AIA  or AIA  Status
The previous non-final rejection, mailed on 01/27/2022, has been withdrawn. 
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is the responsive to the communication filed on 05/29/202.
Applicant argued that prior arts Killick and Cao prior art were not cited in the PTO-892, Examiner has included in there. 


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.



Claims 1-9,11,13-21, and 24-25 are rejected under 35 U.S.C. 103 as being unpatentable over Abu-Amara US 2008/0298579 (hearafter Amara) in vides of Suarez et al US 2006/0291664.

 	As per claim 1, Amara discloses a method for providing public API authentication by an API server, comprising: 
, i.e. a received Temporary Key (TK), 114 from peer 1, peer 160 proceeds to compute the cryptographic hash of identifier_public_large 114  ); 
 	validating the received TK using the Fn2 hash function with the Session ID and one of an Initial Key (IK) and a current Partial Key (PK) (par 0032  At step 404, peer 160 can determine , i.e. validating, if Hash[identifier_public_large] equals identifier_public 115. In particular, peer 160 can locally determine if the hash-value (e.g. 60 bit number) produced from the hashing of identifier_public_large 114 equals the value of the identifier_public 115 (e.g. 60 bit number) received earlier in the public-key pair 120.); 
 	when the validating the received TK is completed successfully, sending to the client a Partial Key (PK), the PK being calculated using a PK hash function (Fn1) with the User ID and a slot generated random key (Slot Gen Key), the Fn1 hash function being different from the Fn2 hash function ([0032] At step 404, peer 160 can determine if Hash[identifier_public_large] equals identifier_public 115. In particular, peer 160 can locally determine if the hash-value (e.g. 60 bit number) produced from the hashing of identifier_public_large 114 equals the value of the identifier_public 115 (e.g. 60 bit number) received earlier in the public-key pair 120. If the hash-value produced from the hashing operation does not match the public-key value 115 (e.g. identifier_public), peer 160 determines that the public-key pair 120 <i, hv> does not correspond to the 
 	receiving from the client an API request for an API service, the API request having the User ID, the Session ID, Fn2 version, and a received Authorization Key (AK), the Fn2 version defining the Fn2 hash function used to create the AK ([0034] Upon receiving the unique data set from peer 1, peer 160 selects a first subset and a second subset from the unique dataset. At step 408, peer 160 chooses a random subset of the received k values, and informs peer 110 at step 409 of the first subset and second subset selected. The subset identifies the random values selected for the particular subset); 
 	validating the received AK using the Fn2 hash function with the Session ID and the Partial Key (PK) ( [0039] If at step 415 the square of the first reply mod n is equal to [[(v) (r.sub.i).sup.2] mod (n)] (i.e. step 413) and the square of the second reply mod n is equal to [(r.sub.i).sup.2 mod (n)] (i.e. step 414), peer 160 validates the identifier_name, i, of peer 110 contained in the public-key pair <i, hv> as shown in step 417. If not, peer 160 invalidates the identifier_name of peer 110 at step 416.); and 
 	when the validating the received AK is completed successfully, sending to the client a successful response from the API service requested by the client (par 0039 (i.e. step 414), peer 160 validates the identifier_name, i, of peer 110 contained in the public-key pair <i, hv> as shown in step 417. If not, peer 160 invalidates the identifier_name of peer 110 at step 416).  

 	Abu-Amara does not explicitly disclose a Client/App hash function (Fn2) used to create the TK.
 	Suarez discloses a Client/App hash function (Fn2) used to create the TK ([0049] A partial key label is preferably also provided for each key. The partial key label is similar to the key label  and 0050 The encrypting application 16 then retrieves the partial key label for the data key 22 used in the encryption, and passes the encrypted data).
 	
  Therefore, it would have been obvious before the effective filing date of the claimed invention to implement the claimed invention by modifying a method of hashing of the identifier of Abu-Amara, based on the teaching of obtaining partial key of Suarez, because doing so would provide keys must be accessible to the respective applications to control the key for the specific application (par 0024).


 	As per claim 2, Abu-Amara in view of Suarez discloses the method of claim 1, Abu-Amara discloses further comprising after receiving from the client an API request for an API service, re-creating the PK using the PK hash function (Fn1) with the User ID and the slot generated random key (Slot Gen Key), as a re-created PK, and wherein the validating the received AK using the Fn2 hash function uses the re-created PK as the PK ( par 0006 The system can include a first peer to locally create a secret key, s, and use the secret key to produce a public-key pair <i, hv> comprising an identifier name, i, and a small public-key, hv, and a second peer to locally authenticate the identifier name of the public-key pair by requesting the first peer to produce a unique dataset that does not reveal the secret-key and yet validates that the public-key pair was generated with the secret-key when the large public-key is applied to a portion of the unique dataset without using an external authentication system.).  

 	As per claim 3, Abu-Amara in view of Suarez discloses the method of claim 2, Abu-Amara discloses wherein the Slot Gen Key comprises a current slot generated random key (Slot1) and a previous slot generated random key (Slot2), and the re-creating the PK comprises creating a Slot1-based re-created PK (Slot1 PK) 248386-0026 (19-DIS-300) and a Slot2-based re-created PK (Slot2 PK), and the validating the received AK uses the Slot1 PK and the Slot2 PK (par 0022 [0022] Each peer in the P2P network can create a secret key, s, 112 that is held in confidence by the peer. The secret key 112 can be used to generate the public-key pair 120 that is publicly shared with other peers in the P2P network. The public-key pair 120 can be used by other peers in the network to validate an identify of the peer corresponding to the public-key pair 120. For example, peer 110 can locally create the identifier name 113 (e.g. also called identifier_name) and locally create the secret key 112 (e.g. also called identifier_secret). From the secret key 112, peer 110 can locally generate a large public identifier 114, v, that is then cryptographically hashed to produce a small public-key 115 (e.g. also called identifier_public, hv). Peer 110 then combines the identifier_name 113, i, with the small public-key 115, hv, to produce the unique public-key pair <i,hv> 120. The public-key pair 120 is made public to peers such as peer 160 in the P2P network, which can then verify the identify of peer 110 in accordance with the methods herein set forth. In the current illustration, peer 160 authenticates peer 110 from the public-key pair 120 by requesting the peer 110 to produce a unique data set using the secret key 112, and comparing the unique data set to a second unique data generated by peer 160 from a portion of the produced unique data set using the modulus operator, v 114. This allows peer 160 to verify the identifier name of the peer 110 without using an external authentication system ). 
 
 	As per claim 4, Abu-Amara in view of Suarez discloses the method of claim 1 Abu-Amara discloses wherein the validating the received TK comprises calculating a "confirming" Temporary Key (TK) using the Fn2 hash function with the Session ID and one of the Initial Key (IK) and the current Partial Key (PK), and validating the received TK matches the confirming TK ( [0024] At step 202, peer 110 chooses an arbitrary number that is called the identifier_secret 112 which is at least K bits in length. The identifier_secret is held in confidence by peer 110 and is not shared with any other peers; that is, it is secret and not revealed to other peers. The number of bits K equals the number of bits of n, wherein n is the public-key modulus 111 of the peer. For example, if the peers in the P2P network 100 use 1023 bits for n, then K is also 1023 bits in length).  

 	As per claim 5, Abu-Amara in view of Suarez discloses the method of claim 1 Abu-Amara discloses wherein the validating the received AK comprises calculating a "confirming" Authorization Key (AK) using the Fn2 hash function with the Session ID and the Partial Key (PK), and validating the received AK matches the confirming AK ( [0025] At step 204, peer 110 applies a modulus operator to the identifier_secret 112 to produce identifier_public_large 114. The modulus operator is a mathematical operation defined as x.sup.2 mod n, wherein x is the identifier_secret 112 and n is the public-key modulus 111. More specifically identifier_public_large=(identifier_secret).sup.2 mod n, where n corresponds to the value of the public-key modulus that is preconfigured in peer 110. Identifier_public_large 114 is a large public-key that can be used by other peers in the P2P network as a first level of authentication. It is large in the sense that identifier_public_large 114 requires a large number of bits to represent.).  

 	As per claim 6, Abu-Amara in view of Suarez discloses the method of claim 1, Abu-Amara discloses wherein the validating the received TK using the Fn2 hash function comprises using the Initial Key (IK) when a reset condition has occurred in the client ([0026] At step 206, peer 110 performs a cryptographic hash of the identifier_public_large 114 to produce identifier_public 115. The cryptographic hash is a hashing function that maps the larger value associated identifier_public_large 114 to a smaller value associated with identifier_public 115. Examples of cryptographic hashes include the well-known hash algorithms HMAC and SHA-1. The smaller public-key 115 can be more efficiently communicated in the P2P network 100 than the larger public-key 114. ).  

 	As per claim 7, Abu-Amara in view of Suarez discloses The method of claim 1, Abu-Amara discloses wherein the validating the TK comprises first validating using the current PK and, if validation matching does not occur, then validating using the Initial Key (IK) ([0027] At step 208, peer 110 reveals a public-key pair 120<identifier_name, identifier_public> consisting of the chosen identifier_name 113 and the small public-key 115 (e.g. identifier_public). As an example, the identifier_name 113 can be a sequence of digits and letters (e.g. "Alice) chosen by peer 1, and the identifier_public 115 can be the 10 character sequence (e.g. E678943T2U) produced from the hash. The public-key pair 120 can thus be represented by <Alice, E678943T2U> and shared amongst peers in the PTP network 100. ).  

 	As per claim 8, Abu-Amara in view of Suarez discloses the method of claim 1, Abu-Amara discloses wherein the slot generated random key (Slot Gen Key) comprises two slot generated random keys (par 0027 the public-key pair 120 can be presented by peer 110 when contacting peer 160 to allow peer 160 to validate the identity (e.g. identifier_name) of peer 110. In particular, peer 160 can use the public-key pair 120 as a first level of authenticating the identity of peer 1).  

 	As per claim 9, Abu-Amara in view of Suarez discloses the method of claim 1, Abu-Amara discloses wherein the slot generated random key (Slot Gen Key) is updated at a predetermined periodic Slot update rate ( par 0031 [0031] Upon parsing the identifier name 113 from the public-key pair 120, the peer 160 can proceed to perform a first level of authentication. In particular, peer 160 can validate that the smaller received public-key 115 (e.g. identifier_public) corresponds to the larger public-key 114 (e.g. identifier_public_large) held by peer 1. To do so, peer 160 at step 402 requests peer 110 to send the larger public-key 114 (e.g. identifier_public_large). ).  

 	As per claim 11, Abu-Amara in view of Suarez discloses the method of claim 1, Abu-Amara discloses wherein the Client/App hash function Fn2 version changes each time the Fn2 is used to be different from the prior version (par 0031 Upon receiving identifier_public_large 114 from peer 1, peer 160 proceeds to compute the cryptographic hash of identifier_public_large 114 as shown in step 403. The hash can be a hashing function such as a hash map or hash table that is available to all peers in the P2P network 100).  


 	As per claim 13, Abu-Amara in view of Suarez discloses the method of claim 1, Abu-Amara discloses wherein the Client/App hash function Fn2 version changes randomly each time the Fn2 is used ( par 0032 At step 404, peer 160 can determine if Hash[identifier_public_large] equals identifier_public 115. In particular, peer 160 can locally determine if the hash-value (e.g. 60 bit number) produced from the hashing of identifier_public_large 114 equals the value of the identifier_public 115 (e.g. 60 bit number) received earlier in the public-key pair 120).  

 	As per claim 14, Abu-Amara in view of Suarez discloses the method of claim 1, Abu-Amara discloses wherein the sending a successful response from the API service comprises providing data or content associated with the API request (par 0030 peer 110 can contact peer 160 by sending a message request to initiate a data sharing session which includes the public-key pair 120 (e.g. <Alice, E678943T2U>) which identifies the peer 110 as "Alice" with the corresponding smaller public identifier key 115 (e.g. identifier_public). Notably, peer 110 keeps the larger identifier_public_large 114 (e.g. 1023 bit value) which requires more bandwidth to communicate than the smaller identifier_public 115 (e.g. 60 bit value), and which is made available on request).  

 	As per claim 15, Amara discloses a method for providing public API authentication by a client, comprising: 
 	creating a random Session ID and a random User ID; obtaining a TK hash function (Fn2) version defining a TK hash function (Fn2); creating a Temporary Key (TK) using the TK Fn2 hash function with the Session ID and one of an Initial Key (IK) and a current Partial Key (PK) (( fig.4, 0031 peer 160 at step 402 requests peer 110 to send the larger public-key 114 (e.g. identifier_public_large). And  Upon receiving identifier_public_large , i.e. a received Temporary Key (TK), 114 from peer 1, peer 160 proceeds to compute the cryptographic hash of identifier_public_large 114   ); 
 	sending to an API server a PK request for a partial key, the PK request having the User ID, the Session ID, the TK Fn2 version, and the Temporary Key (TK), the TK Fn2 version defining the TK Fn2 hash function used to create the TK (par 0032  At step 404, peer 160 can determine , i.e. validating, if Hash[identifier_public_large] equals identifier_public 115. In particular, peer 160 can locally determine if the hash-value (e.g. 60 bit number) produced from the hashing of identifier_public_large 114 equals the value of the identifier_public 115 (e.g. 60 bit number) received earlier in the public-key pair 120 ); 
 	receiving from the API server the current Partial Key (PK) (([0032] At step 404, peer 160 can determine if Hash[identifier_public_large] equals identifier_public 115. In particular, peer 160 can locally determine if the hash-value (e.g. 60 bit number) produced from the hashing of identifier_public_large 114 equals the value of the identifier_public 115 (e.g. 60 bit number) received earlier in the public-key pair 120. If the hash-value produced from the hashing operation does not match the public-key value 115 (e.g. identifier_public), peer 160 determines that the public-key pair 120 <i, hv> does not correspond to the identifier_name, i, 113 claimed in the public-key pair <i, hv>. Accordingly, peer 160 invalidates the identity of peer 110 at step 416 );
  obtaining an AK hash function (Fn2) version defining an AK Fn2 hash function, the AK Fn2 hash function being different from the TK Fn2 hash function; creating an Authentication Key (AK) using the AK Fn2 hash function with the Session ID and the current Partial Key (PK) (([0034] Upon receiving the unique data set from peer 1, peer 160 selects a first subset and a second subset from the unique dataset. At step 408, peer 160 chooses a random subset of the received k values, and informs peer 110 at step 409 of the first subset and second subset selected. The subset identifies the random values selected for the particular subset); 
sending to the API server an API request for an API service, the API request having the User ID, the Session ID, the AK Fn2 version, and the Authentication Key (AK), the AK Fn2 version defining the AK Fn2 hash function used to create the AK ([0039] If at step 415 the square of the first reply mod n is equal to [[(v) (r.sub.i).sup.2] mod (n)] (i.e. step 413) and the square of the second reply mod n is equal to [(r.sub.i).sup.2 mod (n)] (i.e. step 414), peer 160 validates the identifier_name, i, of peer 110 contained in the public-key pair <i, hv> as shown in step 417. If not, peer 160 invalidates the identifier_name of peer 110 at step 416 ); and 
receiving from the API server a successful response for the requested API service (par 0039 (i.e. step 414), peer 160 validates the identifier_name, i, of peer 110 contained in the public-key pair <i, hv> as shown in step 417. If not, peer 160 invalidates the identifier_name of peer 110 at step 416 ).  
Abu-Amara does not explicitly disclose a Client/App hash function (Fn2) used to create the TK.
 	Suarez discloses a Client/App hash function (Fn2) used to create the TK ([0049] A partial key label is preferably also provided for each key. The partial key label is similar to the key label  and 0050 The encrypting application 16 then retrieves the partial key label for the data key 22 used in the encryption, and passes the encrypted data).
 	
   	Therefore, it would have been obvious before the effective filing date of the claimed invention to implement the claimed invention by modifying a method of hashing of the identifier of Abu-Amara, based on the teaching of obtaining partial key of Suarez, because doing so would provide keys must be accessible to the respective applications to control the key for the specific application (par 0024).


 	As per claim 16, Abu-Amara in view of Suarez discloses The method of claim 16, Abu-Amara discloses further comprising determining when a reset condition has occurred ( par 0006 The system can include a first peer to locally create a secret key, s, and use the secret key to produce a public-key pair <i, hv> comprising an identifier name, i, and a small public-key, hv, and a second peer to locally authenticate the identifier name of the public-key pair by requesting the first peer to produce a unique dataset).  

 	As per claim 17, Abu-Amara in view of Suarez discloses The method of claim 15, Abu-Amara discloses further comprising determining when a reset condition has occurred, wherein the reset condition occurs when at least one of the following events occurs: a new session has started, and a predetermined period of inactivity has occurred, and a predetermined period of continuous activity has occurred (par 0022 [0022] Each peer in the P2P network can create a secret key, s, 112 that is held in confidence by the peer. The secret key 112 can be used to generate the public-key pair 120 that is publicly shared with other peers in the P2P network. The public-key pair 120 can be used by other peers in the network to validate an identify of the peer corresponding to the public-key pair 120. For example, peer 110 can locally create the identifier name 113 (e.g. also called identifier_name) and locally create the secret key 112 (e.g. also called identifier_secret). From the secret key 112, peer 110 can locally generate a large public identifier 114, v, that is then cryptographically hashed to produce a small public-key 115 (e.g. also called identifier_public, hv). Peer 110 then combines the identifier_name 113, i, with the small public-key 115, hv, to produce the unique public-key pair <i,hv> 120. The public-key pair 120 is made public to peers such as peer 160 in the P2P network, which can then verify the identify of peer 110 in accordance with the methods herein set forth. In the current illustration, peer 160 authenticates peer 110 from the public-key pair 120 by requesting the peer 110 to produce a unique data set using the secret key 112 ).  

 	As per claim 18, Abu-Amara in view of Suarez discloses the method of claim 15, Abu-Amara discloses wherein the creating a Temporary Key (TK) comprises using the Initial Key (IK) when a reset condition has occurred ([0024] At step 202, peer 110 chooses an arbitrary number that is called the identifier_secret 112 which is at least K bits in length. The identifier_secret is held in confidence by peer 110 and is not shared with any other peers; that is, it is secret and not revealed to other peers. The number of bits K equals the number of bits of n, wherein n is the public-key modulus 111 of the peer ).  

 	As per claim 19, Abu-Amara in view of Suarez discloses the method of claim 15, Abu-Amara discloses further comprising creating the TK with the current PK and sending the PK request at a predetermined PK polling time period, wherein the PK polling time period is less than a PK update rate of the API Server ([0025] At step 204, peer 110 applies a modulus operator to the identifier_secret 112 to produce identifier_public_large 114. The modulus operator is a mathematical operation defined as x.sup.2 mod n, wherein x is the identifier_secret 112 and n is the public-key modulus 111. More specifically identifier_public_large=(identifier_secret).sup.2 mod n, where n corresponds to the value of the public-key modulus that is preconfigured in peer 110. Identifier_public_large 114 is a large public-key that can be used by other peers in the P2P network as a first level of authentication ).  

 	As per claim 20, Abu-Amara in view of Suarez discloses the method of claim 15, Abu-Amara discloses wherein the receiving a successful response for the requested API service comprises receiving data or content associated with the API request ( 0026] At step 206, peer 110 performs a cryptographic hash of the identifier_public_large 114 to produce identifier_public 115. The cryptographic hash is a hashing function that maps the larger value associated identifier_public_large 114 to a smaller value associated with identifier_public 115).  

 	As per claim 21, Abu-Amara in view of Suarez discloses the method of claim 15, Abu-Amara discloses wherein the TK hash function Fn2 version and the AK hash function Fn2 version changes each time the Fn2 hash function is used to be different from the prior version ( ([0027] At step 208, peer 110 reveals a public-key pair 120<identifier_name, identifier_public> consisting of the chosen identifier_name 113 and the small public-key 115 (e.g. identifier_public). As an example, the identifier_name 113 can be a sequence of digits and letters (e.g. "Alice) chosen by peer 1, and the identifier_public 115 can be the 10 character sequence (e.g. E678943T2U) produced from the hash. The public-key pair 120 can thus be represented by <Alice, E678943T2U> and shared amongst peers in the PTP network 100.  ).  


 	As per claim 24, Amara discloses A method for providing public API authentication by an API server, comprising: 
receiving from a client a PK request for a partial key, the PK request having a User ID, a Session ID, a Client/App hash function (Fn2) version, and a received Temporary Key (TK), the Fn2 version defining a Client/App hash function (Fn2) used to create the TK (fig.4, 0031 peer 160 at step 402 requests peer 110 to send the larger public-key 114 (e.g. identifier_public_large). And  Upon receiving identifier_public_large , i.e. a received Temporary Key (TK), 114 from peer 1, peer 160 proceeds to compute the cryptographic hash of identifier_public_large 114   );
 validating the received TK using the Fn2 hash function with the Session ID and one of an Initial Key (IK) and a current Partial Key (PK) (par 0032  At step 404, peer 160 can determine , i.e. validating, if Hash[identifier_public_large] equals identifier_public 115. In particular, peer 160 can locally determine if the hash-value (e.g. 60 bit number) produced from the hashing of identifier_public_large 114 equals the value of the identifier_public 115 (e.g. 60 bit number) received earlier in the public-key pair 120 ); 
when the validating the received TK is completed successfully, sending to the client a Partial Key (PK), the PK being calculated using a PK hash function (Fn1) with the User ID and a slot generated random key (Slot Gen Key) (([0032] At step 404, peer 160 can determine if Hash[identifier_public_large] equals identifier_public 115. In particular, peer 160 can locally determine if the hash-value (e.g. 60 bit number) produced from the hashing of identifier_public_large 114 equals the value of the identifier_public 115 (e.g. 60 bit number) received earlier in the public-key pair 120. If the hash-value produced from the hashing operation does not match the public-key value 115 (e.g. identifier_public), peer 160 determines that the public-key pair 120 <i, hv> does not correspond to the identifier_name, i, 113 claimed in the public-key pair <i, hv>. Accordingly, peer 160 invalidates the identity of peer 110 at step 416.); 
receiving from the client an API request for an API service, the API request having the User ID, the Session ID, Fn2 version, and a received Authorization Key (AK), the Fn2 version defining the Client/App hash function (Fn2) used to create the AK (([0034] Upon receiving the unique data set from peer 1, peer 160 selects a first subset and a second subset from the unique dataset. At step 408, peer 160 chooses a random subset of the received k values, and informs peer 110 at step 409 of the first subset and second subset selected. The subset identifies the random values selected for the particular subset );
 	 re-creating the PK using the PK hash function (Fn1) with the User ID and the slot generated random key (Slot Gen Key), as a re-created PK ([0039] If at step 415 the square of the first reply mod n is equal to [[(v) (r.sub.i).sup.2] mod (n)] (i.e. step 413) and the square of the second reply mod n is equal to [(r.sub.i).sup.2 mod (n)] (i.e. step 414), peer 160 validates the identifier_name, i, of peer 110 contained in the public-key pair <i, hv> as shown in step 417. If not, peer 160 invalidates the identifier_name of peer 110 at step 416 );
 validating the received AK using the Fn2 hash function with the Session ID and the re-created PK ( par 0039 (i.e. step 414), peer 160 validates the identifier_name, i, of peer 110 contained in the public-key pair <i, hv> as shown in step 417. If not, peer 160 invalidates the identifier_name of peer 110 at step 416); and 
when the validating the received AK is completed successfully, sending to the client a successful response from the API service requested by the client ( par 0039 (i.e. step 414), peer 160 validates the identifier_name, i, of peer 110 contained in the public-key pair <i, hv> as shown in step 417. If not, peer 160 invalidates the identifier_name of peer 110 at step 416).  

 	Abu-Amara does not explicitly disclose a Client/App hash function (Fn2) used to create the TK.
  	Suarez discloses a Client/App hash function (Fn2) used to create the TK ([0049] A partial key label is preferably also provided for each key. The partial key label is similar to the key label  and 0050 The encrypting application 16 then retrieves the partial key label for the data key 22 used in the encryption, and passes the encrypted data).
 	
  	 Therefore, it would have been obvious before the effective filing date of the claimed invention to implement the claimed invention by modifying a method of hashing of the identifier of Abu-Amara, based on the teaching of obtaining partial key of Suarez, because doing so would provide keys must be accessible to the respective applications to control the key for the specific application (par 0024).


 	As per claim 25, Abu-Amara in view of Suarez discloses The method of claim 24, Amara discloses wherein the Slot Gen Key comprises a current slot generated random key (Slot1) and a previous slot generated random key (Slot2), and the re-creating the PK comprises creating a Slot1-based re-created PK (Slot1 PK) and a Slot2-based re-created PK (Slot2 PK), and the validating the received AK uses the Slot1 PK and the Slot2 PK (par 0006 The system can include a first peer to locally create a secret key, s, and use the secret key to produce a public-key pair <i, hv> comprising an identifier name, i, and a small public-key, hv, and a second peer to locally authenticate the identifier name of the public-key pair by requesting the first peer to produce a unique dataset that does not reveal the secret-key and yet validates that the public-key pair was generated with the secret-key when the large public-key is applied to a portion of the unique dataset without using an external authentication system ).


Claims 10 and 23  are rejected under 35 U.S.C. 103 as being unpatentable over Abu-Amara US 2008/0298579 in vides of Suarez et al US 2006/0291664 in view of Killick et al US 10,299005.

 	As per claim 10, Abu-Amara in view of Suarez discloses the method of claim 9, the combination fails to discloses, Suares discloses0027,  rotating or refreshing the keys 22. Fails to discloses  wherein the Slot update rate is about 30 minutes.  
 	However, Killick discloses wherein the Slot update rate is about 30 minutes (claim 5,  wherein the keys associated with each linear channel that comprises the LOD channels are updated at least every thirty minutes and re-transmitted to the LOD client.).  
   	Therefore, it would have been obvious before the effective filing date of the claimed invention to implement the claimed invention by modifying a method of hashing of the identifier of Abu-Amara, based on the teaching of obtaining partial key of Suarez,  based on teaching of updating the key in every thirty minutes of Killick, because doing so would provide the control of the key.
 
 	As per claim 23, Abu-Amara in view of Suarez discloses the method of claim 1, Suares discloses 0027,  rotating or refreshing the keys 22. Fails to discloses   
wherein the TK hash function Fn2 version and the AK hash function Fn2 version changes randomly each time the Fn2 hash function is used.  

 	However, Killick discloses wherein the TK hash function Fn2 version and the AK hash function Fn2 version changes randomly each time the Fn2 hash function is used(claim 5,  wherein the keys associated with each linear channel that comprises the LOD channels are updated at least every thirty minutes and re-transmitted to the LOD client.).  
   	Therefore, it would have been obvious before the effective filing date of the claimed invention to implement the claimed invention by modifying a method of hashing of the identifier of Abu-Amara, based on the teaching of obtaining partial key of Suarez,  based on teaching of updating the key in every thirty minutes of Killick, because doing so would provide the control of the key.

Claims 12 and 22 are rejected under 35 U.S.C. 103 as being unpatentable over Abu-Amara US 2008/0298579 in vides of Suarez et al US 2006/0291664 in view of Cao et al US 2008/0016333.

 	As per claim 12, Abu-Amara in view of Suarez discloses the method of claim 11,  the combination does not disclose wherein the number of different Fn2 versions is at least 3.   
 	 However, Cao discloses wherein the number of different Fn2 versions is at least 3 ( par 0040 The authentication server 210 maintains a system security key and at least three hash functions that are stored in a memory module 214.).  
 	Therefore, it would have been obvious before the effective filing date of the claimed invention to implement the claimed invention by modifying a method of hashing of the identifier of Abu-Amara, based on the teaching of obtaining partial key of Suarez,  based on teaching of  three hash function for the key of Cao, because doing so would provide secure authentication process( par 0040).

 	As per claim 22, Abu-Amara in view of Suarez discloses the method of claim 11, the combination does not disclose wherein the number of different TK hash function Fn2 version and the AK hash function Fn2 versions is at least 3.  
  	However, Cao discloses  wherein the number of different TK hash function Fn2 version and the AK hash function Fn2 versions is at least 3 ( par 0040 The authentication server 210 maintains a system security key and at least three hash functions that are stored in a memory module 214.).  
 	Therefore, it would have been obvious before the effective filing date of the claimed invention to implement the claimed invention by modifying a method of hashing of the identifier of Abu-Amara, based on the teaching of obtaining partial key of Suarez,  based on teaching of  three hash function for the key of Cao, because doing so would provide secure authentication process( par 0040).

 	

 					Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Lee et al US 2011/0107087 discloses  A method for refreshing a Master Session Key (MSK) in a wireless communication system, the method comprising: when receiving a first Media Access Control (MAC) message comprising MSK refresh indication information from a Base Station (BS), generating, by a Mobile Station (MS), Extended Master Session Key (EMSK)_Hash by applying a hash function to an EMSK and sending a second MAC message comprising the EMSK_Hash; sending, by the BS, a context request message comprising the EMSK_Hash to an Access Service Network GateWay (ASN-GW); sending, by the ASN-GW, an authentication request message comprising the EMSK_Hash to an authentication server; when receiving the authentication request message comprising the EMSK_Hash, confirming, by the authentication server, the same EMSK as the MS based on the EMSK_Hash, determining an MSK1 using the EMSK, and sending an authentication accept message comprising the MSK1 to the ASN-GW; and sending, by the ASN-GW, a context report message comprising an Authorization Key (AK) context to the BS.
12. A wireless communication system comprising: a Mobile Station (MS) for, when receiving a first Media Access Control (MAC) message comprising Master Session Key (MSK) refresh indication information from a Base Station (BS), generating an Extended Master Session Key (EMSK)_Hash by applying a hash function to an EMSK and sending a second MAC message comprising the EMSK_Hash; the BS for sending a context request message comprising the EMSK_Hash to an Access Service Network GateWay (ASN-GW); the ASN-GW for sending an authentication request message comprising the EMSK_Hash to an authentication server, and when receiving an authentication accept message comprising an MSK1 from the authentication server, sending a context report message comprising an Authorization Key (AK) context to the BS; and the authentication server for, when receiving the authentication request message comprising the EMSK_Hash from the ASN-GW, confirming the same EMSK as the MS based on the EMSK_Hash, determining the MSK1 using the EMSK, and sending the authentication accept message comprising the MSK1 to the ASN-GW.


Any inquiry concerning this communication or earlier communications from the examiner should be directed to ABU S SHOLEMAN whose telephone number is (571)270-7314. The examiner can normally be reached EST: 9am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JORGE ORTIZ CRIADO can be reached on 571-272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/ABU S SHOLEMAN/Primary Examiner, Art Unit 2496